bidenhomebuyertaxcredit.com Open in urlscan Pro
2606:4700:3034::6815:258d  Public Scan

Submitted URL: https://www.25000housingcredit.com/
Effective URL: https://bidenhomebuyertaxcredit.com/wp-signup.php?new=www.25000housingcredit.com
Submission: On April 21 via automatic, source certstream-suspicious

Summary

This website contacted 21 IPs in 2 countries across 17 domains to perform 28 HTTP transactions. The main IP is 2606:4700:3034::6815:258d, located in United States and belongs to CLOUDFLARENET, US. The main domain is bidenhomebuyertaxcredit.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 27th 2021. Valid for: a year.
This is the only time bidenhomebuyertaxcredit.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 35.203.160.159 15169 (GOOGLE)
1 2606:4700:303... 13335 (CLOUDFLAR...)
4 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 172.217.23.98 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
28 21
Domain Requested by
5 bidenhomebuyertaxcredit.com bidenhomebuyertaxcredit.com
2 www.facebook.com
2 connect.facebook.net js.hsadspixel.net
connect.facebook.net
2 www.google.de bidenhomebuyertaxcredit.com
2 www.google.com bidenhomebuyertaxcredit.com
2 googleads.g.doubleclick.net www.googleadservices.com
2 api.hubspot.com js.usemessages.com
2 www.googleadservices.com www.googletagmanager.com
2 www.googletagmanager.com bidenhomebuyertaxcredit.com
js.hsadspixel.net
1 api.hubapi.com js.hsadspixel.net
1 js.hsadspixel.net js.hs-scripts.com
1 js.usemessages.com js.hs-scripts.com
1 js.hs-banner.com js.hs-scripts.com
1 js.hs-analytics.net js.hs-scripts.com
1 fonts.gstatic.com bidenhomebuyertaxcredit.com
1 js.hs-scripts.com bidenhomebuyertaxcredit.com
1 www.25000housingcredit.com 1 redirects
28 17

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-02-27 -
2022-02-26
a year crt.sh
*.google-analytics.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
*.gstatic.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
www.googleadservices.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
hubspot.com
Cloudflare Inc ECC CA-3
2020-07-27 -
2021-07-27
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
www.google.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
www.google.de
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
hubapi.com
Cloudflare Inc ECC CA-3
2020-07-03 -
2021-07-03
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-04-06 -
2021-07-03
3 months crt.sh
*.googleadservices.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
*.google.com
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh
*.google.de
GTS CA 1O1
2021-03-23 -
2021-06-15
3 months crt.sh

This page contains 1 frames:

Primary Page: https://bidenhomebuyertaxcredit.com/wp-signup.php?new=www.25000housingcredit.com
Frame ID: 847EB1CE39189BB972155A80D8DEA32E
Requests: 27 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://www.25000housingcredit.com/ HTTP 302
    https://bidenhomebuyertaxcredit.com/wp-signup.php?new=www.25000housingcredit.com Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • script /\/wp-(?:content|includes)\//i

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • html /<!-- (?:End )?Google Tag Manager -->/i

Page Statistics

28
Requests

100 %
HTTPS

91 %
IPv6

17
Domains

17
Subdomains

21
IPs

2
Countries

416 kB
Transfer

1386 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.25000housingcredit.com/ HTTP 302
    https://bidenhomebuyertaxcredit.com/wp-signup.php?new=www.25000housingcredit.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request wp-signup.php
bidenhomebuyertaxcredit.com/
Redirect Chain
  • https://www.25000housingcredit.com/
  • https://bidenhomebuyertaxcredit.com/wp-signup.php?new=www.25000housingcredit.com
12 KB
4 KB
Document
General
Full URL
https://bidenhomebuyertaxcredit.com/wp-signup.php?new=www.25000housingcredit.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::6815:258d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / WP Engine
Resource Hash
84e2dd6e465bec8274522b241ad169923175baed568e47ced2cc9107df072015

Request headers

:method
GET
:authority
bidenhomebuyertaxcredit.com
:scheme
https
:path
/wp-signup.php?new=www.25000housingcredit.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 02:01:23 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d65a9135ad3b8c8d2d7000e322e57733f1618970483; expires=Fri, 21-May-21 02:01:23 GMT; path=/; domain=.bidenhomebuyertaxcredit.com; HttpOnly; SameSite=Lax
vary
Accept-Encoding Accept-Encoding
x-distributor
yes
wpo-cache-status
not cached
wpo-cache-message
The request extension is not suitable for caching, In the settings, caching is disabled for matches for one of the current request's GET parameters
expires
Wed, 11 Jan 1984 05:00:00 GMT
x-powered-by
WP Engine
x-cacheable
NO:Passed
cache-control
max-age=0, must-revalidate, private
x-cache
MISS
x-pass-why
wp-admin
cf-cache-status
DYNAMIC
cf-request-id
0993c232b000004e566c321000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2rWmskTqLMsUtdN9onHPW31Z5LTbVJk46zFV8z%2Fq6J2c2vgbsj9h3bPlsQWDN3ebBHGDZ%2FZ2iiCMePBFvti9Li9Aqaa8ZsQ4TVN3xKGqfzAhp7XTyHx9X46%2BMU8JR8WZCwo4Pi%2FbX2w%3D"}],"group":"cf-nel"}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
64330631182d4e56-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

server
nginx
date
Wed, 21 Apr 2021 02:01:23 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://bidenhomebuyertaxcredit.com/wp-signup.php?new=www.25000housingcredit.com
x-powered-by
WP Engine
x-cacheable
non200
cache-control
max-age=0, must-revalidate, private
x-cache
MISS
x-cache-group
normal
wpo-minify-header-76b237eb.min.css
bidenhomebuyertaxcredit.com/wp-content/cache/wpo-minify/1617899830/assets/
248 KB
35 KB
Stylesheet
General
Full URL
https://bidenhomebuyertaxcredit.com/wp-content/cache/wpo-minify/1617899830/assets/wpo-minify-header-76b237eb.min.css
Requested by
Host: bidenhomebuyertaxcredit.com
URL: https://bidenhomebuyertaxcredit.com/wp-signup.php?new=www.25000housingcredit.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d0f214d12ef81092bb568b524c63e6afe3484b3800c278b85b02bd29f3529e8

Request headers

:path
/wp-content/cache/wpo-minify/1617899830/assets/wpo-minify-header-76b237eb.min.css
pragma
no-cache
cookie
__cfduid=d65a9135ad3b8c8d2d7000e322e57733f1618970483
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
bidenhomebuyertaxcredit.com
referer
https://bidenhomebuyertaxcredit.com/wp-signup.php?new=www.25000housingcredit.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bidenhomebuyertaxcredit.com/wp-signup.php?new=www.25000housingcredit.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 02:01:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1339
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0993c2345a0000c2ef8aa1b000000001
last-modified
Thu, 08 Apr 2021 16:37:21 GMT
server
cloudflare
etag
W/"606f3141-3ded5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zCp6yIicvqHOmuGix%2FM1gyQMxqNv2tnCKc9KW5apB%2BPQ8m8uoBTMBCDkpRtk%2BIFDxyqdHGsFbH%2BuPiWqS2osWL2FwImrdU1S4XxrESUDr5hbFzFSrrE0%2FUypxrVvCz9PhTKU%2FsUYI7U%3D"}],"max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
64330633ce0ec2ef-FRA
wpo-minify-header-84e60a2d.min.js
bidenhomebuyertaxcredit.com/wp-content/cache/wpo-minify/1617899830/assets/
98 KB
33 KB
Script
General
Full URL
https://bidenhomebuyertaxcredit.com/wp-content/cache/wpo-minify/1617899830/assets/wpo-minify-header-84e60a2d.min.js
Requested by
Host: bidenhomebuyertaxcredit.com
URL: https://bidenhomebuyertaxcredit.com/wp-signup.php?new=www.25000housingcredit.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c62a731eb1fd603aab053a50dd4feb8075b40c21a9b19e4bc6c9b6f738132a7

Request headers

:path
/wp-content/cache/wpo-minify/1617899830/assets/wpo-minify-header-84e60a2d.min.js
pragma
no-cache
cookie
__cfduid=d65a9135ad3b8c8d2d7000e322e57733f1618970483
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bidenhomebuyertaxcredit.com
referer
https://bidenhomebuyertaxcredit.com/wp-signup.php?new=www.25000housingcredit.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bidenhomebuyertaxcredit.com/wp-signup.php?new=www.25000housingcredit.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 02:01:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1339
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0993c2345b0000c2efdc9b8000000001
last-modified
Thu, 08 Apr 2021 16:37:21 GMT
server
cloudflare
etag
W/"606f3141-18971"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=W%2Fbh4OoKCJ6991jVbSJRjuE2yX6O6mt9DltbDEQnYXsbaVjt%2BVKAJskn5jkXyVgOZ5elDtiiJw7riMeA4DR%2BF1joPgmlFtUkZJ4yCrMX2UR6OgVT%2BYP4o0jUvNrSqVCLbjMI%2FdglNBs%3D"}],"max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
64330633ce0bc2ef-FRA
logo.png
bidenhomebuyertaxcredit.com/wp-content/themes/homebuyer/images/
7 KB
8 KB
Image
General
Full URL
https://bidenhomebuyertaxcredit.com/wp-content/themes/homebuyer/images/logo.png
Requested by
Host: bidenhomebuyertaxcredit.com
URL: https://bidenhomebuyertaxcredit.com/wp-signup.php?new=www.25000housingcredit.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
279b7a2ab63b28f8ead2c6ad786a8dfa1fb0b871019ab36dda8f31dfaa88998a

Request headers

:path
/wp-content/themes/homebuyer/images/logo.png
pragma
no-cache
cookie
__cfduid=d65a9135ad3b8c8d2d7000e322e57733f1618970483
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
bidenhomebuyertaxcredit.com
referer
https://bidenhomebuyertaxcredit.com/wp-signup.php?new=www.25000housingcredit.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bidenhomebuyertaxcredit.com/wp-signup.php?new=www.25000housingcredit.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 02:01:23 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
93907
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7296
cf-request-id
0993c2347e0000c2effba83000000001
last-modified
Wed, 17 Mar 2021 14:39:26 GMT
server
cloudflare
etag
"6052149e-1c80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y5sZZCCAFZHyFdp82Wq%2F5oKd4ZjR9KrSXXPXipTFqc0uGhR7JCTaogCcFklLiSysSAD82NrCT9eCi41ZAicSTe7Px5feIHTnx7Ispw6pTEqWlIxzZKDpMKBZ%2FRPZjVinej4rlV6XIxU%3D"}],"max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
64330633fe32c2ef-FRA
7604195.js
js.hs-scripts.com/
2 KB
771 B
Script
General
Full URL
https://js.hs-scripts.com/7604195.js?integration=WordPress
Requested by
Host: bidenhomebuyertaxcredit.com
URL: https://bidenhomebuyertaxcredit.com/wp-signup.php?new=www.25000housingcredit.com
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf171bd7111b4544011df346f16e273c797e0f22870648f1b54bb3b8e4d68b6c

Request headers

Referer
https://bidenhomebuyertaxcredit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 02:01:23 GMT
content-encoding
br
cf-cache-status
EXPIRED
server
cloudflare
x-trace
2BCE454A5A5C0615360F9E1F77217EFFFB7920E211000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
https://bidenhomebuyertaxcredit.com
access-control-max-age
3600
cache-control
public, max-age=60
access-control-allow-credentials
true
cf-ray
643306341efa4dca-FRA
cf-request-id
0993c2348e00004dca692dd000000001
expires
Wed, 21 Apr 2021 02:02:23 GMT
wpo-minify-footer-b5fe1733.min.js
bidenhomebuyertaxcredit.com/wp-content/cache/wpo-minify/1617899830/assets/
160 KB
34 KB
Script
General
Full URL
https://bidenhomebuyertaxcredit.com/wp-content/cache/wpo-minify/1617899830/assets/wpo-minify-footer-b5fe1733.min.js
Requested by
Host: bidenhomebuyertaxcredit.com
URL: https://bidenhomebuyertaxcredit.com/wp-signup.php?new=www.25000housingcredit.com
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::ac43:d129 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffc497c3dc40884e926c7d62b354994157e112300de2f1f4932b4417732411e5

Request headers

:path
/wp-content/cache/wpo-minify/1617899830/assets/wpo-minify-footer-b5fe1733.min.js
pragma
no-cache
cookie
__cfduid=d65a9135ad3b8c8d2d7000e322e57733f1618970483
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
bidenhomebuyertaxcredit.com
referer
https://bidenhomebuyertaxcredit.com/wp-signup.php?new=www.25000housingcredit.com
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://bidenhomebuyertaxcredit.com/wp-signup.php?new=www.25000housingcredit.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 02:01:23 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
1339
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0993c2347d0000c2eff09b9000000001
last-modified
Thu, 08 Apr 2021 16:37:21 GMT
server
cloudflare
etag
W/"606f3141-27e04"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding Accept-Encoding
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wuT84LhFRSqw%2FwC0r0Tsuroa0GRxs7UV%2FbssK5hRkMoukWOXTWSX86ff2Sg4Xcd%2FiS1Xd5B7nQyi8xZZU4GbMdZ56UwdzzMBWhqphK5on9i6ctGONxHPE5uRyJAOvHu26wlq2qyfhDc%3D"}],"max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
64330633fe31c2ef-FRA
gtm.js
www.googletagmanager.com/
96 KB
36 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KCTGB6Z
Requested by
Host: bidenhomebuyertaxcredit.com
URL: https://bidenhomebuyertaxcredit.com/wp-signup.php?new=www.25000housingcredit.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
14aa33389b6e69c041aac24d4c5280a70f6b1231f014728737042f118f1af22e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://bidenhomebuyertaxcredit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 02:01:23 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36498
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 21 Apr 2021 02:01:23 GMT
iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-WYi1Uw.woff
fonts.gstatic.com/s/rubik/v12/
50 KB
50 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rubik/v12/iJWZBXyIfDnIV5PNhY1KTN7Z-Yh-WYi1Uw.woff
Requested by
Host: bidenhomebuyertaxcredit.com
URL: https://bidenhomebuyertaxcredit.com/wp-content/cache/wpo-minify/1617899830/assets/wpo-minify-header-76b237eb.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
000d68b50c35f9820e99e1bc991e80a070133413060d6af0011bf9c7df3fd76c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://bidenhomebuyertaxcredit.com
Referer
https://bidenhomebuyertaxcredit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Apr 2021 10:04:34 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 21:16:12 GMT
server
sffe
age
230209
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51268
x-xss-protection
0
expires
Mon, 18 Apr 2022 10:04:34 GMT
conversion_async.js
www.googleadservices.com/pagead/
35 KB
14 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KCTGB6Z
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
1a8bc2ff14c32714cbf0dae8a0d4913eda0305acbe7019242cac29ba1e25dfa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bidenhomebuyertaxcredit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 02:01:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13836
x-xss-protection
0
server
cafe
etag
11500755331297449547
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 21 Apr 2021 02:01:23 GMT
7604195.js
js.hs-analytics.net/analytics/1618970400000/
61 KB
18 KB
Script
General
Full URL
https://js.hs-analytics.net/analytics/1618970400000/7604195.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7604195.js?integration=WordPress
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ce832c0ec78471f5945c12b9ddf8534f60d0d5a3d43f1ed108a09bcc24ef58b

Request headers

Referer
https://bidenhomebuyertaxcredit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 02:01:24 GMT
content-encoding
br
cf-cache-status
HIT
age
64
x-amz-server-side-encryption
AES256
x-amz-request-id
90BRTVDFN55GX10Q
x-amz-id-2
ndiR7G+dCs04XaaYavxYOsm9hBjLo+OCTqzrEjvlE4CQ0uNFJS/j7/cNdggENTF3GdgBGhFnPWw=
last-modified
Wed, 10 Mar 2021 19:41:10 GMT
server
cloudflare
etag
W/"44a668c7782385d57a1f5d6eb127b0d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=300, public
access-control-allow-credentials
false
x-amz-version-id
null
cf-request-id
0993c2350800006455f2315000000001
cf-ray
64330634d9596455-FRA
expires
Wed, 21 Apr 2021 02:05:20 GMT
7604195.js
js.hs-banner.com/
60 KB
14 KB
Script
General
Full URL
https://js.hs-banner.com/7604195.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7604195.js?integration=WordPress
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e74e9bb02cd2091d66b675370400d4844280b070e6cc29a99ba0c907c1142d6

Request headers

Referer
https://bidenhomebuyertaxcredit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 02:01:24 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-amz-request-id
RW6T12M8NS9HKM93
x-amz-server-side-encryption
AES256
content-type
text/javascript; charset=UTF-8
access-control-max-age
604800
x-amz-id-2
66a5lY0DkUY8jiwbdOEljQFG+lNDwAacR1xoMa8nHeorQV/XznZaTkU/DNjFTriYdu5jGpQS65s=
timing-allow-origin
*
last-modified
Thu, 18 Mar 2021 23:26:43 GMT
server
cloudflare
etag
W/"9e63c35d86c70c0afce3fd51a9668df1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id
pCOiz1V6YpBSgGs63M45yKT2Yy.6LaTL
access-control-allow-origin
https://homebuyer.com
access-control-expose-headers
x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control
max-age=300, public
access-control-allow-credentials
true
cf-request-id
0993c2350800003233ce9da000000001
cf-ray
64330634dd953233-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires
Wed, 21 Apr 2021 02:06:24 GMT
conversations-embed.js
js.usemessages.com/
81 KB
19 KB
Script
General
Full URL
https://js.usemessages.com/conversations-embed.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7604195.js?integration=WordPress
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:eccc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66b859e44bf544ebacbbacdba9c631e59d37c2e9b33dc74049f14f89f85d8e27

Request headers

Referer
https://bidenhomebuyertaxcredit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 02:01:23 GMT
via
1.1 077b94dab77b8114aebf503be197d7d9.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
261
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.8635/bundles/project.js&cfRay=6432ffd0d9854e5b-EWR
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
0993c2350800002c527c89b000000001
last-modified
Fri, 16 Apr 2021 05:26:21 UTC
server
cloudflare
etag
W/"905f92bd025c060eee923c1f88846556"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
JH5QhT1RS0fjrACZdbAv6dA3Gd9Xn.G3
cache-control
max-age=600
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-C3
cf-ray
64330634dbec2c52-FRA
x-amz-cf-id
pqXyfU2dVICfChDjks5gGi1V20sgXOLk5Isa1_bvIzgEmZwZ6gkwog==
fb.js
js.hsadspixel.net/
5 KB
2 KB
Script
General
Full URL
https://js.hsadspixel.net/fb.js
Requested by
Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/7604195.js?integration=WordPress
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6811:71b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55033067922e578a3596f435a6d034c98149e115be96b30e8687111f2f9faf8f

Request headers

Referer
https://bidenhomebuyertaxcredit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 02:01:23 GMT
via
1.1 c889e9448c63bb4bf9dd41fcb2250e09.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
105
x-amz-server-side-encryption
AES256
content-security-policy-report-only
frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=adsscriptloaderstatic/static-1.234/bundles/pixels-release.js&cfRay=643303a079d54a68-EWR
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-replication-status
COMPLETED
content-encoding
br
cf-request-id
0993c2350800003260a5b98000000001
last-modified
Tue, 20 Apr 2021 03:04:27 UTC
server
cloudflare
etag
W/"3fab7bdc08bb0f5cc00ffcfceb1bc85d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
dCYp57xNEAiwDhGzW5hxYrSWtjx3TTjo
cache-control
max-age=600
x-hs-cache-status
HIT
x-amz-cf-pop
IAD89-C3
cf-ray
64330634dc4c3260-FRA
x-amz-cf-id
2I00smBB3_tykJsCKY4H8coSITm7642xnoLcmomD-JTHYL8ckvB6RQ==
public
api.hubspot.com/livechat-public/v1/message/
0
0
Preflight
General
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=7604195&conversations-embed=static-1.8635&mobile=false&messagesUtk=5ad1f103a0cb4f78b6ea626ae3d7acfb&traceId=5ad1f103a0cb4f78b6ea626ae3d7acfb
Protocol
H2
Server
2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
x-hubspot-messages-uri
Origin
https://bidenhomebuyertaxcredit.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Wed, 21 Apr 2021 02:01:24 GMT
content-type
text/plain; charset=utf-8
content-length
18
cf-ray
643306352c8a4eb6-FRA
access-control-allow-origin
https://bidenhomebuyertaxcredit.com
allow
HEAD,GET,OPTIONS
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
cf-cache-status
DYNAMIC
access-control-allow-credentials
false
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
cf-request-id
0993c2353500004eb6f239c000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-hubspot-correlation-id
ccf8d5bc-6e39-4333-bfc6-664093651f64
x-trace
2BEAFD14090022EDC21110F6373309353CDFA1447D000000000000000000
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CDCIY69yD4Us0oJ%2FKcgmbUj1Ll1LQBYGFahQFgbTOqxF50VJ27QPxH7g%2BJy9WsIMKsryG9LPiUh14jLubIz%2FaNbiIYQEijo1nLDoqSlGwopE3wI49vN%2F%2BxrG40Y%3D"}]}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
public
api.hubspot.com/livechat-public/v1/message/
314 B
1 KB
XHR
General
Full URL
https://api.hubspot.com/livechat-public/v1/message/public?portalId=7604195&conversations-embed=static-1.8635&mobile=false&messagesUtk=5ad1f103a0cb4f78b6ea626ae3d7acfb&traceId=5ad1f103a0cb4f78b6ea626ae3d7acfb
Requested by
Host: js.usemessages.com
URL: https://js.usemessages.com/conversations-embed.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
012f5b9ea282a9a40c3aa922f379b1030841753bcbebdf4d3cbdb083ee3de32d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

X-HubSpot-Messages-Uri
https://bidenhomebuyertaxcredit.com/wp-signup.php?new=www.25000housingcredit.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://bidenhomebuyertaxcredit.com/

Response headers

date
Wed, 21 Apr 2021 02:01:24 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"max_age":604800,"report_to":"cf-nel"}
x-hubspot-correlation-id
ea2ae571-fb57-4b10-8073-0a222d42bedd
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
243
cf-request-id
0993c235b8000005bff8b05000000001
server
cloudflare
x-trace
2B2628E9DD40B667666844D4FE74DB0539DBF65A61000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=riik0D2IpB7c8ZfC%2BAq4cx5z%2Bo0B6Y5oAE7OTtEwfCkTrUUgmnKbGWF7A2IOltJJnCHBKIR03%2FxJ56uAP1tzF59sR2%2Fwy3DpJKmZl5IbN%2FFt%2F2djJ26qkCnGIm4%3D"}],"max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://bidenhomebuyertaxcredit.com
cache-control
no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials
false
cf-ray
64330635fff305bf-FRA
access-control-allow-headers
Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/475235330/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/475235330/?random=1618970484024&cv=9&fst=1618970484024&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg472&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fbidenhomebuyertaxcredit.com%2Fwp-signup.php%3Fnew%3Dwww.25000housingcredit.com&tiba=Biden%20Homebuyer%20Tax%20Credit&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c2a77361ae80ca1951cead4814c61f1a2758494b1dfa8556a1968d0371a5ece8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bidenhomebuyertaxcredit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 02:01:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1044
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/475235330/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/475235330/?random=1618970484024&cv=9&fst=1618970400000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg472&sendb=1&frm=0&url=https%3A%2F%2Fbidenhomebuyertaxcredit.com%2Fwp-signup.php%3Fnew%3Dwww.25000housingcredit.com&tiba=Biden%20Homebuyer%20Tax%20Credit&async=1&fmt=3&is_vtc=1&random=322527224&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: bidenhomebuyertaxcredit.com
URL: https://bidenhomebuyertaxcredit.com/wp-signup.php?new=www.25000housingcredit.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bidenhomebuyertaxcredit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 02:01:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/475235330/
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/475235330/?random=1618970484024&cv=9&fst=1618970400000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg472&sendb=1&frm=0&url=https%3A%2F%2Fbidenhomebuyertaxcredit.com%2Fwp-signup.php%3Fnew%3Dwww.25000housingcredit.com&tiba=Biden%20Homebuyer%20Tax%20Credit&async=1&fmt=3&is_vtc=1&random=322527224&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: bidenhomebuyertaxcredit.com
URL: https://bidenhomebuyertaxcredit.com/wp-signup.php?new=www.25000housingcredit.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bidenhomebuyertaxcredit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 02:01:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
api.hubapi.com/hs-script-loader-public/v1/config/pixel/
139 B
611 B
XHR
General
Full URL
https://api.hubapi.com/hs-script-loader-public/v1/config/pixel/json?portalId=7604195
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:cacc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb1503e38cbacef4bb2693805a627a82a35ffdf5993acae63c8fb1e6347ce0f3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://bidenhomebuyertaxcredit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 02:01:24 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id
3eb6eb22-ca11-4431-9d78-4c1c9a6e6161
access-control-allow-methods
GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
0993c236da000005b38786f000000001
server
cloudflare
x-trace
2B7179B8CD4365C4AB0BF778F773814A8B04CCA40D000000000000000000
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
180
report-to
{"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tnWODGrYElOZ73UAapaoNbWkzTnGP7WMvB%2B1oDpjL0zKylC%2Bj7CePhgTSiE385j3S6Alp%2FyJn8AsQBzmiFPmBjhe2mQnUp8poZehXFuD0IiMxTAMRCdMFt92Rg%3D%3D"}],"max_age":604800}
content-type
application/json;charset=utf-8
access-control-allow-origin
https://bidenhomebuyertaxcredit.com
access-control-allow-credentials
false
cf-ray
64330637cc1405b3-FRA
access-control-allow-headers
*
js
www.googletagmanager.com/gtag/
84 KB
33 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-475235330
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
375e6b39f98ee50b4ced39b19c34d5cdb3d535762c4ce8f7cd18ae40f21bad16
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://bidenhomebuyertaxcredit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 02:01:24 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34047
x-xss-protection
0
last-modified
Wed, 21 Apr 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 21 Apr 2021 02:01:24 GMT
fbevents.js
connect.facebook.net/en_US/
92 KB
24 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f013:d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
98e6165f4ca935ed2cd034d3f71ed277bfa1b20b684fb180a7935d2c4b853bf4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://bidenhomebuyertaxcredit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
23963
x-fb-rlafr
0
pragma
public
x-fb-debug
ixrKlH6COUbvV3vWqw6ln3ef+4YwQTOEV7I7djvXxxXDHIt25u3eZKkONrj/FWt5R41ApbbTcztc1rnMNbA6ag==
x-fb-trip-id
1679558926
x-frame-options
DENY
date
Wed, 21 Apr 2021 02:01:24 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/
35 KB
14 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-475235330
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f2.1e100.net
Software
cafe /
Resource Hash
1a8bc2ff14c32714cbf0dae8a0d4913eda0305acbe7019242cac29ba1e25dfa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bidenhomebuyertaxcredit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 02:01:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13836
x-xss-protection
0
server
cafe
etag
11500755331297449547
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 21 Apr 2021 02:01:24 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/475235330/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/475235330/?random=1618970484656&cv=9&fst=1618970484656&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbidenhomebuyertaxcredit.com%2Fwp-signup.php%3Fnew%3Dwww.25000housingcredit.com&tiba=Biden%20Homebuyer%20Tax%20Credit&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c608771479883c67e985f82d30930410c0470f7e6ee260576ad87ec32c1a1160
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bidenhomebuyertaxcredit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 02:01:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1071
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/475235330/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/475235330/?random=1618970484656&cv=9&fst=1618970400000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbidenhomebuyertaxcredit.com%2Fwp-signup.php%3Fnew%3Dwww.25000housingcredit.com&tiba=Biden%20Homebuyer%20Tax%20Credit&async=1&fmt=3&is_vtc=1&random=708246488&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bidenhomebuyertaxcredit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 02:01:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/475235330/
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/475235330/?random=1618970484656&cv=9&fst=1618970400000&num=1&bg=ffffff&guid=ON&eid=2505059650&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbidenhomebuyertaxcredit.com%2Fwp-signup.php%3Fnew%3Dwww.25000housingcredit.com&tiba=Biden%20Homebuyer%20Tax%20Credit&async=1&fmt=3&is_vtc=1&random=708246488&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bidenhomebuyertaxcredit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 21 Apr 2021 02:01:24 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
717511265089849
connect.facebook.net/signals/config/
254 KB
72 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/717511265089849?v=2.9.39&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f013:d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
52f9488345c5da4c4eba00afe1abadb049a29851a987bf7f82774a257f85e537
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://bidenhomebuyertaxcredit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
74100
x-fb-rlafr
0
pragma
public
x-fb-debug
bUd+FK71Q5DXkkIymiFVceXtcDmy7RY0/iRKxIHfKPDpfNYV9YxK0doqZiz5yaNOkzaCYLdvb0QkBDUApnoUgg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
date
Wed, 21 Apr 2021 02:01:24 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
297 B
Image
General
Full URL
https://www.facebook.com/tr/?id=717511265089849&ev=PageView&dl=https%3A%2F%2Fbidenhomebuyertaxcredit.com%2Fwp-signup.php%3Fnew%3Dwww.25000housingcredit.com&rl=&if=false&ts=1618970484820&sw=1600&sh=1200&v=2.9.39&r=stable&a=tmhubspot&ec=0&o=30&fbp=fb.1.1618970484818.923188512&it=1618970484705&coo=false&dpo=LDU&dpoco=0&dpost=0&exp=s1&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f113:81:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bidenhomebuyertaxcredit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 02:01:24 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 21 Apr 2021 02:01:24 GMT
/
www.facebook.com/tr/
44 B
88 B
Image
General
Full URL
https://www.facebook.com/tr/?id=717511265089849&ev=Microdata&dl=https%3A%2F%2Fbidenhomebuyertaxcredit.com%2Fwp-signup.php%3Fnew%3Dwww.25000housingcredit.com&rl=&if=false&ts=1618970486323&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Biden%20Homebuyer%20Tax%20Credit%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&a=tmhubspot&ec=1&o=30&fbp=fb.1.1618970484818.923188512&it=1618970484705&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&exp=s1&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f113:81:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bidenhomebuyertaxcredit.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 02:01:26 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Wed, 21 Apr 2021 02:01:26 GMT

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| dataLayer undefined| $ function| jQuery object| _hsq object| hbspt function| WPO_Intersection_Observer object| WPO_LazyLoad object| leadin_wordpress number| uidEvent object| bootstrap object| wp object| google_tag_manager object| google_tag_data object| _hsp boolean| PIXELS_RAN boolean| hubspot_live_messages_running object| HubSpotConversations function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| _paq function| sanitizeKey boolean| _hstc_loaded boolean| _hspb_loaded boolean| _hstc_ran string| __hsUserToken boolean| _hspb_ran function| fbq function| _fbq

6 Cookies

Domain/Path Name / Value
bidenhomebuyertaxcredit.com/ Name: hubspotutk
Value: 7c72fe096839b4cf46c23d3cdc9ab50b
bidenhomebuyertaxcredit.com/ Name: __hstc
Value: 171437887.7c72fe096839b4cf46c23d3cdc9ab50b.1618970484436.1618970484436.1618970484436.1
bidenhomebuyertaxcredit.com/ Name: __hssrc
Value: 1
.bidenhomebuyertaxcredit.com/ Name: _gcl_au
Value: 1.1.608672093.1618970484
bidenhomebuyertaxcredit.com/ Name: __hssc
Value: 171437887.1.1618970484436
.bidenhomebuyertaxcredit.com/ Name: __cfduid
Value: d65a9135ad3b8c8d2d7000e322e57733f1618970483

1 Console Messages

Source Level URL
Text
console-api log URL: https://bidenhomebuyertaxcredit.com/wp-content/cache/wpo-minify/1617899830/assets/wpo-minify-header-84e60a2d.min.js(Line 5)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.hubapi.com
api.hubspot.com
bidenhomebuyertaxcredit.com
connect.facebook.net
fonts.gstatic.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
js.usemessages.com
www.25000housingcredit.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
172.217.23.98
2606:4700:3034::6815:258d
2606:4700:3035::ac43:d129
2606:4700::6811:44b0
2606:4700::6811:71b0
2606:4700::6811:cacc
2606:4700::6811:d6cc
2606:4700::6811:eccc
2606:4700::6812:14bf
2606:4700::6813:9a53
2606:4700::6813:9b53
2a00:1450:4001:800::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2004
2a03:2880:f013:d:face:b00c:0:3
2a03:2880:f113:81:face:b00c:0:25de
35.203.160.159
000d68b50c35f9820e99e1bc991e80a070133413060d6af0011bf9c7df3fd76c
012f5b9ea282a9a40c3aa922f379b1030841753bcbebdf4d3cbdb083ee3de32d
0ce832c0ec78471f5945c12b9ddf8534f60d0d5a3d43f1ed108a09bcc24ef58b
0d0f214d12ef81092bb568b524c63e6afe3484b3800c278b85b02bd29f3529e8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14aa33389b6e69c041aac24d4c5280a70f6b1231f014728737042f118f1af22e
1a8bc2ff14c32714cbf0dae8a0d4913eda0305acbe7019242cac29ba1e25dfa5
279b7a2ab63b28f8ead2c6ad786a8dfa1fb0b871019ab36dda8f31dfaa88998a
375e6b39f98ee50b4ced39b19c34d5cdb3d535762c4ce8f7cd18ae40f21bad16
4e74e9bb02cd2091d66b675370400d4844280b070e6cc29a99ba0c907c1142d6
52f9488345c5da4c4eba00afe1abadb049a29851a987bf7f82774a257f85e537
55033067922e578a3596f435a6d034c98149e115be96b30e8687111f2f9faf8f
66b859e44bf544ebacbbacdba9c631e59d37c2e9b33dc74049f14f89f85d8e27
7c62a731eb1fd603aab053a50dd4feb8075b40c21a9b19e4bc6c9b6f738132a7
84e2dd6e465bec8274522b241ad169923175baed568e47ced2cc9107df072015
98e6165f4ca935ed2cd034d3f71ed277bfa1b20b684fb180a7935d2c4b853bf4
c2a77361ae80ca1951cead4814c61f1a2758494b1dfa8556a1968d0371a5ece8
c608771479883c67e985f82d30930410c0470f7e6ee260576ad87ec32c1a1160
cb1503e38cbacef4bb2693805a627a82a35ffdf5993acae63c8fb1e6347ce0f3
cf171bd7111b4544011df346f16e273c797e0f22870648f1b54bb3b8e4d68b6c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ffc497c3dc40884e926c7d62b354994157e112300de2f1f4932b4417732411e5