urlscan.io logo urlscan.io
SecurityTrails logo

act-now.workmoney.org Open in urlscan Pro
2606:4700:10::ac43:1e28  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://wkm.fm/EX22Y
Effective URL: https://act-now.workmoney.org/wm-child-tax-credit-calculator/?hashid=bd6ed5899a72278dfa186fd21469535b
Submission: On July 08 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 3 countries across 18 domains to perform 34 HTTP transactions. The main IP is 2606:4700:10::ac43:1e28, located in United States and belongs to CLOUDFLARENET, US. The main domain is act-now.workmoney.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 6th 2021. Valid for: a year.
This is the only time act-now.workmoney.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 13.225.87.4 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 13.224.193.44 16509 (AMAZON-02)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
2 2600:9000:21f... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 13.225.84.223 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.22.247.80 14618 (AMAZON-AES)
1 167.99.135.134 14061 (DIGITALOC...)
3 2a03:2880:f02... 32934 (FACEBOOK)
2 13.225.87.76 16509 (AMAZON-02)
1 151.101.13.44 54113 (FASTLY)
1 2.18.234.190 16625 (AKAMAI-AS)
1 13.225.87.90 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 70.42.32.31 22075 (AS-OUTBRAIN)
1 13.224.193.31 16509 (AMAZON-02)
2 35.186.226.184 15169 (GOOGLE)
1 13.224.193.12 16509 (AMAZON-02)
2 2a03:2880:f12... 32934 (FACEBOOK)
34 23
2    13.225.87.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-4.fra2.r.cloudfront.net
wkm.fm
1    2606:4700:10::ac43:1e28 (United States)

ASN13335 (CLOUDFLARENET, US)
act-now.workmoney.org
2    13.224.193.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-44.fra2.r.cloudfront.net
builder-assets.unbounce.com
1    2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
2    2600:9000:21f3:600:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)
d34qb8suadcc4g.cloudfront.net
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    13.225.84.223 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-223.fra2.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    23.22.247.80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-247-80.compute-1.amazonaws.com
events.ub-analytics.com
1    167.99.135.134 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)
geoip-db.com
3    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    13.225.87.76 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-76.fra2.r.cloudfront.net
static.hotjar.com
1    151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.taboola.com
1    2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
amplify.outbrain.com
1    13.225.87.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-90.fra2.r.cloudfront.net
sc-static.net
3    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
tr.outbrain.com
1    13.224.193.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-31.fra2.r.cloudfront.net
script.hotjar.com
2    35.186.226.184 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com
tr.snapchat.com
1    13.224.193.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-12.fra2.r.cloudfront.net
vars.hotjar.com
2    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Domain Requested by
4 fonts.gstatic.com fonts.googleapis.com
3 connect.facebook.net act-now.workmoney.org
connect.facebook.net
2 www.facebook.com act-now.workmoney.org
2 tr.snapchat.com act-now.workmoney.org
2 tr.outbrain.com amplify.outbrain.com
act-now.workmoney.org
2 static.hotjar.com act-now.workmoney.org
www.googletagmanager.com
2 d9hhrg4mnvzow.cloudfront.net act-now.workmoney.org
2 d34qb8suadcc4g.cloudfront.net act-now.workmoney.org
d34qb8suadcc4g.cloudfront.net
2 builder-assets.unbounce.com act-now.workmoney.org
2 wkm.fm 2 redirects
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 www.google-analytics.com www.googletagmanager.com
1 sc-static.net www.googletagmanager.com
1 amplify.outbrain.com www.googletagmanager.com
1 cdn.taboola.com www.googletagmanager.com
1 geoip-db.com act-now.workmoney.org
1 events.ub-analytics.com act-now.workmoney.org
1 fonts.googleapis.com builder-assets.unbounce.com
1 www.googletagmanager.com act-now.workmoney.org
1 code.jquery.com act-now.workmoney.org
1 act-now.workmoney.org
34 22

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-06 -
2022-07-05		 a year crt.sh
*.unbounce.com
Amazon		 2021-03-10 -
2022-04-08		 a year crt.sh
jquery.org
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-10-16		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.ub-analytics.com
Amazon		 2021-05-10 -
2022-06-08		 a year crt.sh
geoip-db.com
R3		 2021-05-27 -
2021-08-25		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
sc-static.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-11 -
2022-02-15		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
tr.snapchat.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-19 -
2022-01-23		 a year crt.sh

This page contains 3 frames:

Primary Page: https://act-now.workmoney.org/wm-child-tax-credit-calculator/?hashid=bd6ed5899a72278dfa186fd21469535b
Frame ID: 199B086E3001B1DD0A362A93495C3091
Requests: 34 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=c52aa0e9-af35-416c-b776-64389a178d7d
Frame ID: 37A20B75AA5EC5175197C24D5A229CB1
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: 4A0877670BC08819F3BBB8EB6945BCF0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://wkm.fm/EX22Y HTTP 301
    https://wkm.fm/EX22Y HTTP 301
    https://act-now.workmoney.org/wm-child-tax-credit-calculator/?hashid=bd6ed5899a72278dfa186fd21469535b Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

34
Requests

97 %
HTTPS

43 %
IPv6

18
Domains

22
Subdomains

23
IPs

3
Countries

895 kB
Transfer

1887 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://wkm.fm/EX22Y HTTP 301
    https://wkm.fm/EX22Y HTTP 301
    https://act-now.workmoney.org/wm-child-tax-credit-calculator/?hashid=bd6ed5899a72278dfa186fd21469535b Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
act-now.workmoney.org/wm-child-tax-credit-calculator/
Redirect Chain
  • http://wkm.fm/EX22Y
  • https://wkm.fm/EX22Y
  • https://act-now.workmoney.org/wm-child-tax-credit-calculator/?hashid=bd6ed5899a72278dfa186fd21469535b
69 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://act-now.workmoney.org/wm-child-tax-credit-calculator/?hashid=bd6ed5899a72278dfa186fd21469535b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1e28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b875e85ee6634c19d97eb8bde1a2d5109eaf2be356ee0227608f66122fb84ce6

Request headers

:method
GET
:authority
act-now.workmoney.org
:scheme
https
:path
/wm-child-tax-credit-calculator/?hashid=bd6ed5899a72278dfa186fd21469535b
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 19:19:28 GMT
content-type
text/html; charset=UTF-8
p3p
CP="This is not a privacy policy."
x-unbounce-pageid
f64ed3ff-275c-4fc7-a320-1a1e45a83e58
last-modified
Fri, 02 Jul 2021 14:59:33 GMT
x-unbounce-visitorid
65798c5c-36c9-4df2-8ae1-5420a7155541
x-unbounce-variant
a
content-location
https://act-now.workmoney.org/wm-child-tax-credit-calculator/
link
<https://act-now.workmoney.org/wm-child-tax-credit-calculator/>; rel="canonical"
set-cookie
ubpv=a%2Cf64ed3ff-275c-4fc7-a320-1a1e45a83e58; Max-Age=15897600; Expires=Sat, 08 Jan 2022 19:19:28 GMT; Path=/wm-child-tax-credit-calculator/; SameSite=Lax ubvs=65798c5c-36c9-4df2-8ae1-5420a7155541; Max-Age=15552000; Expires=Tue, 04 Jan 2022 19:19:28 GMT; Path=/; SameSite=Lax ubvt=65798c5c-36c9-4df2-8ae1-5420a7155541; Max-Age=259200; Expires=Sun, 11 Jul 2021 19:19:28 GMT; Path=/; Domain=workmoney.org; SameSite=Lax
x-proxy-backend
page-server
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
66bbaa135ebb1766-FRA
content-encoding
gzip

Redirect headers

content-type
application/json
content-length
0
location
https://act-now.workmoney.org/wm-child-tax-credit-calculator/?hashid=bd6ed5899a72278dfa186fd21469535b
date
Thu, 08 Jul 2021 19:19:28 GMT
x-amzn-requestid
57a295c4-5afc-4c69-8e6e-f2f3e1fad63c
x-amz-apigw-id
CKlmFESVIAMFVZw=
x-amzn-trace-id
Root=1-60e74fc0-110a1aa563bb55d141c1ac09;Sampled=0
x-cache
Miss from cloudfront
via
1.1 6fa33d47af6f4da7007689083cfe9b9c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
ZZR8pen0rvJJvLiKdm8eoekxwYgUQdYcT4yxxaP-99x_U9bcsvcWxQ==
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: act-now.workmoney.org
URL: https://act-now.workmoney.org/wm-child-tax-credit-calculator/?hashid=bd6ed5899a72278dfa186fd21469535b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-44.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

Referer
https://act-now.workmoney.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 05 Feb 2021 01:12:18 GMT
content-encoding
gzip
last-modified
Thu, 14 Jan 2021 00:04:15 GMT
server
AmazonS3
age
13284431
etag
"387bd017c5b4c65e427e652174ec93b6"
x-cache
Hit from cloudfront
x-amz-version-id
g0dWGVKuz6Te2m6gM.NTNKySvNlc4fV3
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
text/css
content-length
2902
x-amz-cf-id
5FDGIClkKNCYjuppBy9tX-hdz6hSAkCpcpnxTcCBlg3wJ4gWyw_Ztg==
jquery-1.12.4.min.js
code.jquery.com/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.12.4.min.js
Requested by
Host: act-now.workmoney.org
URL: https://act-now.workmoney.org/wm-child-tax-credit-calculator/?hashid=bd6ed5899a72278dfa186fd21469535b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

Referer
https://act-now.workmoney.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 19:19:28 GMT
content-encoding
gzip
last-modified
Fri, 20 May 2016 17:18:54 GMT
server
nginx
etag
W/"573f46fe-17b8b"
vary
Accept-Encoding
x-hw
1625771968.dop205.fr8.t,1625771968.cds262.fr8.hn,1625771968.cds167.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33738
ub.js
d34qb8suadcc4g.cloudfront.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Requested by
Host: act-now.workmoney.org
URL: https://act-now.workmoney.org/wm-child-tax-credit-calculator/?hashid=bd6ed5899a72278dfa186fd21469535b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:600:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4

Request headers

Referer
https://act-now.workmoney.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 00:38:38 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 19:15:08 GMT
server
AmazonS3
age
5769651
etag
"f6420c864830b5860bfaadd47a2bb21b"
x-cache
Hit from cloudfront
x-amz-version-id
bKC28ufbc849z_LglraHgQe9TbPw1SIU
via
1.1 27f665df26bde4a7226480b4a2890ff9.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/javascript
content-length
1856
x-amz-cf-id
LSrlCH9BC3UzDFe_AytzJmrEXwgINzUH00N53IIJ8bOAreGWeUCbuw==
main.bundle-fed11df.z.js
builder-assets.unbounce.com/published-js/ 		102 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-fed11df.z.js
Requested by
Host: act-now.workmoney.org
URL: https://act-now.workmoney.org/wm-child-tax-credit-calculator/?hashid=bd6ed5899a72278dfa186fd21469535b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-44.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fed11df35baed7ee38458ff705b4b46ed7993830ea46f9b166c7e4d08afb3ab3

Request headers

Referer
https://act-now.workmoney.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 06 May 2021 20:57:02 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 18:27:02 GMT
server
AmazonS3
age
5437347
etag
"02427a0829fed4e24e9864e2f6f1d669"
x-cache
Hit from cloudfront
x-amz-version-id
PY5jXkWzij7RMiymy035twJKn1QV7eth
via
1.1 eb83e7e264681d87a86c9b6a2159e502.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
content-length
33154
x-amz-cf-id
Gx7G4uCF8sLdUdBa7_UZYR7jGkV1hKyRjTrBr5RvRk81e6tvvFGTkw==
gtm.js
www.googletagmanager.com/ 		283 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PKDNJ65
Requested by
Host: act-now.workmoney.org
URL: https://act-now.workmoney.org/wm-child-tax-credit-calculator/?hashid=bd6ed5899a72278dfa186fd21469535b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cb52433f9007d17b3b47c963269ec40f032be0b22976b232db591b4eec938c33
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://act-now.workmoney.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 19:19:28 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75039
x-xss-protection
0
last-modified
Thu, 08 Jul 2021 18:17:25 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 08 Jul 2021 19:19:28 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
truncated
/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a00a892d672aef37634dc5a4e43fd9dc1cf394a0ecae400423a2965ba097048

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
img/png
f9905b54-image.png
d9hhrg4mnvzow.cloudfront.net/act-now.workmoney.org/wm-child-tax-credit-calculator/ 		388 KB
389 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/act-now.workmoney.org/wm-child-tax-credit-calculator/f9905b54-image.png
Requested by
Host: act-now.workmoney.org
URL: https://act-now.workmoney.org/wm-child-tax-credit-calculator/?hashid=bd6ed5899a72278dfa186fd21469535b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-223.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4b75a79b1ea17eed2cb623de25aae4484b9be96b23d532c6fc28b9c697f414ad

Request headers

Referer
https://act-now.workmoney.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 15:08:49 GMT
via
1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
last-modified
Fri, 02 Jul 2021 14:59:33 GMT
server
AmazonS3
age
187840
etag
"2c9c8d6f534453dcad970a6c138128e6"
x-cache
Hit from cloudfront
x-amz-version-id
DYaC2TKa3__nTIkDUvUe5wJYWv5Re45m
cache-control
max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
397643
x-amz-cf-id
u4T14j__GVx7v0ynp5sG6QTxel6jt-HIYpJC1sHgwBucu47jYuWxsA==
sp-2.14.0.js
d34qb8suadcc4g.cloudfront.net/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by
Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:600:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

Referer
https://act-now.workmoney.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 23:20:35 GMT
content-encoding
gzip
last-modified
Wed, 04 Nov 2020 01:35:32 GMT
server
AmazonS3
age
10871934
etag
"73de733c308b8b5e44d2a6242dc4bd99"
x-cache
Hit from cloudfront
x-amz-version-id
rVTqklA1qqyT_0VdOCY323BKPISR0uej
via
1.1 27f665df26bde4a7226480b4a2890ff9.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/javascript
content-length
30399
x-amz-cf-id
BW-kDChLJLaLKH4WAwyz6Pb6am2uvHCSW0Tf_BEFwgQqNzR6MvQ7Hw==
3efafe34-0de1-48bd-85b5-060f3db70172
https://act-now.workmoney.org/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://act-now.workmoney.org/3efafe34-0de1-48bd-85b5-060f3db70172
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-fed11df.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
5603
Content-Type
text/css
css
fonts.googleapis.com/ 		4 KB
611 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:600,500,regular,700
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-fed11df.z.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fa81b5e4f963094a1cfe0a07f0ff3385c7f79513974c1023d34df795b9f9834f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://act-now.workmoney.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 08 Jul 2021 19:19:28 GMT
server
ESF
date
Thu, 08 Jul 2021 19:19:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 08 Jul 2021 19:19:28 GMT
df2c550e-shutterstock-1679445391_10fa0a7000000000000028.jpg
d9hhrg4mnvzow.cloudfront.net/act-now.workmoney.org/wm-child-tax-credit-calculator/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/act-now.workmoney.org/wm-child-tax-credit-calculator/df2c550e-shutterstock-1679445391_10fa0a7000000000000028.jpg
Requested by
Host: act-now.workmoney.org
URL: https://act-now.workmoney.org/wm-child-tax-credit-calculator/?hashid=bd6ed5899a72278dfa186fd21469535b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-223.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d3ad4dcf953a384ee63ef52dee465fbe09e88a667d38ac5aae9cb69c87266760

Request headers

Referer
https://act-now.workmoney.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 07:59:57 GMT
via
1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
last-modified
Fri, 02 Jul 2021 14:59:33 GMT
server
AmazonS3
age
40772
etag
"9210a1485c65e3b0ef8fe8dcab1c6883"
x-cache
Hit from cloudfront
x-amz-version-id
OPmPNsOrFGtt5eiLNPfS14sTUIbQkKU5
cache-control
max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/jpeg
content-length
38514
x-amz-cf-id
J_FeTq0q938cXwpBAzs2daoF-uvO2j1RHNx3vCtqDxXl78rEd3nNdQ==
i
events.ub-analytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.ub-analytics.com/i?stm=1625771968828&e=pv&url=https%3A%2F%2Fact-now.workmoney.org%2Fwm-child-tax-credit-calculator%2F%3Fhashid%3Dbd6ed5899a72278dfa186fd21469535b&page=Child%20Tax%20Credit%20Calculator%2C%20June%202021&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=Europe%2FBerlin&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&eid=3e06b82d-c07e-488d-b964-aa606d83629a&dtm=1625771968827&vp=1600x1200&ds=1600x2156&vid=1&sid=316898fa-8515-4a68-84a3-0bf57225bd9d&duid=f6dafc14-92e2-463a-b2cc-1fb18e7ff12c&uid=65798c5c-36c9-4df2-8ae1-5420a7155541&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiZjY0ZWQzZmYtMjc1Yy00ZmM3LWEzMjAtMWExZTQ1YTgzZTU4IiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6IndlaWdodGVkIn19XX0
Requested by
Host: act-now.workmoney.org
URL: https://act-now.workmoney.org/wm-child-tax-credit-calculator/?hashid=bd6ed5899a72278dfa186fd21469535b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.22.247.80 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-23-22-247-80.compute-1.amazonaws.com
Software
akka-http/10.0.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer
https://act-now.workmoney.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 08 Jul 2021 19:19:29 GMT
access-control-allow-credentials
true
server
akka-http/10.0.9
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length
43
content-type
image/gif
/
geoip-db.com/json/ 		152 B
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geoip-db.com/json/
Requested by
Host: act-now.workmoney.org
URL: https://act-now.workmoney.org/wm-child-tax-credit-calculator/?hashid=bd6ed5899a72278dfa186fd21469535b
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
167.99.135.134 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
836869fb025f0a71f54941ca82653aa728f8a7e7cded3ba30ade07ba20283dac

Request headers

Referer
https://act-now.workmoney.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 08 Jul 2021 19:19:28 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
content-type
text/html; charset=UTF-8
fbevents.js
connect.facebook.net/en_US/ 		95 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: act-now.workmoney.org
URL: https://act-now.workmoney.org/wm-child-tax-credit-calculator/?hashid=bd6ed5899a72278dfa186fd21469535b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://act-now.workmoney.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24676
x-xss-protection
0
pragma
public
x-fb-debug
ArHndIegEyWzrc9GFw6SoudWMzM3/z4WBJFlM+0KXEjbZ4q60PQ93Bpma/8gWlrR7HrxNtcxCHuLcScIK9t4mQ==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
date
Thu, 08 Jul 2021 19:19:28 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
hotjar-1764592.js
static.hotjar.com/c/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1764592.js?sv=6
Requested by
Host: act-now.workmoney.org
URL: https://act-now.workmoney.org/wm-child-tax-credit-calculator/?hashid=bd6ed5899a72278dfa186fd21469535b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-76.fra2.r.cloudfront.net
Software
/
Resource Hash
34375fa0d54d65b1c90ba110e6a1755c96aee43cc8b76b959e53c47c4c9d3cc2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act-now.workmoney.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 19:19:28 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA2-C2
etag
W/c0ae62989b35d10aa5de938a725770fe
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-id
rgSeBK5UanfULCAM2L5y_qcA5PPpVugOh5prJZIZuFgkay9vYuNGmw==
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
hotjar-1764592.js
static.hotjar.com/c/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1764592.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKDNJ65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-76.fra2.r.cloudfront.net
Software
/
Resource Hash
34375fa0d54d65b1c90ba110e6a1755c96aee43cc8b76b959e53c47c4c9d3cc2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act-now.workmoney.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 19:19:28 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA2-C2
etag
W/c0ae62989b35d10aa5de938a725770fe
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-id
w39difPeznD1ONSdGSf_7K08B-ZwsRFoBSNXWOUoDbqT7o3UTiwcIA==
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
tfa.js
cdn.taboola.com/libtrc/unip/1301021/ 		70 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1301021/tfa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKDNJ65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
076416ab017d58da8cffe442c9114b7985e04e74f53f63ec66b5a4426ab4d675

Request headers

Referer
https://act-now.workmoney.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
DBHV.wdsm4dJkWwlAPW2HVSsjITln9Ao
content-encoding
gzip
etag
"35c802ab81541a2fd1bdd406acba2cb5"
age
16817
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
23470
x-amz-id-2
QNgcwzgvu9JgSkNIvVda9M/31F0wHI1D4LLeSsRP9H9bI1okc2Rn6Ld6K7iBUYDU+FkeFZB9zo4=
x-served-by
cache-fra19136-FRA
last-modified
Wed, 16 Jun 2021 10:23:21 GMT
server
AmazonS3
x-timer
S1625771969.869860,VS0,VE1
date
Thu, 08 Jul 2021 19:19:28 GMT
vary
Accept-Encoding
x-amz-request-id
CHHW5XKEBY4AX1TQ
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
55
x-cache-hits
1
obtp.js
amplify.outbrain.com/cp/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKDNJ65
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
fe46e68c0e6eff0c8baae69190acbbb1b99cc49ab70e97e109537e3da90f4bad

Request headers

Referer
https://act-now.workmoney.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 19:19:28 GMT
Content-Encoding
gzip
Last-Modified
Mon, 28 Jun 2021 09:47:31 GMT
Server
AkamaiNetStorage
ETag
"fdbbe544cf69190da6e6a5b05f6879cb:1624873651.390898"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3100
Expires
Thu, 08 Jul 2021 19:39:28 GMT
scevent.min.js
sc-static.net/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKDNJ65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-90.fra2.r.cloudfront.net
Software
CloudFront /
Resource Hash
023e64b862c4d75dd3390eda64f830ce73e3d8c689d30fff89dec507ccabb780

Request headers

Referer
https://act-now.workmoney.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 19:19:28 GMT
content-encoding
gzip
server
CloudFront
x-amz-cf-pop
FRA2-C2
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
5720
via
1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
x-amz-cf-id
8WJM7_JnxS2h3ZKLI16iXC6Ob6K_LHJ8VRM0Xjywp20-aLBS1EB69w==
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:600,500,regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://act-now.workmoney.org
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 10:54:40 GMT
x-content-type-options
nosniff
age
203088
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7776
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:01:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 10:54:40 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:600,500,regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://act-now.workmoney.org
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 06:26:54 GMT
x-content-type-options
nosniff
age
219154
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7988
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:02:10 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 06:26:54 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:600,500,regular,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://act-now.workmoney.org
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 08:28:21 GMT
x-content-type-options
nosniff
age
211867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7900
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:02:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 08:28:21 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:600,500,regular,700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://act-now.workmoney.org
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 02:29:22 GMT
x-content-type-options
nosniff
age
233406
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:01:48 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 02:29:22 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKDNJ65
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://act-now.workmoney.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
6823
date
Thu, 08 Jul 2021 17:25:45 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Thu, 08 Jul 2021 19:25:45 GMT
identity.js
connect.facebook.net/signals/plugins/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/plugins/identity.js?v=2.9.43
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://act-now.workmoney.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
4673
x-xss-protection
0
pragma
public
x-fb-debug
nNy/gyaA7+QFNUrVepTqdU2eh4n8pxfe2Amwt43TLzzfUxpYbPZ4EhwcU/d9Sr3sqrMDMBVyoXBr+5eRUqSp0w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 08 Jul 2021 19:19:28 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
996986220718083
connect.facebook.net/signals/config/ 		260 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/996986220718083?v=2.9.43&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
dd1da2c5ebf62180fd82a2958ac2c65fa76a6c35e9238168e88ac9569ab2f386
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://act-now.workmoney.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
h4qYGXkyVd3Zce3aRJ5xXPRUYBM5oBzmjAaEayhu30muIqsRR7+G0mFdrKf7J2dgUHXzgv4yMZHDexevur4yAw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Thu, 08 Jul 2021 19:19:29 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
cachedClickId
tr.outbrain.com/ 		35 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00261b5aeed51dfaa49f13810f2c2f822f
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Referer
https://act-now.workmoney.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 19:19:29 GMT
content-encoding
gzip
X-TraceId
92b7f43f34e4e555a00b0aa16c3d7bb8
Content-Length
56
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=00261b5aeed51dfaa49f13810f2c2f822f&obApiVersion=1.0-gtm&obtpVersion=1.5.1&name=PAGE_VIEW&dl=https%3A%2F%2Fact-now.workmoney.org%2Fwm-child-tax-credit-calculator%2F%3Fhashid%3Dbd6ed5899a72278dfa186fd21469535b&optOut=false&bust=05049471369734015
Requested by
Host: act-now.workmoney.org
URL: https://act-now.workmoney.org/wm-child-tax-credit-calculator/?hashid=bd6ed5899a72278dfa186fd21469535b
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Referer
https://act-now.workmoney.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 08 Jul 2021 19:19:29 GMT
Cache-Control
no-cache
X-TraceId
d51e896a5a03f68f9bfbd40cb11946e0
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
modules.c057a0a680ba2bae7796.js
script.hotjar.com/ 		219 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.c057a0a680ba2bae7796.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1764592.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-31.fra2.r.cloudfront.net
Software
/
Resource Hash
cb90181b6bf15f3a6ac7cdb9fe1d93556420536f54ff831ebec5a653bf0bdcfd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://act-now.workmoney.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Jul 2021 07:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
129684
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59054
access-control-allow-origin
*
last-modified
Wed, 07 Jul 2021 07:17:15 GMT
etag
"c4474e0a67f74d83e41d7cfcecc9929f"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
AffPTc9GiX4Pzh01__yBLdKikxku777T0uHa2ad9dBM4_YYP4JwiRw==
i
tr.snapchat.com/cm/ Frame 37A2 		0
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=c52aa0e9-af35-416c-b776-64389a178d7d
Requested by
Host: act-now.workmoney.org
URL: https://act-now.workmoney.org/wm-child-tax-credit-calculator/?hashid=bd6ed5899a72278dfa186fd21469535b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

:method
GET
:authority
tr.snapchat.com
:scheme
https
:path
/cm/i?pid=c52aa0e9-af35-416c-b776-64389a178d7d
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://act-now.workmoney.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://act-now.workmoney.org/

Response headers

server
nginx/1.17.3
date
Thu, 08 Jul 2021 19:19:29 GMT
content-type
text/html
content-length
0
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
p
tr.snapchat.com/ 		68 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.snapchat.com/p?pid=c52aa0e9-af35-416c-b776-64389a178d7d&ev=PAGE_VIEW&pl=https%3A%2F%2Fact-now.workmoney.org%2Fwm-child-tax-credit-calculator%2F%3Fhashid%3Dbd6ed5899a72278dfa186fd21469535b&ts=1625771968983&rf=&v=1.5&if=false&bt=__LIVE__&intg=gtm&u_c1=623f6ee0-6c44-4e82-a001-1280920c1af0&m_sl=809&m_rd=827&m_pi=626&m_ic=0
Requested by
Host: act-now.workmoney.org
URL: https://act-now.workmoney.org/wm-child-tax-credit-calculator/?hashid=bd6ed5899a72278dfa186fd21469535b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://act-now.workmoney.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 19:19:29 GMT
via
1.1 google
server
nginx/1.17.3
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, no-transform
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame 4A08 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1764592.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-12.fra2.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://act-now.workmoney.org/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://act-now.workmoney.org/

Response headers

content-type
text/html
content-length
1044
date
Sun, 04 Jul 2021 20:03:42 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Mon, 28 Jun 2021 11:17:19 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 2bbba694ff55d664208103e9c25dce14.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
kDB-Dit7KYiH2N4MDMyWO91EHI7fTNBgStRfQw1VLQ1PXieZz1Mzfg==
age
342946
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=996986220718083&ev=PageView&dl=https%3A%2F%2Fact-now.workmoney.org%2Fwm-child-tax-credit-calculator%2F%3Fhashid%3Dbd6ed5899a72278dfa186fd21469535b&rl=&if=false&ts=1625771969053&sw=1600&sh=1200&ud[uid]=_kqvanjnubbkrs2dva&v=2.9.43&r=stable&ec=0&o=30&fbp=fb.1.1625771969052.810268250&it=1625771968893&coo=false&rqm=GET
Requested by
Host: act-now.workmoney.org
URL: https://act-now.workmoney.org/wm-child-tax-credit-calculator/?hashid=bd6ed5899a72278dfa186fd21469535b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://act-now.workmoney.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 19:19:29 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 08 Jul 2021 19:19:29 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=996986220718083&ev=Microdata&dl=https%3A%2F%2Fact-now.workmoney.org%2Fwm-child-tax-credit-calculator%2F%3Fhashid%3Dbd6ed5899a72278dfa186fd21469535b&rl=&if=false&ts=1625771969556&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Child%20Tax%20Credit%20Calculator%2C%20June%202021%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Child%20Tax%20Credit%20Calculator%2C%20June%202021%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fd9hhrg4mnvzow.cloudfront.net%2Fact-now.workmoney.org%2Fpetition%2Fpass-another-stimulus%2Ff3568342-og-general.jpg%22%2C%22og%3Adescription%22%3A%22WorkMoney%20is%20here%20to%20help%20you%20find%20your%20stimulus%20benefits.%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&ud[uid]=_kqvanjnubbkrs2dva&v=2.9.43&r=stable&ec=1&o=30&fbp=fb.1.1625771969052.810268250&it=1625771968893&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://act-now.workmoney.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 19:19:29 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
expires
Thu, 08 Jul 2021 19:19:29 GMT

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| ub object| dataLayer function| $ function| jQuery object| UnbounceSnowplowNamespace function| ubSnowplow function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ object| google_tag_manager function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow object| google_tag_data function| Cookies boolean| productionMode boolean| DEBUG_MODE function| exactiulog object| clientSettings object| StandardFBEvents number| currDate function| getUrlVars function| extend function| ID function| isDefined function| userAgent function| userBrowser function| makeRequest undefined| reportingService function| fbq function| _fbq function| hj object| _hjSettings object| dataLayerService function| trySelectorMatch object| __tfa_pixel_init object| _tfa function| obApi function| obTag function| snaptr function| postAjaxCall string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError boolean| triedToSendCookieToNative object| WebJSBridge object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules string| pageName

16 Cookies

Domain/Path Name / Value
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBiREAIQgDwIqYEZXElONzVEHxt7sGpYuw3Dg2h55tzDTiC62kGrzK0YN0QdV+W1ZhpDIAAAA=
act-now.workmoney.org/ Name: outbrain_cid_fetch
Value: true
.workmoney.org/ Name: _hjFirstSeen
Value: 1
.workmoney.org/ Name: _hjid
Value: 60baf83c-16f0-49c4-9315-e22e0703b63d
.workmoney.org/ Name: _hjTLDTest
Value: 1
.workmoney.org/ Name: _scid
Value: 623f6ee0-6c44-4e82-a001-1280920c1af0
act-now.workmoney.org/ Name: EX.WOMO.context
Value: {%22uid%22:%22_kqvanjnubbkrs2dva%22%2C%22IP%22:%22185.216.34.99%22}
act-now.workmoney.org/ Name: ubvs
Value: 65798c5c-36c9-4df2-8ae1-5420a7155541
.act-now.workmoney.org/ Name: _gaclientid
Value: 279397143.1625771969
.workmoney.org/ Name: _gid
Value: GA1.2.692797704.1625771969
.workmoney.org/ Name: _ga
Value: GA1.2.279397143.1625771969
act-now.workmoney.org/wm-child-tax-credit-calculator/ Name: ubpv
Value: a%2Cf64ed3ff-275c-4fc7-a320-1a1e45a83e58
act-now.workmoney.org/ Name: clientId
Value: false
.workmoney.org/ Name: _gcl_au
Value: 1.1.949635524.1625771969
.workmoney.org/ Name: ubvt
Value: 65798c5c-36c9-4df2-8ae1-5420a7155541
.workmoney.org/ Name: _fbp
Value: fb.1.1625771969052.810268250

1 Console Messages

Source Level URL
Text
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 24)
Message:
[Facebook Pixel] - Duplicate Pixel ID: 996986220718083.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

act-now.workmoney.org
amplify.outbrain.com
builder-assets.unbounce.com
cdn.taboola.com
code.jquery.com
connect.facebook.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
events.ub-analytics.com
fonts.googleapis.com
fonts.gstatic.com
geoip-db.com
sc-static.net
script.hotjar.com
static.hotjar.com
tr.outbrain.com
tr.snapchat.com
vars.hotjar.com
wkm.fm
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
13.224.193.12
13.224.193.31
13.224.193.44
13.225.84.223
13.225.87.4
13.225.87.76
13.225.87.90
151.101.13.44
167.99.135.134
2.18.234.190
2001:4de0:ac18::1:a:1a
23.22.247.80
2600:9000:21f3:600:1d:11cf:5800:93a1
2606:4700:10::ac43:1e28
2a00:1450:4001:803::2003
2a00:1450:4001:808::200e
2a00:1450:4001:811::2008
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
35.186.226.184
70.42.32.31
023e64b862c4d75dd3390eda64f830ce73e3d8c689d30fff89dec507ccabb780
076416ab017d58da8cffe442c9114b7985e04e74f53f63ec66b5a4426ab4d675
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
34375fa0d54d65b1c90ba110e6a1755c96aee43cc8b76b959e53c47c4c9d3cc2
3bea34f20c813024f046166fb0ad98a8eb93d5ab93052ceb993eee238ece5b66
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
4b75a79b1ea17eed2cb623de25aae4484b9be96b23d532c6fc28b9c697f414ad
5a00a892d672aef37634dc5a4e43fd9dc1cf394a0ecae400423a2965ba097048
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
836869fb025f0a71f54941ca82653aa728f8a7e7cded3ba30ade07ba20283dac
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b875e85ee6634c19d97eb8bde1a2d5109eaf2be356ee0227608f66122fb84ce6
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb52433f9007d17b3b47c963269ec40f032be0b22976b232db591b4eec938c33
cb90181b6bf15f3a6ac7cdb9fe1d93556420536f54ff831ebec5a653bf0bdcfd
d3ad4dcf953a384ee63ef52dee465fbe09e88a667d38ac5aae9cb69c87266760
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
dd1da2c5ebf62180fd82a2958ac2c65fa76a6c35e9238168e88ac9569ab2f386
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fa81b5e4f963094a1cfe0a07f0ff3385c7f79513974c1023d34df795b9f9834f
fe46e68c0e6eff0c8baae69190acbbb1b99cc49ab70e97e109537e3da90f4bad
fed11df35baed7ee38458ff705b4b46ed7993830ea46f9b166c7e4d08afb3ab3