pre.premiumtax.credit Open in urlscan Pro
2600:9000:2140:ea00:0:29f7:580:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pre.premiumtax.credit/
Submission: On November 23 via api (November 23rd 2023, 12:09:39 pm UTC) from US — Scanned from US

Summary HTTP 69 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 16 domains to perform 69 HTTP transactions. The main IP is 2600:9000:2140:ea00:0:29f7:580:93a1, located in United States and belongs to AMAZON-02, US. The main domain is pre.premiumtax.credit.
TLS certificate: Issued by Amazon RSA 2048 M02 on November 20th 2023. Valid for: a year.

This is the only time pre.premiumtax.credit was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2600:9000:214... 2600:9000:2140:ea00:0:29f7:580:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:80e::2008	15169 (GOOGLE) (GOOGLE)
7	23.44.203.206 23.44.203.206	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:24f... 2600:9000:24f0:3a00:c:7d55:b3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:bdf::40 2620:1ec:bdf::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	2607:f8b0:400... 2607:f8b0:4006:809::200a	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:821::200e	15169 (GOOGLE) (GOOGLE)
10	18.164.116.54 18.164.116.54	16509 (AMAZON-02) (AMAZON-02)
1	23.44.201.169 23.44.201.169	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
7	4.227.249.197 4.227.249.197	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	3.126.133.169 3.126.133.169	16509 (AMAZON-02) (AMAZON-02)
2	35.176.14.210 35.176.14.210	16509 (AMAZON-02) (AMAZON-02)
16	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2600:9000:20e... 2600:9000:20e2:9800:1d:63f:4480:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:24f... 2600:9000:24f0:2800:4:1957:6500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:822::2003	15169 (GOOGLE) (GOOGLE)
69	19

5 2600:9000:2140:ea00:0:29f7:580:93a1 (United States)

ASN16509 (AMAZON-02, US)

pre.premiumtax.credit	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80e::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.44.203.206 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-203-206.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f0:3a00:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:809::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.164.116.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-116-54.jfk50.r.cloudfront.net

pre.app.leadfinery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.44.201.169 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-201-169.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 4.227.249.197 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

u.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.133.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com

acabenefitsquiz.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.176.14.210 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-176-14-210.eu-west-2.compute.amazonaws.com

pre.api.adtopiaglobal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20e2:9800:1d:63f:4480:93a1 (United States)

ASN16509 (AMAZON-02, US)

yousted.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:24f0:2800:4:1957:6500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-js.ringba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	525 B
11	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 827 u.clarity.ms — Cisco Umbrella Rank: 7536 c.clarity.ms — Cisco Umbrella Rank: 1405	29 KB
10	leadfinery.com pre.app.leadfinery.com	4 KB
7	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 742	149 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	195 KB
5	premiumtax.credit pre.premiumtax.credit	1 MB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	4 KB
2	adtopiaglobal.com pre.api.adtopiaglobal.com	364 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	303 B
2	matomo.cloud cdn.matomo.cloud — Cisco Umbrella Rank: 16488 acabenefitsquiz.matomo.cloud	40 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	171 KB
1	gstatic.com fonts.gstatic.com	16 KB
1	ringba.com b-js.ringba.com — Cisco Umbrella Rank: 126053	14 KB
1	yousted.org yousted.org	27 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 236	764 B
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 2858	768 B
69	16

	Domain	Requested by
16	www.facebook.com	pre.premiumtax.credit
10	pre.app.leadfinery.com	pre.premiumtax.credit
7	u.clarity.ms	pre.premiumtax.credit www.clarity.ms
7	analytics.tiktok.com	pre.premiumtax.credit analytics.tiktok.com
5	connect.facebook.net	pre.premiumtax.credit connect.facebook.net
5	pre.premiumtax.credit	pre.premiumtax.credit
4	fonts.googleapis.com	pre.premiumtax.credit
2	c.clarity.ms	1 redirects
2	pre.api.adtopiaglobal.com	pre.premiumtax.credit
2	www.google-analytics.com	www.googletagmanager.com
2	www.clarity.ms	pre.premiumtax.credit www.clarity.ms
2	www.googletagmanager.com	pre.premiumtax.credit www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	b-js.ringba.com	pre.premiumtax.credit
1	yousted.org
1	c.bing.com	1 redirects
1	acabenefitsquiz.matomo.cloud	cdn.matomo.cloud
1	analytics.pangle-ads.com	analytics.tiktok.com
1	cdn.matomo.cloud	pre.premiumtax.credit
69	19

This site contains links to these domains. Also see Links.

Domain
www.healthcare.gov

Subject Issuer	Validity	Valid
premiumtax.credit Amazon RSA 2048 M02	`2023-11-20` - `2024-12-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-01` - `2023-11-30`	3 months	crt.sh
cdn.matomo.cloud Amazon RSA 2048 M03	`2023-10-27` - `2024-11-23`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2023-08-29` - `2024-08-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.leadfinery.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 06	`2023-02-13` - `2024-02-08`	a year	crt.sh
*.matomo.cloud Amazon RSA 2048 M02	`2023-06-21` - `2024-07-19`	a year	crt.sh
*.api.adtopiaglobal.com Amazon RSA 2048 M03	`2023-09-13` - `2024-10-12`	a year	crt.sh
yousted.org Amazon RSA 2048 M01	`2023-06-19` - `2024-07-18`	a year	crt.sh
*.ringba.com Amazon RSA 2048 M01	`2023-02-28` - `2024-01-08`	10 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://pre.premiumtax.credit/
Frame ID: 4E0AA80B5B9F5ECDEB58DA25EB294168
Requests: 65 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

premiumtax.creditpremiumtax.credit

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

69
Requests

99 %
HTTPS

63 %
IPv6

16
Domains

19
Subdomains

19
IPs

3
Countries

2136 kB
Transfer

3612 kB
Size

19
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.healthcare.gov/
Title: healthcare.gov

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=12B64B26A1934205ACB9119CEDA97691&RedC=c.clarity.ms&MXFR=2DC3C121315D63C32A18D2F3355D6D9C HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=12B64B26A1934205ACB9119CEDA97691&MUID=3CDFCD9D10A96FB4326FDE4F11176E70

69 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
pre.premiumtax.credit/ 3 KB
3 KB 673ms
424ms Document
text/html 2600:9000:2140:ea00:0:29f7:580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.premiumtax.credit/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:ea00:0:29f7:580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 45c0c80aafb59f31a31861796c57dadf395d05cf1ecba54c89442a92757394fc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
content-length: 2719
content-type: text/html
date: Thu, 23 Nov 2023 12:09:30 GMT
etag: "9c6981f686d5e2cc84db3b9d634fc0ae"
last-modified: Wed, 22 Nov 2023 14:31:44 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 6e24e95f882f20707346a032d1fa2948.cloudfront.net (CloudFront)
x-amz-cf-id: WpDjYZ5vWjWQi0GrtDhpgJkburhGQotPEAHKQoNR1vBl8A0eVJSRFg==
x-amz-cf-pop: EWR52-C1
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-2:135432904977:build/prtc081-fe-pre-builder:742d5a4c-be7c-4835-8095-4b4b872895ca
x-amz-meta-codebuild-content-md5: 6a1f0de28aab3041c0add2e40e8979f4
x-amz-meta-codebuild-content-sha256: d0de3495b1317fb841eae43495577b2716a0bc22ddaa7ac47ceb5442b07fe1e9
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront

GET
H2 200 2.66772492.chunk.css
pre.premiumtax.credit/static/css/ 227 KB
228 KB 538ms
536ms Stylesheet
text/css 2600:9000:2140:ea00:0:29f7:580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.premiumtax.credit/static/css/2.66772492.chunk.css
Requested by: Host: pre.premiumtax.credit
URL: https://pre.premiumtax.credit/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:ea00:0:29f7:580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87dab8cbf6b5ef4ea752beed9750d16439e02febc7012fb7e2c0b444f5fe7507

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 12:09:30 GMT
via: 1.1 6e24e95f882f20707346a032d1fa2948.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C1
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-2:135432904977:build/prtc081-fe-pre-builder:742d5a4c-be7c-4835-8095-4b4b872895ca
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-md5: 6a1f0de28aab3041c0add2e40e8979f4
content-length: 232692
last-modified: Wed, 22 Nov 2023 14:31:44 GMT
server: AmazonS3
etag: "b4230111de6d7803d6ed737587025bae"
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: d0de3495b1317fb841eae43495577b2716a0bc22ddaa7ac47ceb5442b07fe1e9
content-type: text/css
accept-ranges: bytes
x-amz-cf-id: 7oQ08qcwZfWOl7M_GXjBovvycXucQYnI1S2vcdSQqqo-PFOsrWHDuA==

GET
H2 200 main.38b1c08a.chunk.css
pre.premiumtax.credit/static/css/ 655 KB
656 KB 445ms
443ms Stylesheet
text/css 2600:9000:2140:ea00:0:29f7:580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.premiumtax.credit/static/css/main.38b1c08a.chunk.css
Requested by: Host: pre.premiumtax.credit
URL: https://pre.premiumtax.credit/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:ea00:0:29f7:580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: facad354716fa122912ca5f1d94beb2ccea4e16ffe1e938ae58bdbfd193e096e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 12:09:30 GMT
via: 1.1 6e24e95f882f20707346a032d1fa2948.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C1
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-2:135432904977:build/prtc081-fe-pre-builder:742d5a4c-be7c-4835-8095-4b4b872895ca
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-md5: 6a1f0de28aab3041c0add2e40e8979f4
content-length: 670720
last-modified: Wed, 22 Nov 2023 14:31:44 GMT
server: AmazonS3
etag: "27108758a589f73c18f1f5c822b35e84"
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: d0de3495b1317fb841eae43495577b2716a0bc22ddaa7ac47ceb5442b07fe1e9
content-type: text/css
accept-ranges: bytes
x-amz-cf-id: JXdmQGoZAezaLCWQeTxMh0JkReJYOGTWFXuukhji3Xv2iKRYlsAtAA==

GET
H2 200 2.1b13433e.chunk.js Show response
pre.premiumtax.credit/static/js/ 386 KB
388 KB 508ms
507ms Script
application/x-javascript 2600:9000:2140:ea00:0:29f7:580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.premiumtax.credit/static/js/2.1b13433e.chunk.js
Requested by: Host: pre.premiumtax.credit
URL: https://pre.premiumtax.credit/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:ea00:0:29f7:580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 55f90fb7e932e7f63f2bc31797ac2d3256ba58411b6d91f6c461bbf3b8ae8571

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 12:09:30 GMT
via: 1.1 6e24e95f882f20707346a032d1fa2948.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C1
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-2:135432904977:build/prtc081-fe-pre-builder:742d5a4c-be7c-4835-8095-4b4b872895ca
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-md5: 6a1f0de28aab3041c0add2e40e8979f4
content-length: 395736
last-modified: Wed, 22 Nov 2023 14:31:44 GMT
server: AmazonS3
etag: "3b04a5b1a88a4a083d1a58ef5a9a4864"
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: d0de3495b1317fb841eae43495577b2716a0bc22ddaa7ac47ceb5442b07fe1e9
content-type: application/x-javascript
accept-ranges: bytes
x-amz-cf-id: vC4i1GrGyNneBZlX7dn9y6YTY4aOmJyFfINZ6NTFS1E0poefyTw37Q==

GET
H2 200 main.3e401072.chunk.js Show response
pre.premiumtax.credit/static/js/ 210 KB
210 KB 478ms
478ms Script
application/x-javascript 2600:9000:2140:ea00:0:29f7:580:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.premiumtax.credit/static/js/main.3e401072.chunk.js
Requested by: Host: pre.premiumtax.credit
URL: https://pre.premiumtax.credit/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2140:ea00:0:29f7:580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 759ff2b8903790b0b81c5e0a38d04578a220017093d2b87a4a67ec0bbf9924e4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 12:09:30 GMT
via: 1.1 6e24e95f882f20707346a032d1fa2948.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C1
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-2:135432904977:build/prtc081-fe-pre-builder:742d5a4c-be7c-4835-8095-4b4b872895ca
x-cache: Miss from cloudfront
x-amz-meta-codebuild-content-md5: 6a1f0de28aab3041c0add2e40e8979f4
content-length: 214531
last-modified: Wed, 22 Nov 2023 14:31:43 GMT
server: AmazonS3
etag: "ba1237f34c5e539b58041241baa12ec9"
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: d0de3495b1317fb841eae43495577b2716a0bc22ddaa7ac47ceb5442b07fe1e9
content-type: application/x-javascript
accept-ranges: bytes
x-amz-cf-id: QkjLjLc7G6RCHpVuPIwIuXEWWq5L5Nu0Vz20zln8XAjrG0EV5bUUAQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 228 KB
81 KB 265ms
109ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WK99DXT

Requested by

Host: pre.premiumtax.credit
URL: https://pre.premiumtax.credit/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

48be5aec0c54cf97dfbf038417d75b575db3045f746bd0102dd000c6c89c3ee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 12:09:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82155
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 23 Nov 2023 12:09:29 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 273 KB
91 KB 103ms
102ms Script
application/javascript 2607:f8b0:4006:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-91HGQ5JVGN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WK99DXT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e19e305bf71198adf361a4a03037aa81be7e3ad21e472c648729dfddf1e2eba6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 12:09:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92731
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 23 Nov 2023 12:09:29 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
2 KB 1138ms
83ms Script
application/javascript 23.44.203.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CGMOQ9RC77UBEG41AJAG&lib=ttq
Requested by: Host: pre.premiumtax.credit
URL: https://pre.premiumtax.credit/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.203.206 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-203-206.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 0b3dd58b9a8b3dd9208803538eccdc04f1c17c8bb0d0cdf90e073e222d192736

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 12:09:31 GMT
content-encoding: gzip
x-akamai-request-id: 20b963d8
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server: nginx
x-tt-logid: 20231123120931A4CD8C73A884AC2ABF30
vary: Accept-Encoding
x-cache: TCP_MISS from a23-44-202-78.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 11,23.44.202.78
x-tt-trace-host: 01f91ce7946298fc9d5c45e8362a7a5f8dad289c5d5e67f605b561df6fe016c0f78cc6d37d0b657eeb6f09f19b6a918a980eee8bf58a055a68afc81d3c8177db1b63ddff1c3e6f1bd7082579bfd7910fd85b38bc5c7c8a4873e19a7f5a8b6b572b
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=1, origin; dur=10
expires: Thu, 23 Nov 2023 12:09:31 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 1141ms
86ms Script
application/javascript 23.44.203.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CIK4JD3C77U3LS6JS1PG&lib=ttq
Requested by: Host: pre.premiumtax.credit
URL: https://pre.premiumtax.credit/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.203.206 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-203-206.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: c1fc5a755f6bc302fc320a451fed755ed92980d36d0c2f360dad9f797f5cd7aa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-akamai-request-id: 20b963d9
date: Thu, 23 Nov 2023 12:09:31 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-44-202-78.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=2, origin; dur=15
content-length: 1527
pragma: no-cache
server: nginx
x-tt-logid: 20231123120931C6511792905D0285F830
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 16,23.44.202.78
x-tt-trace-host: 01f91ce7946298fc9d5c45e8362a7a5f8dad289c5d5e67f605b561df6fe016c0f7cfc793730d2f5cebf6afbb86a10f10ec24c84ba32306de03bfb4232c77b0c17960d5f7cd2ebf24f073767416b5f2c6a5fb0888e4b7bc0e6f7cced2721a92b2cc
expires: Thu, 23 Nov 2023 12:09:31 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 1119ms
66ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: pre.premiumtax.credit
URL: https://pre.premiumtax.credit/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 23 Nov 2023 12:09:31 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 87QI4CFduQ/TE/GWIuJF8ofDt+H/sHfaVuk3nd1OJyYRP8UapSC91IkgZTh3mUsH0SdwVsqhyaiM6vsLxRgB1w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 matomo.js Show response
cdn.matomo.cloud/acabenefitsquiz.matomo.cloud/ 133 KB
40 KB 1572ms
519ms Script
application/javascript 2600:9000:24f0:3a00:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.matomo.cloud/acabenefitsquiz.matomo.cloud/matomo.js

Requested by

Host: pre.premiumtax.credit
URL: https://pre.premiumtax.credit/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:24f0:3a00:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

0c52a47376a4fcdf018b85c4eeaa3b83f5ec5b9f7d96b00692d57f6370aace44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 12:09:32 GMT
x-amz-version-id: sYnd4xG6iV5kLloIqSSzXb6jQNLekQui
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Sun, 19 Nov 2023 19:00:05 GMT
server: CloudFront
via: 1.1 6fde4eba6716c9f80db3b63d251f248c.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
etag: W/"5ae28b8283495f311bd514cf7b5fa140"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200
x-amz-replication-status: COMPLETED
x-amz-cf-id: 4ffTnrJcF19Lkbg9WB02k1QJVwua7ZpRDKvQWoyx2-q0-PGetKGqag==

GET
H2 200 jgprib6su9 Show response
www.clarity.ms/tag/ 650 B
1013 B 1155ms
103ms Script
application/x-javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/jgprib6su9
Requested by: Host: pre.premiumtax.credit
URL: https://pre.premiumtax.credit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 5e1cb269b6c670938e02f09ce2db1f208dd0e94a90b4218be4bdf26874ef4462

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: -1
date: Thu, 23 Nov 2023 12:09:31 GMT
x-azure-ref: 20231123T120931Z-n0rbb59nux10r2tm0fzyd9qys80000000akg000000003q5p
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 650
request-context: appId=cid-v1:67bc0b23-8423-4b52-b1ca-6a87709ceaa2

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
930 B 835ms
79ms Stylesheet
text/css 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Titillium+Web:ital,wght@0,300;0,400;0,600;0,700;1,400&display=swap

Requested by

Host: pre.premiumtax.credit
URL: https://pre.premiumtax.credit/static/css/main.38b1c08a.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

62250a35703c2ceea5a584e9730fbf0ae21a27f085dde0e6b409dd41aea309a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Nov 2023 12:09:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 12:09:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Nov 2023 12:09:31 GMT

GET
H2 200 css2
fonts.googleapis.com/ 27 KB
1 KB 837ms
82ms Stylesheet
text/css 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: pre.premiumtax.credit
URL: https://pre.premiumtax.credit/static/css/main.38b1c08a.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Nov 2023 12:09:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 10:22:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Nov 2023 12:09:31 GMT

GET
H2 200 css2
fonts.googleapis.com/ 30 KB
1 KB 842ms
88ms Stylesheet
text/css 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: pre.premiumtax.credit
URL: https://pre.premiumtax.credit/static/css/main.38b1c08a.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55dd98058597b9910e9650a64370dccf0368816a33ec4752cba9362a2d033a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Nov 2023 12:09:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 12:09:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Nov 2023 12:09:31 GMT

GET
H2 200 css2
fonts.googleapis.com/ 22 KB
1 KB 835ms
80ms Stylesheet
text/css 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,300;0,400;0,500;0,700;0,900;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: pre.premiumtax.credit
URL: https://pre.premiumtax.credit/static/css/main.38b1c08a.chunk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

391d7af9603de79e9111b0311bd2f829847f04645e97b9e73ab9dfc54601f725

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Nov 2023 12:09:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 10:31:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Nov 2023 12:09:31 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
258 B 214ms
76ms Ping
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-91HGQ5JVGN&gtm=45je3b81v9133384110z89132857080&_p=1700741369439&gcd=11l1l1l1l1&dma=0&cid=1372506053.1700741371&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700741371&sct=1&seg=0&dl=https%3A%2F%2Fpre.premiumtax.credit%2F&dt=premiumtax.credit&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2325
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-91HGQ5JVGN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 12:09:31 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pre.premiumtax.credit
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.MTdjYzNiZDU2MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 397 KB
106 KB 68ms
68ms Script
application/javascript 23.44.203.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CGMOQ9RC77UBEG41AJAG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.203.206 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-203-206.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-akamai-request-id: 20b96405
date: Thu, 23 Nov 2023 12:09:31 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231109073143C2CEE2B263ACF2DEB58B
vary: Accept-Encoding
x-cache: TCP_HIT from a23-44-202-78.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01a1bd66aa21233ef267b9d03987693cea96efd84050c33076f073f012886dbd584a474390b55d40216d5caffa71f49cdbd2a82b528a13ed48853235f79e4b2acf0ff9187f30f2df80cb6f0addac825a4e4530199f645a7c324799d37703f35056
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 108361

POST
H2 200 get-uuid Show response
pre.app.leadfinery.com/api/acab069/pre/v1/ 116 B
583 B 363ms
362ms XHR
application/json 18.164.116.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.app.leadfinery.com/api/acab069/pre/v1/get-uuid
Requested by: Host: pre.premiumtax.credit
URL: https://pre.premiumtax.credit/static/js/2.1b13433e.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-54.jfk50.r.cloudfront.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: e24c234317e606ee6035ec9c240b921619f7ebb1c5b98d894f9ea945efd854d3

Request headers

Accept: application/json
Referer: https://pre.premiumtax.credit/
accept-language: en-US,en;q=0.9
Authorization: Bearer 1G62aWCBijSrzd0O7eRXbMowDycEYAQk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 23 Nov 2023 12:09:32 GMT
via: 1.1 b5b0850774f11b0c2514532a2d3bdc44.cloudfront.net (CloudFront)
server: Apache/2.4.41 (Ubuntu)
x-amz-cf-pop: JFK50-P6
vary: Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-amz-cf-id: It9Vh2fahADeiZ84xvhbboYvVxVGJX8gwS-IHOPUVmymIEQxj0EKcw==

OPTIONS
H2 200 get-uuid
pre.app.leadfinery.com/api/acab069/pre/v1/ 0
0 685ms
364ms Preflight
application/json 18.164.116.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.app.leadfinery.com/api/acab069/pre/v1/get-uuid
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-54.jfk50.r.cloudfront.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://pre.premiumtax.credit
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, private
content-type: application/json
date: Thu, 23 Nov 2023 12:09:31 GMT
server: Apache/2.4.41 (Ubuntu)
via: 1.1 b5b0850774f11b0c2514532a2d3bdc44.cloudfront.net (CloudFront)
x-amz-cf-id: Cwt_F3rZhocCcjbYZNuN_RmoIUWxbQMGDo4q8PXKPGwGK03QY-ebhw==
x-amz-cf-pop: JFK50-P6
x-cache: Miss from cloudfront

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.18/ 59 KB
25 KB 65ms
65ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.18/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/jgprib6su9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 12:09:31 GMT
content-encoding: br
last-modified: Fri, 17 Nov 2023 13:41:44 GMT
etag: W/"0x8DBE772F014B026"
vary: Accept-Encoding
x-azure-ref: 20231123T120931Z-n0rbb59nux10r2tm0fzyd9qys80000000akg000000003q5y
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-ms-request-id: 5923cf30-301e-0010-705d-19ebb3000000
cache-control: public, max-age=86400
x-cache: TCP_HIT
x-ms-version: 2018-03-28

GET
H2 200 901443270982030 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 217ms
216ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/901443270982030?v=2.9.138&r=stable&domain=pre.premiumtax.credit

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a0a5a5588bb3ea55370057ffdd50a8d2e724f9595c7ca6ff5c15584522b3a19a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 23 Nov 2023 12:09:31 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: DzipSuGFdnlXlvkDGWkvDr3qWL1dHCUTnSx07cmJLRI50BeUkBOiZXEC0fE25LuyEkqbPJl8nzXmXBrCWvootQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 identify_bb163.js Show response
analytics.tiktok.com/i18n/pixel/static/ 135 KB
36 KB 68ms
68ms Script
application/javascript 23.44.203.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.203.206 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-203-206.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-akamai-request-id: 20b96483
date: Thu, 23 Nov 2023 12:09:31 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202311090731295E1112E7674C57E0F580
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-44-202-78.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01d995cdf23ab4c73a7bbe5beaaa9e655c2a789ed0eb237a52de86d59659c20a6f97823d9b989b41cf3a79765a82b965a236edc3e40d765528b6cf9608c5457b76f30348f7ca430c59489a0dd5752642a937994460e3b14a008926fa9b0c3dc59c
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=9
content-length: 36198

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
768 B 387ms
75ms Ping
text/plain 23.44.201.169
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.201.169 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-201-169.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pre.premiumtax.credit/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: a1c2a45
date: Thu, 23 Nov 2023 12:09:31 GMT
x-bytefaas-request-id: 20231123120931B981D456C573EEAEB738
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-44-200-105.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
server-timing: inner; dur=4, cdn-cache; desc=MISS, edge; dur=0, origin; dur=13
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231123120931B981D456C573EEAEB738
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 2.95
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 01f91ce7946298fc9d5c45e8362a7a5f8d7d18f1c46e556aa7e779be903dadddd019fcfa909962d72fb1c4a0af51dc6b85f76c1e57bd2cceb797d10ce871ad692c1ca2c0060a6f13bf81a69d4d2a3a39278c470a2c284d45057b6c4176bd26e391
x-origin-response-time: 13,23.44.200.105
access-control-allow-headers: *
expires: Thu, 23 Nov 2023 12:09:31 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
649 B 117ms
117ms Ping
text/plain 23.44.203.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.203.206 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-203-206.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pre.premiumtax.credit/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 20b964b9
date: Thu, 23 Nov 2023 12:09:31 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-44-202-78.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
server-timing: inner; dur=36, cdn-cache; desc=MISS, edge; dur=5, origin; dur=44
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231123120931CEEA85ACDCACA69918C7
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 44,23.44.202.78
x-tt-trace-host: 01f91ce7946298fc9d5c45e8362a7a5f8dad289c5d5e67f605b561df6fe016c0f75a7a9093a4c70a60405590560be6fd083f8d52a578a76679019eda258249556b4f9267f1f9eb364291fbf737c96489b91aafab838aff758d18c7c0aa83c3a7de
access-control-allow-headers: Authorization,*
expires: Thu, 23 Nov 2023 12:09:31 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
648 B 114ms
114ms Ping
text/plain 23.44.203.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.203.206 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-203-206.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pre.premiumtax.credit/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 20b964ba
date: Thu, 23 Nov 2023 12:09:31 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-44-202-78.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
server-timing: inner; dur=30, cdn-cache; desc=MISS, edge; dur=5, origin; dur=39
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202311231209319A934E2FED7E91B24B5D
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 39,23.44.202.78
x-tt-trace-host: 01f91ce7946298fc9d5c45e8362a7a5f8dad289c5d5e67f605b561df6fe016c0f76ee2bb29dd885e85e739b0d7260641710cffd58249324b7aa612769ff63043e28ccc1d429125df754ded8b3445afda288bbff9f06e609d9db5b6690dee9d7f71
access-control-allow-headers: Authorization,*
expires: Thu, 23 Nov 2023 12:09:31 GMT

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ 0
301 B 354ms
111ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: pre.premiumtax.credit
URL: https://pre.premiumtax.credit/static/js/2.1b13433e.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://pre.premiumtax.credit/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://pre.premiumtax.credit
Date: Thu, 23 Nov 2023 12:09:31 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H3 200 2060170190837421 Show response
connect.facebook.net/signals/config/ 139 KB
36 KB 249ms
247ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2060170190837421?v=2.9.138&r=stable&domain=pre.premiumtax.credit

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

daf660ed34858a8ba4c2e8f775c097528dca9d9661442912743492840e614191

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 23 Nov 2023 12:09:31 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: bXjGzvf2qH4Yap18miOFfP6k2LLSmDqUklUIVxWSXW6F2HDYu81+FN0HOgTAm6yz1c1DmvKBaYMgEaXFyg3wWQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
792 B 312ms
311ms Ping
text/plain 23.44.203.206
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.203.206 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-203-206.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pre.premiumtax.credit/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 32b7f0ef.20b9650a
date: Thu, 23 Nov 2023 12:09:31 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-44-202-78.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
x-parent-response-time: 234,23.44.202.78
server-timing: cdn-cache; desc=MISS, edge; dur=15, origin; dur=224, inner; dur=219
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231123120931845A38DDCAA4B1890D42
x-cache-remote: TCP_MISS from a23-48-100-39.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2.1-52518411) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 224,23.48.100.39
x-tt-trace-host: 01f91ce7946298fc9d5c45e8362a7a5f8d56b0a8025015ed81d19f0166ecc666a510aa996e744f74083c70695ff4933fb0af0b4d956d3287668865e626b80853ab0d8ade7ba4c464a0074abc19f9b77bef987443ccafe327061497b7fa8dbb6bb538f69970dd64a22140c4c40fe6a36a25
access-control-allow-headers: Authorization,*
expires: Thu, 23 Nov 2023 12:09:31 GMT

POST
H2 204 matomo.php
acabenefitsquiz.matomo.cloud/ 0
173 B 823ms
279ms Ping
text/plain 3.126.133.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acabenefitsquiz.matomo.cloud/matomo.php?action_name=pre.premiumtax.credit%2Fpremiumtax.credit&idsite=1&rec=1&r=804025&h=2&m=9&s=31&url=https%3A%2F%2Fpre.premiumtax.credit%2F&_id=de5816d7c1d8d479&_idn=1&send_image=0&_refts=0&pv_id=O3shaK&pf_net=249&pf_srv=424&pf_tfr=1&pf_dm1=1782&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/acabenefitsquiz.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pre.premiumtax.credit/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://pre.premiumtax.credit
date: Thu, 23 Nov 2023 12:09:32 GMT
access-control-allow-credentials: true
server: Apache
vary: X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent

GET
H3 200 3374464979550893 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 135ms
135ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/3374464979550893?v=2.9.138&r=stable&domain=pre.premiumtax.credit

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d1ac81082ac697ec6ca969e4ee41e45f9f7ed28051535f9e1f2740979ac7b825

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 23 Nov 2023 12:09:31 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: iM9zERq3NKSk2AJN491YGm62A6TzfCAddfB6LyJdZKpGpCfGBmV4jwRavYRU2o0K+nKY5iUCi1j27E1LBko1XA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1370605930515370 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 162ms
161ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1370605930515370?v=2.9.138&r=stable&domain=pre.premiumtax.credit

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

416ec89e499630fe1c181ed5c836a087adb1ee5cf8c55a0477e27977db5f8d94

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 23 Nov 2023 12:09:32 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: Ommu/xqCkUsRMCyB+xz9dFxH/C7/JoNm0WhDOJ03eoO69+HKR5VBHI/yepjZ8aBll4VllQKs7ePcxqhetQcJIA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 loader Show response
pre.api.adtopiaglobal.com/ 194 B
364 B 169ms
168ms XHR
application/json 35.176.14.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.api.adtopiaglobal.com/loader
Requested by: Host: pre.premiumtax.credit
URL: https://pre.premiumtax.credit/static/js/2.1b13433e.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.14.210 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-14-210.eu-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: f659da832c050732074ab891e82a702a60056e1317c51f9b645a773029b24c7d

Request headers

Accept: application/json
Referer: https://pre.premiumtax.credit/
accept-language: en-US,en;q=0.9
Authorization: Bearer 1G62aWCBijSrzd0O7eRXbMowDycEYAQk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://pre.premiumtax.credit
date: Thu, 23 Nov 2023 12:09:32 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
content-length: 194
vary: Origin
content-type: application/json

OPTIONS
H2 200 loader
pre.api.adtopiaglobal.com/ 0
0 464ms
138ms Preflight
text/plain 35.176.14.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.api.adtopiaglobal.com/loader
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.176.14.210 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-176-14-210.eu-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://pre.premiumtax.credit
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization,content-type
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://pre.premiumtax.credit
access-control-max-age: 600
content-length: 2
content-type: text/plain; charset=utf-8
date: Thu, 23 Nov 2023 12:09:32 GMT
server: nginx/1.18.0
vary: Origin

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 212ms
65ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=901443270982030&ev=PageView&dl=https%3A%2F%2Fpre.premiumtax.credit%2F&rl=&if=false&ts=1700741372293&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700741372291.54984619&ler=empty&it=1700741371205&coo=false&rqm=GET

Requested by

Host: pre.premiumtax.credit
URL: https://pre.premiumtax.credit/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 23 Nov 2023 12:09:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 212ms
66ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2060170190837421&ev=PageView&dl=https%3A%2F%2Fpre.premiumtax.credit%2F&rl=&if=false&ts=1700741372298&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700741372291.54984619&ler=empty&cs_est=true&it=1700741371205&coo=false&rqm=GET

Requested by

Host: pre.premiumtax.credit
URL: https://pre.premiumtax.credit/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 23 Nov 2023 12:09:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 213ms
67ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3374464979550893&ev=PageView&dl=https%3A%2F%2Fpre.premiumtax.credit%2F&rl=&if=false&ts=1700741372300&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700741372291.54984619&ler=empty&it=1700741371205&coo=false&rqm=GET

Requested by

Host: pre.premiumtax.credit
URL: https://pre.premiumtax.credit/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 23 Nov 2023 12:09:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 213ms
68ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1370605930515370&ev=PageView&dl=https%3A%2F%2Fpre.premiumtax.credit%2F&rl=&if=false&ts=1700741372301&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700741372291.54984619&ler=empty&it=1700741371205&coo=false&rqm=GET

Requested by

Host: pre.premiumtax.credit
URL: https://pre.premiumtax.credit/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 23 Nov 2023 12:09:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=12B64B26A1934205ACB9119CEDA97691&RedC=c.clarity.ms&MXFR=2DC3C121315D63C32A18D2F3355D6D9C
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=12B64B26A1934205ACB9119CEDA97691&MUID=3CDFCD9D10A96FB4326FDE4F11176E70

42 B
443 B

54ms
54ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=12B64B26A1934205ACB9119CEDA97691&MUID=3CDFCD9D10A96FB4326FDE4F11176E70
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 12:09:32 GMT
last-modified: Wed, 30 Aug 2023 15:12:15 GMT
server: Microsoft-IIS/10.0
etag: "3370fe5b54dbd91:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 12:09:32 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4BFC62801928423DB138A57E353EA5F3 Ref B: MIAEDGE1719 Ref C: 2023-11-23T12:09:33Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=12B64B26A1934205ACB9119CEDA97691&MUID=3CDFCD9D10A96FB4326FDE4F11176E70
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ 0
301 B 60ms
60ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: pre.premiumtax.credit
URL: https://pre.premiumtax.credit/static/js/2.1b13433e.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://pre.premiumtax.credit/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://pre.premiumtax.credit
Date: Thu, 23 Nov 2023 12:09:32 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

POST
H/1.1 204
No Content collect
u.clarity.ms/ 0
301 B 64ms
64ms Ping
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pre.premiumtax.credit/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://pre.premiumtax.credit
Date: Thu, 23 Nov 2023 12:09:32 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 68ms
66ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=901443270982030&ev=PageView&dl=https%3A%2F%2Fpre.premiumtax.credit%2FPR_TC_V1%3Fuuid%3DACAB069-28ed80a0-89f9-11ee-bcbe-dd463d778bcd&rl=&if=false&ts=1700741372898&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1700741372291.54984619&ler=empty&it=1700741371205&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 23 Nov 2023 12:09:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 67ms
66ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2060170190837421&ev=PageView&dl=https%3A%2F%2Fpre.premiumtax.credit%2FPR_TC_V1%3Fuuid%3DACAB069-28ed80a0-89f9-11ee-bcbe-dd463d778bcd&rl=&if=false&ts=1700741372903&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1700741372291.54984619&ler=empty&cs_est=true&it=1700741371205&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 23 Nov 2023 12:09:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 68ms
67ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3374464979550893&ev=PageView&dl=https%3A%2F%2Fpre.premiumtax.credit%2FPR_TC_V1%3Fuuid%3DACAB069-28ed80a0-89f9-11ee-bcbe-dd463d778bcd&rl=&if=false&ts=1700741372905&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1700741372291.54984619&ler=empty&it=1700741371205&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 23 Nov 2023 12:09:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 69ms
68ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1370605930515370&ev=PageView&dl=https%3A%2F%2Fpre.premiumtax.credit%2FPR_TC_V1%3Fuuid%3DACAB069-28ed80a0-89f9-11ee-bcbe-dd463d778bcd&rl=&if=false&ts=1700741372910&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1700741372291.54984619&ler=empty&it=1700741371205&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 23 Nov 2023 12:09:32 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 logo.png
yousted.org/lfdesigns/Sass-Projects/ACA_benefit_quiz/v3/dist/img/ 27 KB
27 KB 515ms
300ms Image
image/png 2600:9000:20e2:9800:1d:63f:4480:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yousted.org/lfdesigns/Sass-Projects/ACA_benefit_quiz/v3/dist/img/logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e2:9800:1d:63f:4480:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dbb906db716ab154c7bdca5a97523321b0c5b3c6b769d358aea904300abe98fd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 12:09:34 GMT
x-amz-version-id: zkLSaLu6_nBl5fGD3cQv4omymgU7Uk2w
via: 1.1 2e8c2e7cad8a51072f754f4edb4b5714.cloudfront.net (CloudFront)
last-modified: Thu, 28 Sep 2023 18:51:33 GMT
server: AmazonS3
x-amz-cf-pop: IAD79-C2
etag: "89bec8a2c02a1d220bfc4c06986a8cda"
x-amz-meta-sha256: dbb906db716ab154c7bdca5a97523321b0c5b3c6b769d358aea904300abe98fd
content-type: image/png
x-cache: Miss from cloudfront
content-length: 27367
x-amz-cf-id: _o9RwZw26tJ-8eXLoyPVQp0k7up1rlUrDYs1ehERaGKDMB5T6597bQ==
x-amz-meta-s3b-last-modified: 20230928T100357Z

OPTIONS
H2 200 user-agent
pre.app.leadfinery.com/api/acab069/pre/v1/ 0
0 350ms
348ms Preflight
application/json 18.164.116.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.app.leadfinery.com/api/acab069/pre/v1/user-agent
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-54.jfk50.r.cloudfront.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://pre.premiumtax.credit
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, private
content-type: application/json
date: Thu, 23 Nov 2023 12:09:33 GMT
server: Apache/2.4.41 (Ubuntu)
via: 1.1 b5b0850774f11b0c2514532a2d3bdc44.cloudfront.net (CloudFront)
x-amz-cf-id: FXT1Yr6LA27LjGMuA7PiOE_qI16Q8UCiKxdtg_pKUoN-V4UIhEa59w==
x-amz-cf-pop: JFK50-P6
x-cache: Miss from cloudfront

OPTIONS
H2 200 ringba-online
pre.app.leadfinery.com/api/acab069/pre/v1/ 0
0 352ms
350ms Preflight
application/json 18.164.116.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.app.leadfinery.com/api/acab069/pre/v1/ringba-online
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-54.jfk50.r.cloudfront.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://pre.premiumtax.credit
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, private
content-type: application/json
date: Thu, 23 Nov 2023 12:09:33 GMT
server: Apache/2.4.41 (Ubuntu)
via: 1.1 b5b0850774f11b0c2514532a2d3bdc44.cloudfront.net (CloudFront)
x-amz-cf-id: uaqLegm2bglQr3f3gYLRA7FuZpchXux-4GiF_4_B_2yNeM9LibBKng==
x-amz-cf-pop: JFK50-P6
x-cache: Miss from cloudfront

POST
H2 200 user-agent Show response
pre.app.leadfinery.com/api/acab069/pre/v1/ 1 KB
2 KB 364ms
363ms XHR
application/json 18.164.116.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.app.leadfinery.com/api/acab069/pre/v1/user-agent
Requested by: Host: pre.premiumtax.credit
URL: https://pre.premiumtax.credit/static/js/2.1b13433e.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-54.jfk50.r.cloudfront.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: ae978fe87426523b945d668d20d23f7636ace830ee2a1887db9a050b91db3f63

Request headers

Accept: application/json
Referer: https://pre.premiumtax.credit/
accept-language: en-US,en;q=0.9
Authorization: Bearer 1G62aWCBijSrzd0O7eRXbMowDycEYAQk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 23 Nov 2023 12:09:33 GMT
via: 1.1 b5b0850774f11b0c2514532a2d3bdc44.cloudfront.net (CloudFront)
server: Apache/2.4.41 (Ubuntu)
x-amz-cf-pop: JFK50-P6
vary: Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-amz-cf-id: 6yTPQsim8nSIGjWmw8gwz4qRdgkTzwY9V3AAJkfP9_qPVW0KePZiVA==

POST
H2 200 ringba-online Show response
pre.app.leadfinery.com/api/acab069/pre/v1/ 41 B
508 B 364ms
364ms XHR
application/json 18.164.116.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.app.leadfinery.com/api/acab069/pre/v1/ringba-online
Requested by: Host: pre.premiumtax.credit
URL: https://pre.premiumtax.credit/static/js/2.1b13433e.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-54.jfk50.r.cloudfront.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: a4187091aba0cdd62e1663d65cd5eebd1b2d7ba176afc1ab12fc4e88b2f45a01

Request headers

Accept: application/json
Referer: https://pre.premiumtax.credit/
accept-language: en-US,en;q=0.9
Authorization: Bearer 1G62aWCBijSrzd0O7eRXbMowDycEYAQk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 23 Nov 2023 12:09:33 GMT
via: 1.1 b5b0850774f11b0c2514532a2d3bdc44.cloudfront.net (CloudFront)
server: Apache/2.4.41 (Ubuntu)
x-amz-cf-pop: JFK50-P6
vary: Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-amz-cf-id: pW0q-vPF9RijrXShEId6UWkYTzZxcyoUoIzaT2colXKr7nvUqJETmw==

GET
H2 200 CAfe8e30f0d9964386bac7acabadf4a10b Show response
b-js.ringba.com/ 13 KB
14 KB 325ms
125ms Script
text/html 2600:9000:24f0:2800:4:1957:6500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-js.ringba.com/CAfe8e30f0d9964386bac7acabadf4a10b
Requested by: Host: pre.premiumtax.credit
URL: https://pre.premiumtax.credit/static/js/2.1b13433e.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:24f0:2800:4:1957:6500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 88453f8896108095ab9b1f2b92e300441912168412fd3c6baa073e4513e650c6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-runtime: 33.0000
date: Thu, 23 Nov 2023 12:09:32 GMT
via: 1.1 c790ffcab27717f283a6e87f31c6d65a.cloudfront.net (CloudFront)
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-amz-cf-pop: JFK50-P3
x-powered-by: ASP.NET
access-control-max-age: 300
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public
content-length: 13695
x-amz-cf-id: 9QyAzNlZCaz02Oh1Idbc2lskkWgOttwvW2yjCUXVgEJp97Vm5Ij2VA==
expires: Thu, 23 Nov 2023 12:14:33 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 204ms
63ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://pre.premiumtax.credit
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 02:01:08 GMT
x-content-type-options: nosniff
age: 36505
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Nov 2024 02:01:08 GMT

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ 0
301 B 64ms
64ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: pre.premiumtax.credit
URL: https://pre.premiumtax.credit/static/js/2.1b13433e.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://pre.premiumtax.credit/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://pre.premiumtax.credit
Date: Thu, 23 Nov 2023 12:09:33 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

POST
H/1.1 204
No Content collect
u.clarity.ms/ 0
301 B 81ms
80ms Ping
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.18/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pre.premiumtax.credit/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://pre.premiumtax.credit
Date: Thu, 23 Nov 2023 12:09:33 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

POST
H2 200 data-ingestion-pipeline Show response
pre.app.leadfinery.com/api/acab069/pre/v1/ 20 B
487 B 520ms
519ms XHR
application/json 18.164.116.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.app.leadfinery.com/api/acab069/pre/v1/data-ingestion-pipeline
Requested by: Host: pre.premiumtax.credit
URL: https://pre.premiumtax.credit/static/js/2.1b13433e.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-54.jfk50.r.cloudfront.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665

Request headers

Accept: application/json
Referer: https://pre.premiumtax.credit/
accept-language: en-US,en;q=0.9
Authorization: Bearer 1G62aWCBijSrzd0O7eRXbMowDycEYAQk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 23 Nov 2023 12:09:34 GMT
via: 1.1 b5b0850774f11b0c2514532a2d3bdc44.cloudfront.net (CloudFront)
server: Apache/2.4.41 (Ubuntu)
x-amz-cf-pop: JFK50-P6
vary: Authorization
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-amz-cf-id: zLQTnskJxRb2EJX3tVvJnPoiQAiUgxTX7NAeORKZ7oAIDpmQbED1EQ==

OPTIONS
H2 200 data-ingestion-pipeline
pre.app.leadfinery.com/api/acab069/pre/v1/ 0
0 136ms
135ms Preflight
application/json 18.164.116.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.app.leadfinery.com/api/acab069/pre/v1/data-ingestion-pipeline
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-54.jfk50.r.cloudfront.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://pre.premiumtax.credit
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, private
content-type: application/json
date: Thu, 23 Nov 2023 12:09:33 GMT
server: Apache/2.4.41 (Ubuntu)
via: 1.1 b5b0850774f11b0c2514532a2d3bdc44.cloudfront.net (CloudFront)
x-amz-cf-id: 1fhdKfaXzDI3SbtIe4OeDAe5KrTYL6Q50Bzjja9j8n86SYtnNP0nUw==
x-amz-cf-pop: JFK50-P6
x-cache: Miss from cloudfront

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 69ms
66ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=901443270982030&ev=PageView&dl=https%3A%2F%2Fpre.premiumtax.credit%2FPR_TC_V1%3Fuuid%3DACAB069-28ed80a0-89f9-11ee-bcbe-dd463d778bcd%26uuid%3DACAB069-28ed80a0-89f9-11ee-bcbe-dd463d778bcd&rl=&if=false&ts=1700741373696&sw=1600&sh=1200&v=2.9.138&r=stable&ec=2&o=4126&fbp=fb.1.1700741372291.54984619&ler=empty&it=1700741371205&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 23 Nov 2023 12:09:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 70ms
67ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2060170190837421&ev=PageView&dl=https%3A%2F%2Fpre.premiumtax.credit%2FPR_TC_V1%3Fuuid%3DACAB069-28ed80a0-89f9-11ee-bcbe-dd463d778bcd%26uuid%3DACAB069-28ed80a0-89f9-11ee-bcbe-dd463d778bcd&rl=&if=false&ts=1700741373699&sw=1600&sh=1200&v=2.9.138&r=stable&ec=2&o=4126&fbp=fb.1.1700741372291.54984619&ler=empty&cs_est=true&it=1700741371205&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 23 Nov 2023 12:09:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 71ms
67ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3374464979550893&ev=PageView&dl=https%3A%2F%2Fpre.premiumtax.credit%2FPR_TC_V1%3Fuuid%3DACAB069-28ed80a0-89f9-11ee-bcbe-dd463d778bcd%26uuid%3DACAB069-28ed80a0-89f9-11ee-bcbe-dd463d778bcd&rl=&if=false&ts=1700741373700&sw=1600&sh=1200&v=2.9.138&r=stable&ec=2&o=4126&fbp=fb.1.1700741372291.54984619&ler=empty&it=1700741371205&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 23 Nov 2023 12:09:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 71ms
68ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1370605930515370&ev=PageView&dl=https%3A%2F%2Fpre.premiumtax.credit%2FPR_TC_V1%3Fuuid%3DACAB069-28ed80a0-89f9-11ee-bcbe-dd463d778bcd%26uuid%3DACAB069-28ed80a0-89f9-11ee-bcbe-dd463d778bcd&rl=&if=false&ts=1700741373701&sw=1600&sh=1200&v=2.9.138&r=stable&ec=2&o=4126&fbp=fb.1.1700741372291.54984619&ler=empty&it=1700741371205&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 23 Nov 2023 12:09:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 71ms
68ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=901443270982030&ev=PageView&dl=https%3A%2F%2Fpre.premiumtax.credit%2FPR_TC_V1%3Fuuid%3DACAB069-28ed80a0-89f9-11ee-bcbe-dd463d778bcd&rl=&if=false&ts=1700741373713&sw=1600&sh=1200&v=2.9.138&r=stable&ec=3&o=4126&fbp=fb.1.1700741372291.54984619&ler=empty&it=1700741371205&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 23 Nov 2023 12:09:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 72ms
69ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2060170190837421&ev=PageView&dl=https%3A%2F%2Fpre.premiumtax.credit%2FPR_TC_V1%3Fuuid%3DACAB069-28ed80a0-89f9-11ee-bcbe-dd463d778bcd&rl=&if=false&ts=1700741373715&sw=1600&sh=1200&v=2.9.138&r=stable&ec=3&o=4126&fbp=fb.1.1700741372291.54984619&ler=empty&cs_est=true&it=1700741371205&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 23 Nov 2023 12:09:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 72ms
69ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=3374464979550893&ev=PageView&dl=https%3A%2F%2Fpre.premiumtax.credit%2FPR_TC_V1%3Fuuid%3DACAB069-28ed80a0-89f9-11ee-bcbe-dd463d778bcd&rl=&if=false&ts=1700741373716&sw=1600&sh=1200&v=2.9.138&r=stable&ec=3&o=4126&fbp=fb.1.1700741372291.54984619&ler=empty&it=1700741371205&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 23 Nov 2023 12:09:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 72ms
70ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1370605930515370&ev=PageView&dl=https%3A%2F%2Fpre.premiumtax.credit%2FPR_TC_V1%3Fuuid%3DACAB069-28ed80a0-89f9-11ee-bcbe-dd463d778bcd&rl=&if=false&ts=1700741373718&sw=1600&sh=1200&v=2.9.138&r=stable&ec=3&o=4126&fbp=fb.1.1700741372291.54984619&ler=empty&it=1700741371205&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pre.premiumtax.credit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 23 Nov 2023 12:09:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

OPTIONS
H2 200 save-journey-status
pre.app.leadfinery.com/api/acab069/pre/v1/ 0
0 277ms
276ms Preflight
application/json 18.164.116.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.app.leadfinery.com/api/acab069/pre/v1/save-journey-status
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-54.jfk50.r.cloudfront.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: POST
Origin: https://pre.premiumtax.credit
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, private
content-type: application/json
date: Thu, 23 Nov 2023 12:09:33 GMT
server: Apache/2.4.41 (Ubuntu)
via: 1.1 b5b0850774f11b0c2514532a2d3bdc44.cloudfront.net (CloudFront)
x-amz-cf-id: KwdBCVegFxY51_Uz9vdK-Zm41gWqjBxN3uRgnlXYnepjXI0oPJACXQ==
x-amz-cf-pop: JFK50-P6
x-cache: Miss from cloudfront

POST
H2 200 save-journey-status Show response
pre.app.leadfinery.com/api/acab069/pre/v1/ 0
536 B 185ms
185ms XHR
text/html 18.164.116.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pre.app.leadfinery.com/api/acab069/pre/v1/save-journey-status
Requested by: Host: pre.premiumtax.credit
URL: https://pre.premiumtax.credit/static/js/2.1b13433e.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.116.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-116-54.jfk50.r.cloudfront.net
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://pre.premiumtax.credit/
accept-language: en-US,en;q=0.9
Authorization: Bearer 1G62aWCBijSrzd0O7eRXbMowDycEYAQk
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 23 Nov 2023 12:09:34 GMT
content-encoding: gzip
via: 1.1 b5b0850774f11b0c2514532a2d3bdc44.cloudfront.net (CloudFront)
server: Apache/2.4.41 (Ubuntu)
x-amz-cf-pop: JFK50-P6
vary: Authorization,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-cache: Miss from cloudfront
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-max-age: 86400
access-control-allow-headers: Content-Type, Authorization, X-Requested-With
x-amz-cf-id: vywssMAJHWyaJ-3VGtDxXD9BbZDXydfszEn5r5OMR2Ae5iyZgEem3w==

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ 0
301 B 388ms
387ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: pre.premiumtax.credit
URL: https://pre.premiumtax.credit/static/js/2.1b13433e.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://pre.premiumtax.credit/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://pre.premiumtax.credit
Date: Thu, 23 Nov 2023 12:09:34 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b734021a55a815f65cfe992974a5d88dce75f628be7878713ba126a95a2e20ff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 731b803d06dc23ada35c4e4fe12626b3af1ed2e352d484734ccda7a7d86c04f3

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif

POST
H/1.1 204
No Content collect Show response
u.clarity.ms/ 0
301 B 119ms
118ms XHR
text/plain 4.227.249.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://u.clarity.ms/collect
Requested by: Host: pre.premiumtax.credit
URL: https://pre.premiumtax.credit/static/js/2.1b13433e.chunk.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 4.227.249.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://pre.premiumtax.credit/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://pre.premiumtax.credit
Date: Thu, 23 Nov 2023 12:09:35 GMT
Access-Control-Allow-Credentials: true
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Vary: Origin
Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81

POST
H2 204 collect
www.google-analytics.com/g/ 0
45 B 80ms
79ms Ping
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-91HGQ5JVGN&gtm=45je3b81v9133384110&_p=1700741369439&gcd=11l1l1l1l1&dma=0&cid=1372506053.1700741371&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&sid=1700741371&sct=1&seg=0&dl=https%3A%2F%2Fpre.premiumtax.credit%2F&dt=premiumtax.credit&_s=2&tfd=7344
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-91HGQ5JVGN&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://pre.premiumtax.credit/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 12:09:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://pre.premiumtax.credit
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.premiumtax.credit/	1970-01-20 18:35:17	Name: _gcl_au Value: 1.1.1631299052.1700741370
.premiumtax.credit/	1970-01-21 02:01:41	Name: _ga Value: GA1.1.1372506053.1700741371
.tiktok.com/	1970-01-21 01:47:17	Name: _ttp Value: 2YZmFQxfzXG2QNZyu3dFkQ5SrSe
www.clarity.ms/	1970-01-21 01:11:17	Name: CLID Value: 40ef6ee4fe444351bc74c56e0e48afe9.20231123.20241122
.premiumtax.credit/	1970-01-21 01:11:17	Name: _clck Value: gfri92%7C2%7Cfgy%7C0%7C1422
.premiumtax.credit/	1970-01-21 01:47:17	Name: _tt_enable_cookie Value: 1
.premiumtax.credit/	1970-01-21 01:47:17	Name: _ttp Value: tI26cHOivjm49_mM58N84wezC2P
pre.premiumtax.credit/	1970-01-21 01:51:36	Name: _pk_id.1.d1e9 Value: de5816d7c1d8d479.1700741372.
pre.premiumtax.credit/	1970-01-20 16:25:43	Name: _pk_ses.1.d1e9 Value: 1
.premiumtax.credit/	1970-01-20 18:35:17	Name: _fbp Value: fb.1.1700741372291.54984619
.bing.com/	1970-01-21 01:47:17	Name: MUID Value: 3CDFCD9D10A96FB4326FDE4F11176E70
.c.bing.com/	1970-01-20 16:35:46	Name: MR Value: 0
.c.bing.com/	1970-01-21 01:47:17	Name: SRM_B Value: 3CDFCD9D10A96FB4326FDE4F11176E70
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 01:47:17	Name: MUID Value: 3CDFCD9D10A96FB4326FDE4F11176E70
.c.clarity.ms/	1970-01-20 16:35:46	Name: MR Value: 0
.c.clarity.ms/	1970-01-20 16:25:41	Name: ANONCHK Value: 0
.premiumtax.credit/	1970-01-20 16:27:07	Name: _clsk Value: 6lf6x7%7C1700741374430%7C3%7C1%7Cu.clarity.ms%2Fcollect
.premiumtax.credit/	1970-01-21 02:01:41	Name: _ga_91HGQ5JVGN Value: GS1.1.1700741371.1.1.1700741374.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acabenefitsquiz.matomo.cloud
analytics.pangle-ads.com
analytics.tiktok.com
b-js.ringba.com
c.bing.com
c.clarity.ms
cdn.matomo.cloud
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
pre.api.adtopiaglobal.com
pre.app.leadfinery.com
pre.premiumtax.credit
u.clarity.ms
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
yousted.org
18.164.116.54
20.110.205.119
23.44.201.169
23.44.203.206
2600:9000:20e2:9800:1d:63f:4480:93a1
2600:9000:2140:ea00:0:29f7:580:93a1
2600:9000:24f0:2800:4:1957:6500:93a1
2600:9000:24f0:3a00:c:7d55:b3c0:93a1
2607:f8b0:4006:809::200a
2607:f8b0:4006:80e::2008
2607:f8b0:4006:821::200e
2607:f8b0:4006:822::2003
2620:1ec:bdf::40
2620:1ec:c11::200
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
3.126.133.169
35.176.14.210
4.227.249.197
0b3dd58b9a8b3dd9208803538eccdc04f1c17c8bb0d0cdf90e073e222d192736
0c52a47376a4fcdf018b85c4eeaa3b83f5ec5b9f7d96b00692d57f6370aace44
36486f6f8ea9c0ede9e0b7fa48630f2a837c376efa25adc78efac2a0a2068665
391d7af9603de79e9111b0311bd2f829847f04645e97b9e73ab9dfc54601f725
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
416ec89e499630fe1c181ed5c836a087adb1ee5cf8c55a0477e27977db5f8d94
45c0c80aafb59f31a31861796c57dadf395d05cf1ecba54c89442a92757394fc
48be5aec0c54cf97dfbf038417d75b575db3045f746bd0102dd000c6c89c3ee5
55dd98058597b9910e9650a64370dccf0368816a33ec4752cba9362a2d033a54
55f90fb7e932e7f63f2bc31797ac2d3256ba58411b6d91f6c461bbf3b8ae8571
5e1cb269b6c670938e02f09ce2db1f208dd0e94a90b4218be4bdf26874ef4462
5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55
62250a35703c2ceea5a584e9730fbf0ae21a27f085dde0e6b409dd41aea309a8
62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74
731b803d06dc23ada35c4e4fe12626b3af1ed2e352d484734ccda7a7d86c04f3
759ff2b8903790b0b81c5e0a38d04578a220017093d2b87a4a67ec0bbf9924e4
87dab8cbf6b5ef4ea752beed9750d16439e02febc7012fb7e2c0b444f5fe7507
88453f8896108095ab9b1f2b92e300441912168412fd3c6baa073e4513e650c6
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a0a5a5588bb3ea55370057ffdd50a8d2e724f9595c7ca6ff5c15584522b3a19a
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a4187091aba0cdd62e1663d65cd5eebd1b2d7ba176afc1ab12fc4e88b2f45a01
ae978fe87426523b945d668d20d23f7636ace830ee2a1887db9a050b91db3f63
b734021a55a815f65cfe992974a5d88dce75f628be7878713ba126a95a2e20ff
c1fc5a755f6bc302fc320a451fed755ed92980d36d0c2f360dad9f797f5cd7aa
d1ac81082ac697ec6ca969e4ee41e45f9f7ed28051535f9e1f2740979ac7b825
daf660ed34858a8ba4c2e8f775c097528dca9d9661442912743492840e614191
dbb906db716ab154c7bdca5a97523321b0c5b3c6b769d358aea904300abe98fd
e19e305bf71198adf361a4a03037aa81be7e3ad21e472c648729dfddf1e2eba6
e24c234317e606ee6035ec9c240b921619f7ebb1c5b98d894f9ea945efd854d3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4e16c137bfcf443839c20e1038b9ee2dec570f047ae3b1c8f9378e9176750dd
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f659da832c050732074ab891e82a702a60056e1317c51f9b645a773029b24c7d
facad354716fa122912ca5f1d94beb2ccea4e16ffe1e938ae58bdbfd193e096e

pre.premiumtax.credit Open in urlscan Pro 2600:9000:2140:ea00:0:29f7:580:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

69 Requests

99 %HTTPS

63 %IPv6

16 Domains

19 Subdomains

19 IPs

3 Countries

2136 kBTransfer

3612 kBSize

19 Cookies

1 Outgoing links

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pre.premiumtax.credit Open in urlscan Pro
2600:9000:2140:ea00:0:29f7:580:93a1 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

99 %
HTTPS

63 %
IPv6

16
Domains

19
Subdomains

19
IPs

3
Countries

2136 kB
Transfer

3612 kB
Size

19
Cookies

69 HTTP transactions
2 data transactions