apply.taxfreshstartinitiative.com Open in urlscan Pro
54.197.224.139 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://apply.taxfreshstartinitiative.com/
Submission Tags: @phishunt_io
Submission: On October 07 via api (October 7th 2022, 11:29:08 pm UTC) from DE — Scanned from DE

Summary HTTP 95 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 45 IPs in 5 countries across 36 domains to perform 95 HTTP transactions. The main IP is 54.197.224.139, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is apply.taxfreshstartinitiative.com.
TLS certificate: Issued by R3 on October 7th 2022. Valid for: 3 months.

This is the only time apply.taxfreshstartinitiative.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	54.197.224.139 54.197.224.139	14618 (AMAZON-AES) (AMAZON-AES)
8	65.9.66.107 65.9.66.107	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:20:... 2606:4700:20::681a:6ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	51.91.31.155 51.91.31.155	16276 (OVH) (OVH)
1	2606:4700:20:... 2606:4700:20::681a:2ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	99.86.4.75 99.86.4.75	16509 (AMAZON-02) (AMAZON-02)
3	2a04:4e42:400... 2a04:4e42:400::729	54113 (FASTLY) (FASTLY)
1	205.234.175.175 205.234.175.175	30081 (CACHENETW...) (CACHENETWORKS)
3	54.156.135.114 54.156.135.114	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700:10:... 2606:4700:10::ac43:2592	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:149b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2 6	2600:9000:206... 2600:9000:206f:7000:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3	2620:116:800d... 2620:116:800d:21:e365:4988:e8a7:3270	16509 (AMAZON-02) (AMAZON-02)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	99.86.4.11 99.86.4.11	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:62::84 2a04:4e42:62::84	54113 (FASTLY) (FASTLY)
1	18.66.120.247 18.66.120.247	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223f:8600:c:7d55:b3c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c08::9d	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223c:a600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
3	104.75.88.209 104.75.88.209	16625 (AKAMAI-AS) (AKAMAI-AS)
2	18.157.122.248 18.157.122.248	16509 (AMAZON-02) (AMAZON-02)
1	34.240.197.120 34.240.197.120	16509 (AMAZON-02) (AMAZON-02)
4	35.190.43.134 35.190.43.134	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2620:1ec:46::45 2620:1ec:46::45	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	65.9.66.6 65.9.66.6	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:214... 2600:9000:214f:3400:11:615:7240:93a1	16509 (AMAZON-02) (AMAZON-02)
2	52.224.31.34 52.224.31.34	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	20.234.93.27 20.234.93.27	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
95	45

1 54.197.224.139 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-224-139.compute-1.amazonaws.com

apply.taxfreshstartinitiative.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 65.9.66.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-107.fra56.r.cloudfront.net

static.leadshook.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:6ba (United States)

ASN13335 (CLOUDFLARENET, US)

www.amcharts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.91.31.155 (Paris, France)

ASN16276 (OVH, FR)
PTR: ns3151945.ip-51-91-31.eu

blitz-brands.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:2ba (United States)

ASN13335 (CLOUDFLARENET, US)

app.getbeamer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-75.fra6.r.cloudfront.net

polyfill.leadshook.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.234.175.175 (Lovettsville, United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net

cdn.ckeditor.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.156.135.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-135-114.compute-1.amazonaws.com

help.leadshook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::ac43:2592 (United States)

ASN13335 (CLOUDFLARENET, US)

widget.user.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:149b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:206f:7000:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-11.fra6.r.cloudfront.net

tag.getdrip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:62::84 (United States)

ASN54113 (FASTLY, US)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.120.247 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-120-247.fra60.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:8600:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:a600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.157.122.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-122-248.eu-central-1.compute.amazonaws.com

lhcom.matomo.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.240.197.120 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-240-197-120.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:46::45 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.66.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-6.fra56.r.cloudfront.net

api.getdrip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:3400:11:615:7240:93a1 (United States)

ASN16509 (AMAZON-02, US)

pxl.qccerttest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.224.31.34 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

h.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.234.93.27 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	leadshook.io static.leadshook.io — Cisco Umbrella Rank: 467807 polyfill.leadshook.io — Cisco Umbrella Rank: 551925	2 MB
7	adroll.com 2 redirects s.adroll.com — Cisco Umbrella Rank: 3652 d.adroll.com — Cisco Umbrella Rank: 2343	21 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 804 h.clarity.ms — Cisco Umbrella Rank: 6675 c.clarity.ms — Cisco Umbrella Rank: 1219	26 KB
6	user.com blitz-brands.user.com widget.user.com — Cisco Umbrella Rank: 131911	79 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 94 region1.google-analytics.com — Cisco Umbrella Rank: 2144	20 KB
5	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 358	52 KB
4	snapchat.com tr.snapchat.com — Cisco Umbrella Rank: 990	1 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 850 www.linkedin.com — Cisco Umbrella Rank: 840 px4.ads.linkedin.com — Cisco Umbrella Rank: 6680	4 KB
4	getdrip.com tag.getdrip.com — Cisco Umbrella Rank: 33602 api.getdrip.com — Cisco Umbrella Rank: 29893	33 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 665 c.bing.com — Cisco Umbrella Rank: 426	13 KB
3	pinterest.com ct.pinterest.com — Cisco Umbrella Rank: 1035	2 KB
3	matomo.cloud cdn.matomo.cloud — Cisco Umbrella Rank: 38297 lhcom.matomo.cloud	39 KB
3	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1449 pixel.quantserve.com — Cisco Umbrella Rank: 683	11 KB
3	leadshook.com help.leadshook.com	30 KB
3	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 4869	50 KB
3	amcharts.com www.amcharts.com — Cisco Umbrella Rank: 83546	288 KB
2	qccerttest.com pxl.qccerttest.com — Cisco Umbrella Rank: 1356	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 115	222 B
2	google.de www.google.de — Cisco Umbrella Rank: 3460	655 B
2	google.com www.google.com — Cisco Umbrella Rank: 19	655 B
2	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1200	1 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 171 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68	2 KB
2	pinimg.com s.pinimg.com — Cisco Umbrella Rank: 1008	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 203	111 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	8 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 129	158 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 859	394 B
1	t.co t.co — Cisco Umbrella Rank: 550	376 B
1	sc-static.net sc-static.net — Cisco Umbrella Rank: 1038	9 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 967	15 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 154	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 1571	3 KB
1	gstatic.com fonts.gstatic.com	17 KB
1	ckeditor.com cdn.ckeditor.com — Cisco Umbrella Rank: 39931	218 KB
1	getbeamer.com app.getbeamer.com — Cisco Umbrella Rank: 30029	20 KB
1	taxfreshstartinitiative.com apply.taxfreshstartinitiative.com	4 KB
95	36

	Domain	Requested by
8	static.leadshook.io	apply.taxfreshstartinitiative.com
6	s.adroll.com	2 redirects www.googletagmanager.com apply.taxfreshstartinitiative.com s.adroll.com
5	cdnjs.cloudflare.com	apply.taxfreshstartinitiative.com
4	tr.snapchat.com	browser.sentry-cdn.com apply.taxfreshstartinitiative.com sc-static.net
3	api.getdrip.com	tag.getdrip.com
3	ct.pinterest.com	browser.sentry-cdn.com apply.taxfreshstartinitiative.com s.pinimg.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com apply.taxfreshstartinitiative.com
3	www.google-analytics.com	www.googletagmanager.com apply.taxfreshstartinitiative.com
3	widget.user.com	blitz-brands.user.com
3	help.leadshook.com	apply.taxfreshstartinitiative.com static.leadshook.io browser.sentry-cdn.com
3	browser.sentry-cdn.com	apply.taxfreshstartinitiative.com
3	blitz-brands.user.com	apply.taxfreshstartinitiative.com browser.sentry-cdn.com
3	www.amcharts.com	apply.taxfreshstartinitiative.com
2	c.clarity.ms	1 redirects
2	h.clarity.ms	browser.sentry-cdn.com
2	pixel.quantserve.com	apply.taxfreshstartinitiative.com
2	pxl.qccerttest.com	apply.taxfreshstartinitiative.com
2	www.clarity.ms	bat.bing.com www.clarity.ms
2	www.facebook.com	apply.taxfreshstartinitiative.com
2	lhcom.matomo.cloud	cdn.matomo.cloud
2	www.google.de	apply.taxfreshstartinitiative.com
2	www.google.com	apply.taxfreshstartinitiative.com
2	rules.quantcount.com	secure.quantserve.com
2	region1.google-analytics.com	www.googletagmanager.com
2	px.ads.linkedin.com	2 redirects
2	s.pinimg.com	apply.taxfreshstartinitiative.com s.pinimg.com
2	connect.facebook.net	apply.taxfreshstartinitiative.com connect.facebook.net
2	fonts.googleapis.com	apply.taxfreshstartinitiative.com
2	www.googletagmanager.com	apply.taxfreshstartinitiative.com www.googletagmanager.com
1	c.bing.com	1 redirects
1	d.adroll.com	s.adroll.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	analytics.twitter.com	apply.taxfreshstartinitiative.com
1	t.co	apply.taxfreshstartinitiative.com
1	px4.ads.linkedin.com	apply.taxfreshstartinitiative.com
1	www.linkedin.com	1 redirects
1	stats.g.doubleclick.net	browser.sentry-cdn.com
1	cdn.matomo.cloud	apply.taxfreshstartinitiative.com
1	sc-static.net	apply.taxfreshstartinitiative.com
1	tag.getdrip.com	apply.taxfreshstartinitiative.com
1	static.ads-twitter.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	fonts.gstatic.com	fonts.googleapis.com
1	cdn.ckeditor.com	apply.taxfreshstartinitiative.com
1	polyfill.leadshook.io	apply.taxfreshstartinitiative.com
1	app.getbeamer.com	apply.taxfreshstartinitiative.com
1	apply.taxfreshstartinitiative.com
95	49

This site contains links to these domains. Also see Links.

Domain
www.leadshook.com

Subject Issuer	Validity	Valid
apply.taxfreshstartinitiative.com R3	`2022-10-07` - `2023-01-05`	3 months	crt.sh
leadshook.io Amazon	`2021-12-06` - `2023-01-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.user.com Certum Domain Validation CA SHA2	`2021-10-25` - `2022-10-25`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
cdn.ckeditor.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-14` - `2023-04-14`	a year	crt.sh
*.leadshook.com Amazon	`2022-08-25` - `2023-09-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2022-03-01` - `2023-03-01`	a year	crt.sh
s.adroll.com Amazon	`2022-07-03` - `2023-08-01`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2022-09-03` - `2023-03-03`	6 months	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-17` - `2022-10-15`	3 months	crt.sh
*.getdrip.com Amazon	`2022-01-28` - `2023-02-26`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-08`	a year	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-27` - `2023-01-27`	a year	crt.sh
cdn.matomo.cloud Amazon	`2021-12-28` - `2023-01-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.matomo.cloud Amazon	`2022-07-21` - `2023-08-19`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2022-08-10` - `2023-09-08`	a year	crt.sh
*.snap.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-08-16`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
qccerttest.com Amazon	`2022-04-04` - `2023-05-03`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://apply.taxfreshstartinitiative.com/
Frame ID: BAD5062F78865F5D7EF36B8C8C748365
Requests: 92 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=b43abd65-34a6-4097-a92e-d0f488acd807&u_scsid=21a88bae-f5b0-4717-8d22-802b3a4fa4f6&u_sclid=a0c3856e-14b1-48cf-9336-20e0998e67bf
Frame ID: 36A49908469B1BD1E68394C18DA28696
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: C27D9532775AAFAE58A507774202F4F1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

<script[^>]*src="[^"]*browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

amCharts (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

amcharts.*\.js

AngularJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
\bangular.{0,32}\.js

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Highlight.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.])+/)?highlight(?:\.min)?\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

95
Requests

96 %
HTTPS

57 %
IPv6

36
Domains

49
Subdomains

45
IPs

5
Countries

2879 kB
Transfer

11401 kB
Size

40
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.leadshook.com/terms-of-use
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.leadshook.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=234948&time=1665185342686&url=https%3A%2F%2Fapply.taxfreshstartinitiative.com%2Flogin HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D234948%26time%3D1665185342686%26url%3Dhttps%253A%252F%252Fapply.taxfreshstartinitiative.com%252Flogin%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=234948&time=1665185342686&url=https%3A%2F%2Fapply.taxfreshstartinitiative.com%2Flogin&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=234948&time=1665185342686&url=https%3A%2F%2Fapply.taxfreshstartinitiative.com%2Flogin&liSync=true&e_ipv6=AQJPm5dz_7kg8AAAAYO0x-ZhKvbYS0rEmJNUQ1LcCd0Mm7cfmA_E8GPiMw9vAIWFGwGvxTNCBwvK

Request Chain 51

https://s.adroll.com/j/exp/2C3ORQAMZFDTZFOJQIRR3E/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 52

https://s.adroll.com/j/pre/2C3ORQAMZFDTZFOJQIRR3E/HAZU6ALDTZAMBI43TRRXCZ/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 88

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=916F9D2696BC4CF9A267A8177CB6E978&RedC=c.clarity.ms&MXFR=1745B6A42F9360011684A4922B936EF4 HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=916F9D2696BC4CF9A267A8177CB6E978&MUID=1AACCCC72EED656B0A7DDEF12F666491

95 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
apply.taxfreshstartinitiative.com/ 12 KB
4 KB 463ms
113ms Document
text/html 54.197.224.139
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://apply.taxfreshstartinitiative.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.197.224.139 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-224-139.compute-1.amazonaws.com
Software: Caddy / Express
Resource Hash: 73cde7a77e806402c63e2d1a83e6d82cf1329dab8800cddbe043211ecc3689af

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 07 Oct 2022 23:29:01 GMT
etag: W/"2e40-siXaPJUcNbYLul4635AZoX4pCxo"
server: Caddy
vary: Accept-Encoding
x-powered-by: Express

GET
H2 200 d3fed649.frontend_vendor.css
static.leadshook.io/app/ 29 KB
5 KB 137ms
29ms Stylesheet
text/css 65.9.66.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadshook.io/app/d3fed649.frontend_vendor.css
Requested by: Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-107.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3715b504c68323affe436a0169f96fcccfff8f0632a7bce1ca2a762ff714fd17

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 01:28:18 GMT
content-encoding: gzip
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified: Wed, 28 Sep 2022 02:42:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 79244
etag: W/"d3fed6497d41e35427f8a3440db188fb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
x-amz-cf-id: J1xMoXiJ4CmB_V3fclSALQwpiXHITVpdtI1-ovGASV-AVDyXDm9UAQ==

GET
H2 200 68c42db8.vendor.css
static.leadshook.io/app/ 70 KB
20 KB 263ms
156ms Stylesheet
text/css 65.9.66.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadshook.io/app/68c42db8.vendor.css
Requested by: Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-107.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7fb5201761f6a4558eed23d12dad832422541f5ea4ed1dfce7ae1e3750bced9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 18:31:34 GMT
content-encoding: gzip
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified: Tue, 04 Oct 2022 19:32:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 17848
etag: W/"68c42db8c7ee2d908d377222f1858992"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
x-amz-cf-id: yHBgI8KycnI_22VH0H9vj_cdJt5V_jD1jM3R-wsR8FpogA_T3arqyQ==

GET
H2 200 default.min.css
cdnjs.cloudflare.com/ajax/libs/highlight.js/9.15.6/styles/ 775 B
1 KB 74ms
27ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.15.6/styles/default.min.css

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cdcba7a929f59658000da20f172ceb43c5122235f6569bb11f3530622b0ec28f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 9401179
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 271
last-modified: Mon, 04 May 2020 16:10:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e7a-307"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ktn4H8TaOOKAsAD6Wgyqjog65l4CXExD%2BacnOsuTxD7qMpgdj1%2BIApMOmEdTYcpg6KHwSrUVEOAmJi%2BlsVJEGkuv9lZiSylsXWVfDg5dwr2WXks%2BlZXQOEYRBwMjW9SOznKwMeVPhHm69Iy0TeCTG3c"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 756a6aa06d5fbb4d-FRA
expires: Wed, 27 Sep 2023 23:29:01 GMT

GET
H2 200 1f0bcbdf.app.css
static.leadshook.io/app/ 247 KB
57 KB 137ms
30ms Stylesheet
text/css 65.9.66.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadshook.io/app/1f0bcbdf.app.css
Requested by: Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-107.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 807bf403ddd2ecc9a6f12b5922b739b6956b52643f557ffcf387a0c53226889e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:36:51 GMT
content-encoding: gzip
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified: Thu, 06 Oct 2022 14:57:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 42731
etag: "25ae4f0b7e867a5785d1e1af4d0fc636"
x-cache: Hit from cloudfront
content-type: text/css; charset=utf-8
accept-ranges: bytes
content-length: 58045
x-amz-cf-id: tTtFqBdpYSNCI2CRLWCWgG7GbWjFlpBBKSFHZJU4iIbEAtplV8ziCw==

GET
H2 200 core.js Show response
www.amcharts.com/lib/4/ 1 MB
257 KB 100ms
43ms Script
application/x-javascript 2606:4700:20::681a:6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amcharts.com/lib/4/core.js

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6ba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f68e2818a376ada1e4274d96f349b3e6eb3dc4eda66dcb51b859b84b92b6352

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 37375
cf-polished: origSize=1055167
cf-bgj: minify
last-modified: Mon, 19 Sep 2022 08:43:09 GMT
server: cloudflare
etag: W/"1019bf-63282b9d-d86dbcd61b9e90dc;gz"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EJx6oKXvLqLi5WjfgQ0dcfm%2BCeKavGryxQGlAQTY2ngd3BpFU9ZS7qZOAwMUrNO1V9Yu6uMDkmH7SCQ82de%2FVnlGEim%2F6hkCIoG94yp%2ByYYG84FYk%2BdV0nkkCkUNfkI%2BXI%2F6BcHTfC8O8beyTOU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 756a6aa079349279-FRA
expires: Fri, 14 Oct 2022 23:29:01 GMT

GET
H2 200 charts.js Show response
www.amcharts.com/lib/4/ 143 KB
30 KB 91ms
33ms Script
application/x-javascript 2606:4700:20::681a:6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amcharts.com/lib/4/charts.js

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6ba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b06a47c4d73da15b24a0da54eef13ef53ce4547c6baa2abb64ce64122ce5ac25

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 37382
cf-polished: origSize=146989
cf-bgj: minify
last-modified: Mon, 19 Sep 2022 08:43:06 GMT
server: cloudflare
etag: W/"23e2d-63282b9a-9b0feb79a133cb77;gz"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ElxbKtJ6hWa1YLJ4zQVEGYzIkUr1IlpbVUHj0SZgzhJnMSHNh2UU%2FELi5wzbY85KtpqLnji5zCQdgj34m4Nt5%2Bm2SZMZmXlVo65eSlvClROemNhTmNb5kHP2pJBf7ZhMAhsjh4DvarfMTncgoQU%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 756a6aa079369279-FRA
expires: Fri, 14 Oct 2022 23:29:01 GMT

GET
H2 200 animated.js Show response
www.amcharts.com/lib/4/themes/ 2 KB
1 KB 87ms
30ms Script
application/x-javascript 2606:4700:20::681a:6ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.amcharts.com/lib/4/themes/animated.js

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:6ba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77ae565eb8c054e6d7d1da8b47ee0d3dcacbced65719ad66a76d0dc71c37a589

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 37382
cf-polished: origSize=2247
cf-bgj: minify
last-modified: Fri, 07 Feb 2020 13:29:36 GMT
server: cloudflare
etag: W/"8c7-5e3d6640-4811a5f5e1d7c804;gz"
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/x-javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WKd0Jd4HnV8Ic7kHO5sQ7ql9ZNwTc3XxV2%2BqggWs9a%2FgnDQEDwKjMBXy8QHhO3JfqZTvP1e4uq4L9xUsKUSDFAuzKkIeVzkFfEiuTu%2BdCRpvZ4BXdtTwgO1QFOf71KzsDCyNTBneRnz0XhwvIw4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
platform: hostinger
cf-ray: 756a6aa079379279-FRA
expires: Fri, 14 Oct 2022 23:29:01 GMT

GET
H/1.1 200
OK widget.js Show response
blitz-brands.user.com/ 149 KB
51 KB 180ms
73ms Script
application/javascript 51.91.31.155
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://blitz-brands.user.com/widget.js
Requested by: Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.91.31.155 Paris, France, ASN16276 (OVH, FR),
Reverse DNS: ns3151945.ip-51-91-31.eu
Software: nginx/1.19.4 /
Resource Hash: ed34b7cf47badd31666d6f91b4de19ab0abb60ac52d9bf01003f9ed6c6b67eb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:01 GMT
content-encoding: gzip
last-modified: Mon, 19 Sep 2022 06:15:08 GMT
server: nginx/1.19.4
etag: W/"632808ec-25503"
transfer-encoding: chunked
vary: Accept-Encoding
content-type: application/javascript
ue-backend: widget
ue-node: widget3

GET
H2 200 beamer-embed.js Show response
app.getbeamer.com/js/ 84 KB
20 KB 90ms
33ms Script
application/javascript 2606:4700:20::681a:2ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.getbeamer.com/js/beamer-embed.js

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:2ba , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b94fc29afaf066c90b8161d4a244b9867bcd6409e8f487de8f480ff1cacda1d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:02 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 223
cf-polished: origSize=85845
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 07 Oct 2022 15:31:09 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6tNlXiKze9wxNud8kHVRRIWGZvKKB7MY75KtrkpJ0JFsP0%2Beed7%2F7sv4a0LCQPdr76EdhqlPtxcNfA5GSTLApNq9nZ%2B54YiODiKyQ9Ur9XfUsUbRbMCJz1eAqSEJUXgZpCU%2Fj5iPzIAFNplWjnsd"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=14400
cf-ray: 756a6aa469d59c0d-FRA
expires: Sat, 08 Oct 2022 03:29:02 GMT

GET
H2 200 pollyfill.js Show response
polyfill.leadshook.io/ 101 B
540 B 124ms
61ms Script
application/javascript 99.86.4.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.leadshook.io/pollyfill.js

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.75 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-75.fra6.r.cloudfront.net

Software

CloudFront /

Resource Hash

d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:01 GMT
content-security-policy: default-src 'self'
via: 1.1 7ff386cc5735ee5d428e6d9e2fdc8b2c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
x-cache: LambdaGeneratedResponse from cloudfront
cache-control: max-age=31536000
feature-policy: camera 'none'; microphone 'none'; speaker 'none'
content-length: 101
x-amz-cf-id: coUy3DzXfts8iETdRON-3_I49bIDqj_3nZSCWdhooXblmRMpS1iZ6w==

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/ 63 KB
23 KB 74ms
29ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/gsap.min.js

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4409581
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 22890
last-modified: Sat, 25 Dec 2021 03:05:32 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61c68a7c-596a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vs9mEmLlcDE9mTjgRWuG71qVvY3bFzi%2FYIpBAASFTwI9zAvb%2FskFh7CbLmDZvyuXbpJs%2BrIKfEkwExyNqUVkp7r1GkmcIrOpdPl7WCmX0vf8zv3APqjIHXHJYPXE9xHoVPX6qAn6cLRdEioVEQl%2FBl9U"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 756a6aa06d60bb4d-FRA
expires: Wed, 27 Sep 2023 23:29:01 GMT

GET
H2 200 80cc3c9e.frontend_vendor.js Show response
static.leadshook.io/app/ 2 MB
633 KB 136ms
30ms Script
application/javascript 65.9.66.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadshook.io/app/80cc3c9e.frontend_vendor.js
Requested by: Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-107.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a54e22a0aae25cbaf8a332e6ad6c574c313d734317426b2af1c3f6b5933b18b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 01:33:07 GMT
content-encoding: gzip
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified: Tue, 04 Oct 2022 19:32:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 78980
etag: "3af304daf61ae4f3257b8240e6def942"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
accept-ranges: bytes
content-length: 647356
x-amz-cf-id: FHO-2WU4gB3S5AaO6-6fgfCgZK5EjH13_vGyPsN_ozOpF2Q6AIjCxw==

GET
H2 200 highlight.min.js Show response
cdnjs.cloudflare.com/ajax/libs/highlight.js/9.15.6/ 48 KB
18 KB 73ms
28ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/highlight.js/9.15.6/highlight.min.js

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6984dd52b9fa3b0d430e08792537376831a79e3bb8f32ff573cb357609183d0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3821897
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17617
last-modified: Mon, 04 May 2020 16:10:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e7a-bec0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sCsgvd6uKN1yKR6f75QanosY1LrSgYIC7jg4OKNFfreF7jhonvIdKn%2FLm6UOr%2Fd8qNodNrJwRG%2FHD1XJvd26Ff%2BAza79WiOflI7CkbclOaM3lmuw40ofSsMMOAklJuGljJ13CZXgD53RlLQIlmI5Cunz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 756a6aa06d61bb4d-FRA
expires: Wed, 27 Sep 2023 23:29:01 GMT

GET
H2 200 435449c2.vendor.js Show response
static.leadshook.io/app/ 957 KB
285 KB 250ms
144ms Script
application/javascript 65.9.66.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadshook.io/app/435449c2.vendor.js
Requested by: Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-107.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4374cb23d4b393291075dfebd501b03b0704547311d23812e3737bf91d0b6f3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 19:58:16 GMT
content-encoding: gzip
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified: Tue, 04 Oct 2022 19:32:15 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 12646
etag: W/"435449c24fae6a09426378e8f810e1a1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: xs4VM3EcpAy8OkHpkCHf161Htqw_9S5QYGaATYk36idGhP1Zy7eHWg==

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/6.17.4/ 63 KB
20 KB 69ms
21ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/6.17.4/bundle.min.js

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d4538b500dbad64b4c530857d7faf7d63bf921bcab573e94160c459ce859c90d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://apply.taxfreshstartinitiative.com/
Origin: https://apply.taxfreshstartinitiative.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 02 Feb 2022 15:42:58 GMT
server: Fastly
age: 2106443
etag: "456782718f10c0d95baf1a859662a1e9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 20491
expires: Wed, 13 Sep 2023 14:21:37 GMT

GET
H2 200 bundle.tracing.min.js Show response
browser.sentry-cdn.com/6.17.4/ 89 KB
28 KB 70ms
22ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ab75d2b0c8cc42eb0741c91c456679dd5fa0d6ea201ad0c7e50b06fe916f2c5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://apply.taxfreshstartinitiative.com/
Origin: https://apply.taxfreshstartinitiative.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 02 Feb 2022 15:42:58 GMT
server: Fastly
age: 1504420
etag: "d79feee5fcf01c4d7aae920cbcbc5c06"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 28623
expires: Wed, 20 Sep 2023 13:35:21 GMT

GET
H2 200 angular.min.js Show response
browser.sentry-cdn.com/6.17.4/ 4 KB
2 KB 92ms
44ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/6.17.4/angular.min.js

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

4791f9629b2ab03e00aa962848b886d9d8e709d5185fa2517b1ce4e97027f636

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://apply.taxfreshstartinitiative.com/
Origin: https://apply.taxfreshstartinitiative.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:01 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Wed, 02 Feb 2022 15:42:58 GMT
server: Fastly
age: 903993
etag: "88a049ef735409b4f4e297d1b058b3ab"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1770
expires: Wed, 27 Sep 2023 12:22:28 GMT

GET
H2 200 ckeditor.js Show response
cdn.ckeditor.com/4.16.0/full-all/ 727 KB
218 KB 259ms
172ms Script
application/javascript 205.234.175.175
CACHENETWORKS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ckeditor.com/4.16.0/full-all/ckeditor.js

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.234.175.175 Lovettsville, United States, ASN30081 (CACHENETWORKS, US),

Reverse DNS

vip1.G-anycast1.cachefly.net

Software

CFS 0215 /

Resource Hash

724b5f4c241ad87fdc5945eb8e3d617fff235bc2ad6cab258a5b2da6ffdf5360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:01 GMT
x-cf-tsc: 1665185342
x-content-type-options: nosniff
x-cf3: M
cf4ttl: 604800.000
content-encoding: gzip
x-cf1: 28810:fC.fra2:co:1663772073:cacheN.fra2-01:M
x-cf-reqid: 9e5d9413db317f8aac75340a20213b6b
x-xss-protection: 1; mode=block
x-cf2: M
last-modified: Tue, 26 Jan 2021 13:33:23 GMT
server: CFS 0215
x-cff: B
x-frame-options: sameorigin
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800, public
cf4age: 0
accept-ranges: bytes
expires: Fri, 14 Oct 2022 23:29:01 GMT

GET
H2 200 parser.min.js Show response
cdnjs.cloudflare.com/ajax/libs/fast-xml-parser/3.15.0/ 16 KB
5 KB 383ms
339ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/fast-xml-parser/3.15.0/parser.min.js

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

907ffe446b6382139ac05a8eb44154f5430954ab23f056fed39bcebcdf73015d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4965
last-modified: Mon, 04 May 2020 16:10:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e58-40ef"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eeNT2svyQvjHU%2Bb2Vd%2FcjYpzyezYwQ0gnp36VY8s08JfTdhWJjTSWaBc7TqmwsCRtQA32%2BWZHg0xjH5rWjK6T7n6XxZPHwJ3OcFJQyDDWIZwBxQlUKX801q5RnN%2BdjR6yn92YfLcaBKTKOfnOjQzB4i5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 756a6aa06d63bb4d-FRA
expires: Wed, 27 Sep 2023 23:29:01 GMT

GET
H2 200 9c70e14a.app.js Show response
static.leadshook.io/app/ 4 MB
471 KB 260ms
155ms Script
application/javascript 65.9.66.107
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadshook.io/app/9c70e14a.app.js
Requested by: Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-107.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9555148920f70c5d0e32cfe7141dff299caf609d82c91a36ddf04565e82768dc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 11:49:44 GMT
content-encoding: gzip
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified: Thu, 06 Oct 2022 14:58:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 41958
etag: W/"b42417697d2d30c5bdb81051145d102a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-cf-id: SLruTe8Y7_JYq3ftxJC8ubCAmvLVMg5GYBMgP5Q_adiFitHgy6j_sg==

GET
H2 200 form.js Show response
help.leadshook.com/assets/form/ 17 KB
17 KB 630ms
223ms Script
application/javascript 54.156.135.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://help.leadshook.com/assets/form/form.js
Requested by: Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.135.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-135-114.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 596c1f837665e46b78a7f0e38715a37ef6dff2ac9cb01c59da56bf5040332feb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:01 GMT
last-modified: Thu, 04 Aug 2022 05:42:24 GMT
server: nginx
etag: "62eb5c40-42ba"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17082
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 241 KB
85 KB 91ms
40ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KSQMRC7

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

af622d7c3f64a438fe5fc1dd9e39ddc461f179e8749137f3a18998515e9c5197

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 86742
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 07 Oct 2022 23:29:02 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 87ms
34ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans:400,500,600,700&display=swap

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9f2556e4264118d0f45702575f35ca3ebdc6d7615d98b6e81a639e287cbfc3c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Oct 2022 23:29:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 23:29:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Oct 2022 23:29:01 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 33ms
33ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:01 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 184523
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UFxXkPJ1hLDZBDBkf%2FK0DEYgt%2BR%2F0Xt7Mpq1SPR5JyXEfWLXAnAK5nEbfNGvO3%2FFlS2XpbTJK7qVyXmYYDveAv5NhVc89Q%2FzHwtxYT4v4nB9Au%2FolhevQUXgV5tLHQRRXVCQSn7oKn57tH8o9nSgLzVT"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 756a6aa1ef32bb4d-FRA
expires: Wed, 27 Sep 2023 23:29:01 GMT

GET
H3 200 css2
fonts.googleapis.com/ 223 KB
7 KB 96ms
51ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Abel:wght@100;300;400;500;700;900&family=Abril+Fatface:wght@100;300;400;500;700;900&family=Barlow:wght@100;300;400;500;700;900&family=Bitter:wght@100;300;400;500;700;900&family=Comforta:wght@100;300;400;500;700;900&family=Droid+Serif:wght@100;300;400;500;700;900&family=Inconsolata:wght@100;300;400;500;700;900&family=Josefin+Sans:wght@100;300;400;500;700;900&family=Josefin+Slab:wght@100;300;400;500;700;900&family=Lato:wght@100;300;400;500;700;900&family=Libre+Franklin:wght@100;300;400;500;700;900&family=Lobset+Two:wght@100;300;400;500;700;900&family=Lobster:wght@100;300;400;500;700;900&family=Lora:wght@100;300;400;500;700;900&family=Merriweather:wght@100;300;400;500;700;900&family=Montserrat:wght@100;300;400;500;700;900&family=Muli:wght@100;300;400;500;700;900&family=Noto+Sans:wght@100;300;400;500;700;900&family=Nunito:wght@100;300;400;500;700;900&family=Nunito+Sans:wght@100;300;400;500;700;900&family=Open+Sans:wght@100;300;400;500;700;900&family=Oswald:wght@100;300;400;500;700;900&family=Oxygen:wght@100;300;400;500;700;900&family=PT+Sans:wght@100;300;400;500;700;900&family=PT+Serif:wght@100;300;400;500;700;900&family=Patua+Online:wght@100;300;400;500;700;900&family=Playfair+Display:wght@100;300;400;500;700;900&family=Poppins:wght@100;300;400;500;700;900&family=Quicksand:wght@100;300;400;500;700;900&family=Raleway:wght@100;300;400;500;700;900&family=Roboto:wght@100;300;400;500;700;900&family=Roboto+Condensed:wght@100;300;400;500;700;900&family=Roboto+Mono:wght@100;300;400;500;700;900&family=Roboto+Slab:wght@100;300;400;500;700;900&family=Rubik:wght@100;300;400;500;700;900&family=Sigmar+One:wght@100;300;400;500;700;900&family=Source+Sans+Pro:wght@100;300;400;500;700;900&family=Special+Elite:wght@100;300;400;500;700;900&family=Titillium+Web:wght@100;300;400;500;700;900&family=Ubuntu:wght@100;300;400;500;700;900&family=Work+Sans&display=swap

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

410e2ee58ae8ade92b8e2065a9b6c303a3dcdd2bf4ddc382cf61f6c4c6d94667

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Oct 2022 23:29:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 Oct 2022 23:29:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Oct 2022 23:29:02 GMT

GET
H2 200 widget-app.43c90553edce66e5e406.js Show response
widget.user.com/ 92 KB
18 KB 85ms
28ms Script
application/javascript 2606:4700:10::ac43:2592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.user.com/widget-app.43c90553edce66e5e406.js
Requested by: Host: blitz-brands.user.com
URL: https://blitz-brands.user.com/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:2592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1b194fb2c0dc9fa1d0c7b4959da8d76abc79f7db35251e6953dfbbae7d7d05b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Sep 2022 06:15:08 GMT
server: cloudflare
age: 3655
etag: W/"632808ec-17079"
vary: Accept-Encoding
content-type: application/javascript
ue-backend: widget
ue-node: widget1
cf-ray: 756a6aa668ad5b98-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 form.css
help.leadshook.com/assets/form/ 1 KB
1 KB 112ms
112ms Stylesheet
text/css 54.156.135.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://help.leadshook.com/assets/form/form.css
Requested by: Host: static.leadshook.io
URL: https://static.leadshook.io/app/80cc3c9e.frontend_vendor.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.156.135.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-156-135-114.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1c3d711dc328e3084694c0707d195eb823279168cb507105f51ab7887a6e55ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:02 GMT
last-modified: Thu, 04 Aug 2022 05:42:24 GMT
server: nginx
etag: "62eb5c40-4b9"
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 1209
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 form_config Show response
help.leadshook.com/api/v1/ 14 KB
12 KB 445ms
216ms XHR
application/json 54.156.135.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://help.leadshook.com/api/v1/form_config

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.156.135.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-156-135-114.compute-1.amazonaws.com

Software

nginx /

Resource Hash

cbbf5adf5e1b2658e8d3679197d00f1a9e903bf9a67b283376145cefe16fef00

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self' https://help.leadshook.com; default-src 'self' ws: wss: https://images.zammad.com; font-src 'self' data:; img-src * data:; object-src 'none'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-f3n1PXEttnq3uNrZb6AI7A=='; style-src 'self' 'unsafe-inline'; frame-src www.youtube.com player.vimeo.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://apply.taxfreshstartinitiative.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 07 Oct 2022 23:29:02 GMT
content-security-policy: base-uri 'self' https://help.leadshook.com; default-src 'self' ws: wss: https://images.zammad.com; font-src 'self' data:; img-src * data:; object-src 'none'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-f3n1PXEttnq3uNrZb6AI7A=='; style-src 'self' 'unsafe-inline'; frame-src www.youtube.com player.vimeo.com
x-content-type-options: nosniff
content-encoding: gzip
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
x-request-id: 1be4d906-1928-44bb-badd-a9ba839ff1ff
pragma: no-cache
x-runtime: 0.029512
referrer-policy: strict-origin-when-cross-origin
server: nginx
etag: W/"cbbf5adf5e1b2658e8d3679197d00f1a"
x-download-options: noopen
x-frame-options: SAMEORIGIN
vary: Accept
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: POST, GET, PUT, DELETE, PATCH, OPTIONS
access-control-max-age: 1728000
csrf-token: NdpriA0j3UvBl0fTNCnLEBE3iseq67K4xBvyKNrKWNgYbnTvEjYKQS-Nr6JuRxI8HNSnbpe3mynw9zYqm6L5Nw
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-headers: Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control, Accept-Language
expires: -1

GET
H2 200 f0620219.login-img.png
static.leadshook.io/assets/images/ 120 KB
121 KB 30ms
29ms Image
image/png 65.9.66.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.leadshook.io/assets/images/f0620219.login-img.png
Requested by: Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-107.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cc9dc21f983c2de7e3fe2723bbd25a547b831591f43603c7532b28b5960e2e78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 09:14:33 GMT
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified: Sun, 18 Aug 2019 22:31:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 310469
etag: "90b665a8e3760d7b6f7a5f6908f04d25"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 123024
x-amz-cf-id: nxSbRbwmWajGjG-0ZUwCGuUV-LZSScpIyLClxWopWkzhAuBmm9olbw==

GET
H2 200 56f2db52.leadshook-logo-notagline.png
static.leadshook.io/assets/images/ 14 KB
14 KB 31ms
31ms Image
image/png 65.9.66.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.leadshook.io/assets/images/56f2db52.leadshook-logo-notagline.png
Requested by: Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/login
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-107.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d8a9932951cc9de2f43c5f4d6efe1d12bc3f6867932d62645933845029c2f9c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Tue, 04 Oct 2022 01:12:48 GMT
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
last-modified: Sun, 18 Aug 2019 22:31:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 339375
etag: "1ecaba5d958124671b18ee8c99dbd787"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 14052
x-amz-cf-id: vT3qNkktLupN3m-lAtVeqfQ5iwkmgTw76ZdxATfqozsH3jWJwJ9NpA==

GET
H2 200 pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 82ms
27ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,500,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://apply.taxfreshstartinitiative.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Wed, 05 Oct 2022 08:45:06 GMT
x-content-type-options: nosniff
age: 225836
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16980
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:33:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 08:45:06 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 75ms
23ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSQMRC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 07 Oct 2022 23:15:57 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 785
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sat, 08 Oct 2022 01:15:57 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 99ms
24ms Script
application/x-javascript 2a02:26f0:3500:16::215:149b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSQMRC7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:149b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:02 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 20:23:36 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=44629
accept-ranges: bytes
content-length: 3063

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 54 KB
17 KB 104ms
23ms Script
text/javascript 2600:9000:206f:7000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSQMRC7
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:7000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36b8ba6d8daab27f21a23b6f0deb326d45c7ffa2ca328f7149e0022297101006

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

X-Amz-Version-Id: BoYN70bwO4jmpUvp4IBqP7NBSb_YQqPb
Content-Encoding: gzip
Via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
Date: Fri, 07 Oct 2022 22:53:05 GMT
Age: 2158
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 06 Oct 2022 17:51:49 GMT
Server: AmazonS3
Etag: W/"4d72aaf67e0afed0a192e314091617b3"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: y-viFZHrl7HBo6LiqPC4EGjWkgjU6UMik42t2vFh5ttkTzvF7qDG5w==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
15 KB 128ms
45ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSQMRC7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15192
x-xss-protection: 0
server: cafe
etag: 699633608045481581
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 07 Oct 2022 23:29:02 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 26 KB
10 KB 131ms
20ms Script
application/javascript 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSQMRC7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b719a446401c59e2784e7979101371a8a12f04139b37c8632682ea60a5720b21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:02 GMT
content-encoding: gzip
etag: "+b0B6ncQDCugPb96DWf2QA=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 14 Oct 2022 23:29:02 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 129ms
52ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSQMRC7

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 07 Oct 2022 23:29:01 GMT
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F2C980D34F6D4B528763A120A3C68DD9 Ref B: FRA31EDGE0219 Ref C: 2022-10-07T23:29:02Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 11376

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 102ms
25ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSQMRC7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:02 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 15:04:19 GMT
etag: "d4de8398858246712016031c834bb061+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15317
x-served-by: cache-iad-kjyo7100153-IAD, cache-hhn11565-HHN

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 90ms
27ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 07 Oct 2022 23:29:02 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26840
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: GdRaz1497wGZhENQFmk9kjtZ+mKih7kWXisnA3H08eI3A6HEGS5svLo7ZASFSOZ0faT+eAoOm5Fmdfke9z0TBA==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 1127703.js Show response
tag.getdrip.com/ 90 KB
30 KB 520ms
418ms Script
application/javascript 99.86.4.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.getdrip.com/1127703.js
Requested by: Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-11.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6ce5476fefaffbc83ef38fb38dce59f073a0586960f15796b778347755a69cbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:04 GMT
content-encoding: gzip
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
last-modified: Fri, 07 Oct 2022 23:11:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"ce1dc9a5eccacc6adb57d56d18419a5f"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
x-amz-cf-id: LKacXfJWEzmojsIc2fGNhbQEVdtdThxe3Bn8cM02XGAtqG_iElHxvw==

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
1 KB 99ms
22ms Script
application/javascript 2a04:4e42:62::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:62::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c75d8bdd1d5498551294cf4551304e5c2158b9788ac1779d03a2edd611a6c93e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:02 GMT
x-cdn: fastly
etag: "ef33a337cb7aa4b4f9c294765d2176c0"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=7200
fastly-restarts: 1
content-length: 1146

GET
H2 200 scevent.min.js Show response
sc-static.net/ 25 KB
9 KB 108ms
38ms Script
application/javascript 18.66.120.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.120.247 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-120-247.fra60.r.cloudfront.net
Software: CloudFront /
Resource Hash: 67e294da2e0a5b863f5ca40c02eddd1fbb0a0dba124fec3747a1674fb8ede7ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:02 GMT
content-encoding: gzip
via: 1.1 d20f19c14113bb86116d01e6cb4e2844.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P2
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 8764
x-amz-cf-id: mYvD-VG47m_J8L3sMXJ8tvxl0GpzHgAmLc-FWcbFl4HliXCml3rO5w==

GET
H2 200 matomo.js Show response
cdn.matomo.cloud/lhcom.matomo.cloud/ 130 KB
39 KB 94ms
33ms Script
application/javascript 2600:9000:223f:8600:c:7d55:b3c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.matomo.cloud/lhcom.matomo.cloud/matomo.js
Requested by: Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:8600:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 65b0acb6696448a75af5d79f3b6d2facc8e1293f15ea7ef1aa021eb2e1f4c1a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 20:33:11 GMT
x-amz-version-id: Wx80yL0fjegwsoaSAvRd_7lz23yjfYAH
content-encoding: gzip
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 10552
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 27 Sep 2022 00:00:38 GMT
server: AmazonS3
etag: W/"d83657630525938172fdbbe7bfb61da3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=691200
x-amz-cf-id: IXcJZ0e242hY49xJUeWCiudHWzLbXRFAFMXL98JvC433jaAEk52j0Q==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
73 KB 92ms
43ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Y2MD7KEREM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KSQMRC7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d48bcd74ced29bf10f8a9398f1d054f2f92689dd3cddc8d813191ae2d7b2e8e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:02 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74787
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 07 Oct 2022 23:29:02 GMT

GET
H3 200 widget-actionsStore.43c90553edce66e5e406.js Show response
widget.user.com/ 5 KB
2 KB 62ms
34ms Script
application/javascript 2606:4700:10::ac43:2592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.user.com/widget-actionsStore.43c90553edce66e5e406.js
Requested by: Host: blitz-brands.user.com
URL: https://blitz-brands.user.com/widget.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:2592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b2eafec3675baf2a8d1570291500c6c027db6fced43bfc2698fbb76c050071d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Sep 2022 06:15:08 GMT
server: cloudflare
age: 6283
etag: W/"632808ec-1469"
vary: Accept-Encoding
content-type: application/javascript
ue-backend: widget
ue-node: widget2
cf-ray: 756a6aa75dc0920b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H/1.1 200
OK / Show response
blitz-brands.user.com/api/v2/user-chatping/ 3 KB
4 KB 150ms
149ms Fetch
application/json 51.91.31.155
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://blitz-brands.user.com/api/v2/user-chatping/

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.91.31.155 Paris, France, ASN16276 (OVH, FR),

Reverse DNS

ns3151945.ip-51-91-31.eu

Software

Resource Hash

c80692c2b985f79aac7e9564952e2f0a1968e88d6cf488e71ca18e85172764ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://apply.taxfreshstartinitiative.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/json

Response headers

x-content-type-options: nosniff
referrer-policy: same-origin
vary: Cookie, Origin
allow: POST, OPTIONS
content-type: application/json
x-frame-options: DENY
access-control-allow-origin: https://apply.taxfreshstartinitiative.com
ue-backend: tenants
access-control-allow-credentials: true
ue-node: apinode22
content-length: 3499

OPTIONS
H/1.1 200
OK /
blitz-brands.user.com/api/v2/user-chatping/ Frame 0
0 167ms
54ms Preflight
text/html 51.91.31.155
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://blitz-brands.user.com/api/v2/user-chatping/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.91.31.155 Paris, France, ASN16276 (OVH, FR),
Reverse DNS: ns3151945.ip-51-91-31.eu
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://apply.taxfreshstartinitiative.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with, set-cookie, clientuser-key, convo-id
access-control-allow-methods: DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://apply.taxfreshstartinitiative.com
access-control-max-age: 86400
content-length: 0
content-type: text/html; charset=utf-8
ue-backend: tenants
ue-node: apinode23
vary: Origin

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
454 B 101ms
30ms XHR
text/plain 2a00:1450:400c:c08::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-75159424-3&cid=121549769.1665185343&jid=1484246797&gjid=489904018&_gid=1475703816.1665185343&_u=YGBAiEABBAAAAEABI~&z=1081715978

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://apply.taxfreshstartinitiative.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 07 Oct 2022 23:29:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://apply.taxfreshstartinitiative.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 75ms
25ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=229021627&t=pageview&_s=1&dl=https%3A%2F%2Fapply.taxfreshstartinitiative.com%2Flogin&dr=&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABBAAAAAABI~&jid=1484246797&gjid=489904018&cid=121549769.1665185343&tid=UA-75159424-3&_gid=1475703816.1665185343&gtm=2wga50KSQMRC7&z=277984073

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 21:17:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7918
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 74ms
25ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=229021627&t=pageview&_s=1&dl=https%3A%2F%2Fapply.taxfreshstartinitiative.com%2Flogin&dr=&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAiEABBAAAAEABI~&jid=&gjid=&cid=121549769.1665185343&tid=UA-75159424-3&_gid=1475703816.1665185343&gtm=2wga50KSQMRC7&z=1154489329

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/login

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 21:17:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7918
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=234948&time=1665185342686&url=https%3A%2F%2Fapply.taxfreshstartinitiative.com%2Flogin
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D234948%26time%3D1665185342686%26url%3Dhttps%253A%252F%252Fapply.taxfreshstartinit...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=234948&time=1665185342686&url=https%3A%2F%2Fapply.taxfreshstartinitiative.com%2Flogin&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=234948&time=1665185342686&url=https%3A%2F%2Fapply.taxfreshstartinitiative.com%2Flogin&liSync=true&e_ipv6=AQJPm5dz_7kg8AAAAYO0x-ZhKvbYS0rEmJNUQ1Lc...

0
480 B

217ms
121ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=234948&time=1665185342686&url=https%3A%2F%2Fapply.taxfreshstartinitiative.com%2Flogin&liSync=true&e_ipv6=AQJPm5dz_7kg8AAAAYO0x-ZhKvbYS0rEmJNUQ1LcCd0Mm7cfmA_E8GPiMw9vAIWFGwGvxTNCBwvK
Requested by: Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/login
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:02 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: CF9EDE3E6BDA43E9992F17129FAB0576 Ref B: FRAEDGE1107 Ref C: 2022-10-07T23:29:03Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
content-type: application/javascript
x-li-fabric: prod-lva1
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXqeizfHlHKh3TfaIsdLg==

Redirect headers

date: Fri, 07 Oct 2022 23:29:02 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 10D2F59E5D8D488FA480C0D37E011A5F Ref B: FRAEDGE1511 Ref C: 2022-10-07T23:29:03Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=234948&time=1665185342686&url=https%3A%2F%2Fapply.taxfreshstartinitiative.com%2Flogin&liSync=true&e_ipv6=AQJPm5dz_7kg8AAAAYO0x-ZhKvbYS0rEmJNUQ1LcCd0Mm7cfmA_E8GPiMw9vAIWFGwGvxTNCBwvK
x-cache: CONFIG_NOCACHE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXqeizby2O4ORnmBD1cPA==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/2C3ORQAMZFDTZFOJQIRR3E/index.js
https://s.adroll.com/j/exp/index.js

28 B
785 B

45ms
24ms

Script
application/javascript

2600:9000:206f:7000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/login
Protocol: HTTP/1.1
Server: 2600:9000:206f:7000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

X-Amz-Version-Id: VS8aSrwndm.MeiNnyJ10ruHH56v74CIF
Date: Fri, 07 Oct 2022 04:56:05 GMT
Via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
Age: 66792
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Fri, 02 Sep 2022 17:25:28 GMT
Server: AmazonS3
Etag: "5816cced8568d223aa09d889f300692b"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: VGTQ8lg3VjUjNf-G2Rw5PHPZBTzRwpFSMW34FPcq6rv7gNDHFbyf7g==

Redirect headers

Date: Fri, 07 Oct 2022 09:44:08 GMT
Via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
Age: 49494
X-Amz-Cf-Pop: FRA56-C1
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 2PNGtsSW6G0vtwpMSjyBFOIFJ42ZxLhVVtXFVJ_fD2VIVfauuhMKqA==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/2C3ORQAMZFDTZFOJQIRR3E/HAZU6ALDTZAMBI43TRRXCZ/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
756 B

22ms
22ms

Script
application/javascript

2600:9000:206f:7000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/login
Protocol: HTTP/1.1
Server: 2600:9000:206f:7000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Date: Fri, 07 Oct 2022 02:43:06 GMT
Via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
Age: 74759
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: c5ENZOQBXfMtaVv-wB3HN1BKXpVNOfJWCJd-XA86_NBZpVQd4IwT-Q==

Redirect headers

Date: Fri, 07 Oct 2022 08:17:28 GMT
Via: 1.1 36d9e1bd4f00d39c57a56679dc44e264.cloudfront.net (CloudFront)
Age: 54693
X-Amz-Cf-Pop: FRA56-C1
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: r8bxfnlPUQSeVjsD7Alnxx2-LCIiTzbd3z3aWBqp0kY20N-YduJZsw==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/2C3ORQAMZFDTZFOJQIRR3E/HAZU6ALDTZAMBI43TRRXCZ/ 0
809 B 71ms
27ms Script
text/javascript 2600:9000:206f:7000:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/2C3ORQAMZFDTZFOJQIRR3E/HAZU6ALDTZAMBI43TRRXCZ/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:7000:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

X-Amz-Version-Id: RTpf5s123eZTItGNdXchw0Nbn0GYLGRG
Date: Fri, 07 Oct 2022 23:29:02 GMT
Via: 1.1 4874e0c922f34c928345f4c183ea11b4.cloudfront.net (CloudFront)
Age: 3065
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 28 Sep 2022 02:20:13 GMT
Server: AmazonS3
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Access-Control-Max-Age: 600
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: J-k5d7zvkaQPMn0Vj86K-J9UQdyHlSWE6BkunKBg4FkWBwXloOMwTg==

GET
H2 200 adsct
t.co/i/ 43 B
376 B 181ms
126ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=82a0dfff-fe7b-4107-844b-f7b212431656&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ad987b0f-1aa7-4811-80e3-d643b64ffa58&tw_document_href=https%3A%2F%2Fapply.taxfreshstartinitiative.com%2Flogin&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzjib&type=javascript&version=2.3.27

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time: 104
date: Fri, 07 Oct 2022 23:29:02 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 6390ac525038d147
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 90db7cbcaee245ccc89189329b5411287ff62ade0b4b731a1e5f65236be78156
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 195ms
122ms Image
image/gif 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=82a0dfff-fe7b-4107-844b-f7b212431656&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=ad987b0f-1aa7-4811-80e3-d643b64ffa58&tw_document_href=https%3A%2F%2Fapply.taxfreshstartinitiative.com%2Flogin&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nzjib&type=javascript&version=2.3.27

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

x-response-time: 102
date: Fri, 07 Oct 2022 23:29:01 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: da758098edf6e834
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 171555fa80f6fd39a08cba9f3033862aa015e3b34c6606938abe71b8a7f5deff
content-length: 43

GET
H3 200 121729511775350 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 107ms
80ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/121729511775350?v=2.9.84&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8252c21268e8ad2d95133f4ec25dfa99beef3ed6fdb2eb9df341741ed2f91a0a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 07 Oct 2022 23:29:02 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Cio0uK5jZ6tfqTO+vIImkrkmmILFr1zs7uccHj8GM/DZsSStZQ9swraG8YuLI0As4pYpftyNjH6q0WpXDZjGcg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.3a217bc7.js Show response
s.pinimg.com/ct/lib/ 55 KB
19 KB 24ms
23ms Script
application/javascript 2a04:4e42:62::84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.3a217bc7.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:62::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3f29259501183f270ed9b30dc3569b0b69c8bafb46685a5790c793ec76c2c763

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:02 GMT
content-encoding: gzip
x-cdn: fastly
etag: "e07e047bcf076284d8d2680e8f0c262c"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
vary: Accept-Encoding, Origin
cache-control: max-age=1209600
fastly-restarts: 1
content-length: 19398

POST
H2 204 collect
region1.google-analytics.com/g/ 0
359 B 94ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Y2MD7KEREM&gtm=2oea50&_p=229021627&cid=121549769.1665185343&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1665185342&sct=1&seg=0&dl=https%3A%2F%2Fapply.taxfreshstartinitiative.com%2Flogin&dt=&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y2MD7KEREM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 23:29:02 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://apply.taxfreshstartinitiative.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-867694671/ 2 KB
2 KB 104ms
35ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-867694671/?random=1665185342750&cv=9&fst=1665185342750&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fapply.taxfreshstartinitiative.com%2Flogin&auid=868414903.1665185343&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09c86771f76b9e0b746b53abd05bb36ae2e707d5b7d44881baf09f39e50873c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 23:29:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1007
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 26008299.js Show response
bat.bing.com/p/action/ 1 KB
844 B 120ms
119ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/26008299.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

51510eebe8a74d642709bbf7dd934586a142489105cfcfbd38c8ed9bef9819d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 07 Oct 2022 23:29:01 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B5C00658A3564BA8B2576E6000DBDC06 Ref B: FRA31EDGE0219 Ref C: 2022-10-07T23:29:02Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 667

GET
H2 204 0
bat.bing.com/action/ 0
177 B 47ms
46ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=26008299&tm=gtm002&Ver=2&mid=7c1a9411-6476-4b1a-937f-0f44386b171f&sid=d3e9fd80469711edbe3047c13ba3a9c6&vid=d3ea2a50469711ed87f3d3fdc8ea49ac&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fapply.taxfreshstartinitiative.com%2Flogin&r=&lt=1526&evt=pageLoad&sv=1&rn=219788

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 07 Oct 2022 23:29:01 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F00FBEBA4CFD4A53BAF9DCBE6878D981 Ref B: FRA31EDGE0219 Ref C: 2022-10-07T23:29:02Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-pP9taKm6sy_8n.js Show response
rules.quantcount.com/ 209 B
687 B 493ms
440ms Script
application/javascript 2600:9000:223c:a600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-pP9taKm6sy_8n.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:a600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b059eed69c80f1b3140756cbf74008f01592ebdba3347383355d1c720e97f3f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:04 GMT
via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 209
last-modified: Sat, 27 Aug 2022 19:04:36 GMT
server: AmazonS3
etag: "075004bf61e0c591a610aac49a857f0b"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: Nc3x4-d-OjbVqkWmpeGIBDh5d5Ja41Z3lSpyE3-o76qQj9HoBFyFVw==

GET
H2 200 rules-p-4jbkCsV72asN8.js Show response
rules.quantcount.com/ 271 B
750 B 486ms
433ms Script
application/javascript 2600:9000:223c:a600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-4jbkCsV72asN8.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:a600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8001f30a6865a4d0a174642d213599964b0d21493404c833f36871da0c978d87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:04 GMT
via: 1.1 985c0b2ec44bdebc7f24f26d1e427d30.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 271
last-modified: Sat, 27 Aug 2022 03:06:44 GMT
server: AmazonS3
etag: "c920bab51ce78e7032afbd7f90f327e2"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: FP7RSovvSusVH7AQzQ47cAP5GCtQmlCmShSPWPaTEOBqs2NxB7jf9A==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 82ms
32ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-75159424-3&cid=121549769.1665185343&jid=1484246797&_u=YGBAiEABBAAAAEABI~&z=910276822

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 23:29:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 87ms
31ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-75159424-3&cid=121549769.1665185343&jid=1484246797&_u=YGBAiEABBAAAAEABI~&z=910276822

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 23:29:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 539 B
872 B 385ms
56ms XHR
application/json 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2619172455801&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1665185342793

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

67aa7747c963773648253e6fdf8d7ec6ffd6408a7369af5885cd4c4c241bb5be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
x-cdn: akamai
akamai-grn: 0.946656b8.1665185343.2bb9751
x-envoy-upstream-service-time: 3
content-length: 377
x-pinterest-rid: 1349264030186815
pin-unauth: dWlkPVkySmhObVEyTmpndE1HWmxOQzAwWTJKakxXSmxNRGN0TVRRNU16Sm1OakZrTldZNQ
pragma: no-cache
referrer-policy: origin
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://apply.taxfreshstartinitiative.com
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 matomo.php
lhcom.matomo.cloud/ 0
187 B 149ms
82ms Ping
text/plain 18.157.122.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lhcom.matomo.cloud/matomo.php?action_name=apply.taxfreshstartinitiative.com%2F&idsite=1&rec=1&r=070735&h=23&m=29&s=2&url=https%3A%2F%2Fapply.taxfreshstartinitiative.com%2Flogin&_id=1998a22b53cc7a5d&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=QcbOm3&fa_pv=1&fa_fp[0][fa_vid]=TijUcQ&fa_fp[0][fa_name]=loginForm&fa_fp[0][fa_fv]=1&fa_fp[1][fa_vid]=ySJmNt&fa_fp[1][fa_name]=mfaForm&fa_fp[1][fa_fv]=1&fa_fp[2][fa_vid]=Xmqgg5&fa_fp[2][fa_name]=resetPasswordForm&fa_fp[2][fa_fv]=1&pf_net=350&pf_srv=112&pf_tfr=1&pf_dm1=947
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/lhcom.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.122.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-122-248.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://apply.taxfreshstartinitiative.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://apply.taxfreshstartinitiative.com
date: Fri, 07 Oct 2022 23:29:03 GMT
access-control-allow-credentials: true
server: Apache
vary: Origin,X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
334 B 347ms
66ms Image
image/gif 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2619172455801&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fapply.taxfreshstartinitiative.com%2Flogin%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%223a217bc7%22%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1665185342809

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/login

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 23:29:03 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.946656b8.1665185343.2bb9755
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1308727432258134
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 2C3ORQAMZFDTZFOJQIRR3E Show response
d.adroll.com/consent/check/ 462 B
555 B 175ms
44ms Script
application/javascript 34.240.197.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/2C3ORQAMZFDTZFOJQIRR3E?arrfrr=https%3A%2F%2Fapply.taxfreshstartinitiative.com%2Flogin&_s=155ee9d1c4fac8eccae81e19b6399d2e&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.240.197.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-240-197-120.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 535fa419a9ffd8d70d75ab6abe1cb32187388f3c9097267cd944966f4b627fdf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:03 GMT
server: nginx/1.20.0
content-length: 462
content-type: application/javascript

GET
H2 200 init Show response
tr.snapchat.com/ 126 B
520 B 110ms
32ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/init?pids=b43abd65-34a6-4097-a92e-d0f488acd807

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

5dd7be681380468c0eb783f46594c212474e1fad63d78b6f3805b7a958f1783b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://apply.taxfreshstartinitiative.com
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 79 B
165 B 110ms
32ms Fetch
application/json 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=b43abd65-34a6-4097-a92e-d0f488acd807&tld=com

Requested by

Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

20c0aa8d108074d8d1178d34ecee2013427d57193ac588863a563109044d1809

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 google
server: API Gateway
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://apply.taxfreshstartinitiative.com
x-envoy-upstream-service-time: 0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 36A4 0
294 B 90ms
33ms Document
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=b43abd65-34a6-4097-a92e-d0f488acd807&u_scsid=21a88bae-f5b0-4717-8d22-802b3a4fa4f6&u_sclid=a0c3856e-14b1-48cf-9336-20e0998e67bf

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer: https://apply.taxfreshstartinitiative.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Fri, 07 Oct 2022 23:29:02 GMT
server: API Gateway
strict-transport-security: max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via: 1.1 google
x-envoy-upstream-service-time: 0

POST
H2 200 p
tr.snapchat.com/ 68 B
355 B 60ms
40ms Ping
text/html 35.190.43.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/p

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

134.43.190.35.bc.googleusercontent.com

Software

API Gateway /

Resource Hash

370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer: https://apply.taxfreshstartinitiative.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryHzCN250bQo4jqGCT

Response headers

date: Fri, 07 Oct 2022 23:29:02 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via: 1.1 google
server: API Gateway
content-type: text/html
access-control-allow-origin: https://apply.taxfreshstartinitiative.com
cache-control: no-cache, no-transform
x-envoy-upstream-service-time: 6
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

GET
H2 200 /
www.google.com/pagead/1p-user-list/AW-867694671/ 42 B
154 B 34ms
33ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/AW-867694671/?random=1665185342750&cv=9&fst=1665183600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&frm=0&url=https%3A%2F%2Fapply.taxfreshstartinitiative.com%2Flogin&async=1&fmt=3&is_vtc=1&random=2205371726&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 23:29:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/AW-867694671/ 42 B
154 B 33ms
32ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/AW-867694671/?random=1665185342750&cv=9&fst=1665183600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wga50&sendb=1&frm=0&url=https%3A%2F%2Fapply.taxfreshstartinitiative.com%2Flogin&async=1&fmt=3&is_vtc=1&random=2205371726&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 23:29:02 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
204 B 86ms
22ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=121729511775350&ev=PageView&dl=https%3A%2F%2Fapply.taxfreshstartinitiative.com%2Flogin&rl=&if=false&ts=1665185342875&sw=1600&sh=1200&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665185342874.1334483919&it=1665185342707&coo=false&rqm=GET

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 07 Oct 2022 23:29:02 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 26008299 Show response
www.clarity.ms/tag/uet/ 1 KB
2 KB 220ms
120ms Script
application/x-javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/26008299
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/26008299.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: ca004dad8a06a469ea2662a9743cacb66e9e41ea4c2583e5cdf317e7e767e03d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

content-type: application/x-javascript
date: Fri, 07 Oct 2022 23:29:02 GMT
cache-control: no-cache, no-store
expires: -1
x-azure-ref: 0P7ZAYwAAAABTZNXZ6wW1RJH5GwO1AQWGQlJVMzBFREdFMDQxMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H3 200 widget-chatStore.43c90553edce66e5e406.js Show response
widget.user.com/ 12 KB
4 KB 27ms
27ms Script
application/javascript 2606:4700:10::ac43:2592
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.user.com/widget-chatStore.43c90553edce66e5e406.js
Requested by: Host: blitz-brands.user.com
URL: https://blitz-brands.user.com/widget.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::ac43:2592 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a34c36eba1fc5d92f556851778a8695936a52b8a63445aaee9863b2fc6b04e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:02 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 19 Sep 2022 06:15:08 GMT
server: cloudflare
age: 3158
etag: W/"632808ec-30cd"
vary: Accept-Encoding
content-type: application/javascript
ue-backend: widget
ue-node: widget2
cf-ray: 756a6aa92f02920b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 clarity.js Show response
www.clarity.ms/eus-c/s/0.6.42/ 53 KB
23 KB 116ms
115ms Script
application/javascript 2620:1ec:46::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus-c/s/0.6.42/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/26008299
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::45 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: d97ca913935c9897ac4e255d17e14c8a3f0d8513681fe5b6736c4921fc5dd078

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:02 GMT
content-encoding: br
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
etag: "1d8d8e58fdaa9d4"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
x-azure-ref: 0P7ZAYwAAAABzuqh5CQdATKa+r8cHvVHgQlJVMzBFREdFMDQxMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 visit Show response
api.getdrip.com/client/events/ 84 B
1 KB 386ms
332ms Script
text/javascript 65.9.66.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.getdrip.com/client/events/visit?drip_account_id=1127703&referrer=&url=https%3A%2F%2Fapply.taxfreshstartinitiative.com%2Flogin&domain=apply.taxfreshstartinitiative.com&time_zone=UTC&enable_third_party_cookies=t&callback=Drip_371229552

Requested by

Host: tag.getdrip.com
URL: https://tag.getdrip.com/1127703.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-6.fra56.r.cloudfront.net

Software

Resource Hash

af65dc0760437b9b5aaba3524f1ddf5daed4ad5aac7f37992c254d08b015cbc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amzn-remapped-content-length: 84
x-amzn-remapped-server: nginx
x-permitted-cross-domain-policies: none
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amzn-requestid: edd23c52-4fcb-4c83-b29e-653dd4d1bea2
x-amzn-remapped-connection: keep-alive
x-cache: Miss from cloudfront
x-amz-apigw-id: ZqFp-GGqoAMF_yA=
content-length: 84
x-xss-protection: 1; mode=block
x-request-id: 6ccae234-9042-4ca4-9072-6955eb8f1b07
x-runtime: 0.031610
referrer-policy: strict-origin-when-cross-origin
etag: W/"af65dc0760437b9b5aaba3524f1ddf5d"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-amzn-remapped-date: Fri, 07 Oct 2022 23:29:03 GMT
x-amz-cf-id: D0J_rc3uYUbJIMcJeIB1tlWUObGaq-CAbxfZX2RPqkdB6xlpPp26iQ==

GET
H2 200 pixel
pxl.qccerttest.com/ 35 B
549 B 88ms
21ms Image
image/gif 2600:9000:214f:3400:11:615:7240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pxl.qccerttest.com/pixel?r=1985436638;fpan=1;fpa=P0-201334188-1665185343316;pbc=;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;ref=;cm=;gdpr=0;d=taxfreshstartinitiative.com;dst=0;et=1665185343316;tzo=0;url=https%3A%2F%2Fapply.taxfreshstartinitiative.com%2Flogin;ogl=

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:3400:11:615:7240:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 02:01:57 GMT
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA53-C1
age: 77227
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 35
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
server: AmazonS3
etag: "55d25e9dc950d5db4d53a3b195c046c6"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/gif
accept-ranges: bytes
x-amz-cf-id: I903Q9pZJdgvy01sAifl_Tl5C0NrY8ox-hs_wpkX-OgrlNz3MzpNmg==

GET
H2 200 pixel
pxl.qccerttest.com/ 35 B
549 B 88ms
21ms Image
image/gif 2600:9000:214f:3400:11:615:7240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pxl.qccerttest.com/pixel?r=1438623071;fpan=0;fpa=P0-201334188-1665185343316;pbc=;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;ref=;cm=;gdpr=0;d=taxfreshstartinitiative.com;dst=0;et=1665185343319;tzo=0;url=https%3A%2F%2Fapply.taxfreshstartinitiative.com%2Flogin;ogl=

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/login

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:214f:3400:11:615:7240:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 02:01:57 GMT
via: 1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA53-C1
age: 77227
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 35
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 04 Aug 2022 16:01:04 GMT
server: AmazonS3
etag: "55d25e9dc950d5db4d53a3b195c046c6"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/gif
accept-ranges: bytes
x-amz-cf-id: gjpFhQit74_Coo51uESwAIqMBR_lMiwQvYRviGgnYzkPaD39_OrmHQ==

GET
H2 200 pixel;r=301017232;source=gtm;rf=0;a=p-pP9taKm6sy_8n;url=https%3A%2F%2Fapply.taxfreshstartinitiative.com%2Flogin;uht=2;fpan=0;fpa=P0-201334188-1665185343316;pbc=;ns=0;ce=1;qjs=1;qv=39016d63-20220929...
pixel.quantserve.com/ 35 B
372 B 36ms
21ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=301017232;source=gtm;rf=0;a=p-pP9taKm6sy_8n;url=https%3A%2F%2Fapply.taxfreshstartinitiative.com%2Flogin;uht=2;fpan=0;fpa=P0-201334188-1665185343316;pbc=;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;cm=;gdpr=0;ref=;d=taxfreshstartinitiative.com;dst=0;et=1665185343320;tzo=0;ogl=;ses=b621f8a3-53d1-4404-9f3e-ce7b84ea303d

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 23:29:03 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pixel;r=1634890570;labels=_fp.event.Default;rf=0;a=p-4jbkCsV72asN8;url=https%3A%2F%2Fapply.taxfreshstartinitiative.com%2Flogin;uht=2;fpan=0;fpa=P0-201334188-1665185343316;pbc=;ns=0;ce=1;qjs=1;qv=39...
pixel.quantserve.com/ 35 B
372 B 37ms
22ms Image
image/gif 2620:116:800d:21:e365:4988:e8a7:3270
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1634890570;labels=_fp.event.Default;rf=0;a=p-4jbkCsV72asN8;url=https%3A%2F%2Fapply.taxfreshstartinitiative.com%2Flogin;uht=2;fpan=0;fpa=P0-201334188-1665185343316;pbc=;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;cm=;gdpr=0;ref=;d=taxfreshstartinitiative.com;dst=0;et=1665185343321;tzo=0;ogl=;ses=b621f8a3-53d1-4404-9f3e-ce7b84ea303d

Requested by

Host: apply.taxfreshstartinitiative.com
URL: https://apply.taxfreshstartinitiative.com/login

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 23:29:03 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H2 204 collect Show response
h.clarity.ms/ 0
171 B 582ms
216ms XHR
text/plain 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/collect
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://apply.taxfreshstartinitiative.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: https://apply.taxfreshstartinitiative.com
date: Fri, 07 Oct 2022 23:29:02 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

GET
H2 200 track Show response
api.getdrip.com/client/ 101 B
853 B 330ms
329ms Script
text/javascript 65.9.66.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.getdrip.com/client/track?url=https%3A%2F%2Fapply.taxfreshstartinitiative.com%2Flogin&visitor_uuid=2d0b740639cf4db6881d8ebdbb3a542c&_action=Started%20a%20new%20session&source=drip&drip_account_id=1127703&callback=Drip_755719796

Requested by

Host: tag.getdrip.com
URL: https://tag.getdrip.com/1127703.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-6.fra56.r.cloudfront.net

Software

Resource Hash

78b528010803720fa52f0f93451df668e25142cd83a38917fbf525069a281b5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:03 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amzn-remapped-content-length: 101
x-amzn-remapped-server: nginx
x-permitted-cross-domain-policies: none
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amzn-requestid: 18ea36a6-4882-4e4a-a6f2-bea9402a4ad1
x-amzn-remapped-connection: keep-alive
x-cache: Miss from cloudfront
x-amz-apigw-id: ZqFqBH4QoAMF9yA=
content-length: 101
x-xss-protection: 1; mode=block
x-request-id: 110835ca-7a36-4e2c-be33-924c5cdcf090
x-runtime: 0.024752
referrer-policy: strict-origin-when-cross-origin
etag: W/"78b528010803720fa52f0f93451df668"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-amzn-remapped-date: Fri, 07 Oct 2022 23:29:03 GMT
x-amz-cf-id: aDhEtEPUo5q0Ypm72xWpMMbPY2bE4RdWcScfLjbpMRoe8wkXye4aXw==

GET
H2 200 track Show response
api.getdrip.com/client/ 101 B
855 B 372ms
372ms Script
text/javascript 65.9.66.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.getdrip.com/client/track?url=https%3A%2F%2Fapply.taxfreshstartinitiative.com%2Flogin&visitor_uuid=2d0b740639cf4db6881d8ebdbb3a542c&_action=Visited%20a%20page&source=drip&drip_account_id=1127703&callback=Drip_640259144

Requested by

Host: tag.getdrip.com
URL: https://tag.getdrip.com/1127703.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-6.fra56.r.cloudfront.net

Software

Resource Hash

7058c7c6020497ce2de5436040f2e53b15e09c01a333b7a6074d96e8ffd7e29e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

date: Fri, 07 Oct 2022 23:29:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amzn-remapped-content-length: 101
x-amzn-remapped-server: nginx
x-permitted-cross-domain-policies: none
via: 1.1 95e0c26862caa0a0aa5e9580919524f8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amzn-requestid: 1a054242-521b-4467-a41a-b6f8c0fbefcc
x-amzn-remapped-connection: keep-alive
x-cache: Miss from cloudfront
x-amz-apigw-id: ZqFqBH4foAMF8OQ=
content-length: 101
x-xss-protection: 1; mode=block
x-request-id: 20155569-4235-4b54-9821-8188b8601c7e
x-runtime: 0.068108
referrer-policy: strict-origin-when-cross-origin
etag: W/"7058c7c6020497ce2de5436040f2e53b"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate
x-amzn-remapped-date: Fri, 07 Oct 2022 23:29:04 GMT
x-amz-cf-id: cFqb0LcFyYfcA2TqM8OhrxaPSdGvP_aHXwcd5yRXzxDErlfUCI5isw==

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=916F9D2696BC4CF9A267A8177CB6E978&RedC=c.clarity.ms&MXFR=1745B6A42F9360011684A4922B936EF4
https://c.clarity.ms/c.gif?CtsSyncId=916F9D2696BC4CF9A267A8177CB6E978&MUID=1AACCCC72EED656B0A7DDEF12F666491

42 B
369 B

41ms
41ms

Image
image/gif

20.234.93.27
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=916F9D2696BC4CF9A267A8177CB6E978&MUID=1AACCCC72EED656B0A7DDEF12F666491
Protocol: H2
Server: 20.234.93.27 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 23:29:03 GMT
last-modified: Tue, 13 Sep 2022 19:54:52 GMT
server: Microsoft-IIS/10.0
etag: "8d3298b0aac7d81:0"
x-powered-by: ASP.NET
content-type: image/gif
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 07 Oct 2022 23:29:03 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: EEF3C473E53D4D199E26406970DA7DFF Ref B: FRA31EDGE0219 Ref C: 2022-10-07T23:29:04Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=916F9D2696BC4CF9A267A8177CB6E978&MUID=1AACCCC72EED656B0A7DDEF12F666491
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 ct.html Show response
ct.pinterest.com/ Frame C27D 565 B
591 B 50ms
50ms Document
text/html 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.3a217bc7.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://apply.taxfreshstartinitiative.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

akamai-grn: 0.946656b8.1665185344.2bb99b6
cache-control: max-age=86400
content-encoding: gzip
content-length: 323
content-type: text/html; charset=utf-8
date: Fri, 07 Oct 2022 23:29:04 GMT
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
vary: Accept-Encoding
x-cdn: akamai
x-envoy-upstream-service-time: 1
x-pinterest-rid: 7028851570308667

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 47ms
22ms Image
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=121729511775350&ev=Microdata&dl=https%3A%2F%2Fapply.taxfreshstartinitiative.com%2Flogin&rl=&if=false&ts=1665185344380&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.84&r=stable&ec=1&o=30&fbp=fb.1.1665185342874.1334483919&it=1665185342707&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 07 Oct 2022 23:29:04 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 204 collect Show response
h.clarity.ms/ 0
48 B 106ms
106ms XHR
text/plain 52.224.31.34
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://h.clarity.ms/collect
Requested by: Host: browser.sentry-cdn.com
URL: https://browser.sentry-cdn.com/6.17.4/bundle.tracing.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.224.31.34 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://apply.taxfreshstartinitiative.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

access-control-allow-origin: https://apply.taxfreshstartinitiative.com
date: Fri, 07 Oct 2022 23:29:04 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8

POST
H2 204 matomo.php
lhcom.matomo.cloud/ 0
186 B 40ms
39ms Ping
text/plain 18.157.122.248
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lhcom.matomo.cloud/matomo.php?fa_vid=vhlmo5&fa_fv=1&ca=1&idsite=1&rec=1&r=342562&h=23&m=29&s=4&url=https%3A%2F%2Fapply.taxfreshstartinitiative.com%2Flogin&_id=1998a22b53cc7a5d&_idn=0&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=QcbOm3
Requested by: Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/lhcom.matomo.cloud/matomo.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.122.248 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-157-122-248.eu-central-1.compute.amazonaws.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://apply.taxfreshstartinitiative.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin: https://apply.taxfreshstartinitiative.com
date: Fri, 07 Oct 2022 23:29:06 GMT
access-control-allow-credentials: true
server: Apache
vary: Origin,X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 73ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Y2MD7KEREM&gtm=2oea50&_p=229021627&cid=121549769.1665185343&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1665185342&sct=1&seg=0&dl=https%3A%2F%2Fapply.taxfreshstartinitiative.com%2Flogin&dt=&en=scroll&epn.percent_scrolled=90&_et=11
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y2MD7KEREM&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://apply.taxfreshstartinitiative.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.91 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 Oct 2022 23:29:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://apply.taxfreshstartinitiative.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

293 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-20 06:34:31	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
.taxfreshstartinitiative.com/	1970-01-20 08:42:41	Name: _gcl_au Value: 1.1.868414903.1665185343
.taxfreshstartinitiative.com/	1970-01-20 06:34:31	Name: _gid Value: GA1.2.1475703816.1665185343
.taxfreshstartinitiative.com/	1970-01-20 06:33:05	Name: _dc_gtm_UA-75159424-3 Value: 1
.bing.com/	1970-01-20 15:54:41	Name: MUID Value: 1AACCCC72EED656B0A7DDEF12F666491
.taxfreshstartinitiative.com/	1970-01-20 16:09:05	Name: _ga_Y2MD7KEREM Value: GS1.1.1665185342.1.0.1665185342.0.0.0
.taxfreshstartinitiative.com/	1970-01-20 06:34:31	Name: _uetsid Value: d3e9fd80469711edbe3047c13ba3a9c6
.taxfreshstartinitiative.com/	1970-01-20 15:54:41	Name: _uetvid Value: d3ea2a50469711ed87f3d3fdc8ea49ac
.taxfreshstartinitiative.com/	1970-01-20 16:09:05	Name: _ga Value: GA1.2.121549769.1665185343
apply.taxfreshstartinitiative.com/	1970-01-20 15:59:00	Name: _pk_id.1.01bd Value: 1998a22b53cc7a5d.1665185343.
apply.taxfreshstartinitiative.com/	1970-01-20 06:33:07	Name: _pk_ses.1.01bd Value: 1
.taxfreshstartinitiative.com/	1970-01-20 16:02:52	Name: _scid Value: 2a46ae89-e213-42e7-bc01-1dad425ef7dd
.doubleclick.net/	1970-01-20 06:33:06	Name: test_cookie Value: CheckForPermission
.taxfreshstartinitiative.com/	1970-01-20 08:42:41	Name: _fbp Value: fb.1.1665185342874.1334483919
.t.co/	1970-01-20 16:09:05	Name: muc_ads Value: c12ac794-c687-4632-9814-a89f575f72a2
.linkedin.com/	1970-01-20 07:16:17	Name: UserMatchHistory Value: AQLdU7EhwWNa5AAAAYO0x-Vn6yJDsSGJrd8LHsPhR0UoKdZHGZ1zbW6hr13S8nKE8YrdW6DM-zHHgQ
.linkedin.com/	1970-01-20 07:16:17	Name: AnalyticsSyncHistory Value: AQJkws1rjTqTjgAAAYO0x-Vn0_dEMfQJctEpdChnGN-69fbgxM4g6sx5G9G1RnETQWqPu9viJjvg5tYh5QoGYA
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 15:18:41	Name: bcookie Value: "v=2&0021e317-98a0-4052-852f-0ad9e9c339d5"
.linkedin.com/	1970-01-20 06:34:31	Name: lidc Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2466:u=1:x=1:i=1665185342:t=1665271742:v=2:sig=AQE6jJZIaAbZh59kSsSPkf1z1d6qaAmA"
.twitter.com/	1970-01-20 16:09:05	Name: personalization_id Value: "v1_PkjEchiCooes7Mrmfv3miQ=="
.user.com/	1970-01-20 16:09:05	Name: _ueuuid Value: OBFABmeCYFk9R308
.taxfreshstartinitiative.com/	1970-01-20 15:18:41	Name: __ca__chat Value: slzxhwicatsb
.snapchat.com/	1970-01-20 15:54:41	Name: sc_at Value: v2\|H4sIAAAAAAAAAAXBiQ0AIAgEsIlI5DnUcRRhCoa3rZQYUUZ8yskmnK4epft21g48QLrZHbygJj0+3ACS4DIAAAA=
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 15:18:41	Name: bscookie Value: "v=1&20221007232902218286a0-27d0-4904-8e12-8ec690123a67AQGq29rXpar2zxD33_gM7_JA84GitKpV"
.linkedin.com/	1970-01-20 10:52:17	Name: li_gc Value: MTswOzE2NjUxODUzNDI7MjswMjHLDMEbb4nRNr75kCGxEbifN0M8BBUQi2RufjvRW6xR2A==
www.clarity.ms/	1970-01-20 15:18:41	Name: CLID Value: 3d93e4a3294043d4bcc2b19bccb05cc9.20221007.20231007
.apply.taxfreshstartinitiative.com/	1970-01-20 15:18:41	Name: _pin_unauth Value: dWlkPVkySmhObVEyTmpndE1HWmxOQzAwWTJKakxXSmxNRGN0TVRRNU16Sm1OakZrTldZNQ
.taxfreshstartinitiative.com/	1970-01-20 15:18:41	Name: _clck Value: eeq31i\|1\|f5i\|0
apply.taxfreshstartinitiative.com/	1970-01-20 15:57:34	Name: qcSxc Value: 1665185343321
.quantserve.com/	1970-01-20 16:03:19	Name: mc Value: 6340b63f-5405b-7cc9d-8e241
.taxfreshstartinitiative.com/	1970-01-20 15:57:34	Name: __qca Value: P0-201334188-1665185343316
.getdrip.com/	1970-01-20 16:09:05	Name: _drip_visitor_1127703 Value: eyJfcmFpbHMiOnsibWVzc2FnZSI6IklqSmtNR0kzTkRBMk16bGpaalJrWWpZNE9ERmtPR1ZpWkdKaU0yRTFOREpqSWc9PSIsImV4cCI6IjIwMjQtMTAtMDdUMjM6Mjk6MDMuNjQwWiIsInB1ciI6bnVsbH19--bea605cfbee2a059c1861b17ad0ee4f8f53e43b5
apply.taxfreshstartinitiative.com/	1970-01-20 16:09:05	Name: _drip_client_1127703 Value: vid%253D2d0b740639cf4db6881d8ebdbb3a542c%2526pageViews%253D1%2526sessionPageCount%253D1%2526lastVisitedAt%253D1665185343706%2526weeklySessionCount%253D1%2526lastSessionAt%253D1665185343706
.taxfreshstartinitiative.com/	1970-01-20 06:34:31	Name: _clsk Value: 1nemm62\|1665185343961\|1\|1\|h.clarity.ms/collect
.c.bing.com/	1970-01-20 15:54:41	Name: SRM_B Value: 1AACCCC72EED656B0A7DDEF12F666491
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 15:54:41	Name: MUID Value: 1AACCCC72EED656B0A7DDEF12F666491
.c.clarity.ms/	1970-01-20 06:33:05	Name: ANONCHK Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
api.getdrip.com
app.getbeamer.com
apply.taxfreshstartinitiative.com
bat.bing.com
blitz-brands.user.com
browser.sentry-cdn.com
c.bing.com
c.clarity.ms
cdn.ckeditor.com
cdn.matomo.cloud
cdnjs.cloudflare.com
connect.facebook.net
ct.pinterest.com
d.adroll.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
h.clarity.ms
help.leadshook.com
lhcom.matomo.cloud
pixel.quantserve.com
polyfill.leadshook.io
px.ads.linkedin.com
px4.ads.linkedin.com
pxl.qccerttest.com
region1.google-analytics.com
rules.quantcount.com
s.adroll.com
s.pinimg.com
sc-static.net
secure.quantserve.com
snap.licdn.com
static.ads-twitter.com
static.leadshook.io
stats.g.doubleclick.net
t.co
tag.getdrip.com
tr.snapchat.com
widget.user.com
www.amcharts.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.linkedin.com
104.244.42.3
104.244.42.69
104.75.88.209
13.107.42.14
142.250.186.34
18.157.122.248
18.66.120.247
199.232.136.157
20.234.93.27
2001:4860:4802:32::36
205.234.175.175
2600:9000:206f:7000:6:9280:1080:93a1
2600:9000:214f:3400:11:615:7240:93a1
2600:9000:223c:a600:6:44e3:f8c0:93a1
2600:9000:223f:8600:c:7d55:b3c0:93a1
2606:4700:10::ac43:2592
2606:4700:20::681a:2ba
2606:4700:20::681a:6ba
2606:4700::6811:180e
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:21::14
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:801::2003
2a00:1450:4001:827::2008
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2003
2a00:1450:400c:c08::9d
2a02:26f0:3500:16::215:149b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:400::729
2a04:4e42:62::84
34.240.197.120
35.190.43.134
51.91.31.155
52.224.31.34
54.156.135.114
54.197.224.139
65.9.66.107
65.9.66.6
99.86.4.11
99.86.4.75
00a92494627ed8f758972b7dc47b3af186497c0637ea867a33fdb604c1548674
09c86771f76b9e0b746b53abd05bb36ae2e707d5b7d44881baf09f39e50873c8
1c3d711dc328e3084694c0707d195eb823279168cb507105f51ab7887a6e55ea
20c0aa8d108074d8d1178d34ecee2013427d57193ac588863a563109044d1809
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
36b8ba6d8daab27f21a23b6f0deb326d45c7ffa2ca328f7149e0022297101006
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
3715b504c68323affe436a0169f96fcccfff8f0632a7bce1ca2a762ff714fd17
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3f29259501183f270ed9b30dc3569b0b69c8bafb46685a5790c793ec76c2c763
410e2ee58ae8ade92b8e2065a9b6c303a3dcdd2bf4ddc382cf61f6c4c6d94667
41b758f84ab2dd5da6f7ba488813d17410ebb48bc2074d304c26d63c5ece003d
4374cb23d4b393291075dfebd501b03b0704547311d23812e3737bf91d0b6f3e
4791f9629b2ab03e00aa962848b886d9d8e709d5185fa2517b1ce4e97027f636
4a34c36eba1fc5d92f556851778a8695936a52b8a63445aaee9863b2fc6b04e8
51510eebe8a74d642709bbf7dd934586a142489105cfcfbd38c8ed9bef9819d1
535fa419a9ffd8d70d75ab6abe1cb32187388f3c9097267cd944966f4b627fdf
596c1f837665e46b78a7f0e38715a37ef6dff2ac9cb01c59da56bf5040332feb
5dd7be681380468c0eb783f46594c212474e1fad63d78b6f3805b7a958f1783b
65b0acb6696448a75af5d79f3b6d2facc8e1293f15ea7ef1aa021eb2e1f4c1a0
67aa7747c963773648253e6fdf8d7ec6ffd6408a7369af5885cd4c4c241bb5be
67e294da2e0a5b863f5ca40c02eddd1fbb0a0dba124fec3747a1674fb8ede7ac
6984dd52b9fa3b0d430e08792537376831a79e3bb8f32ff573cb357609183d0f
6ce5476fefaffbc83ef38fb38dce59f073a0586960f15796b778347755a69cbc
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
7058c7c6020497ce2de5436040f2e53b15e09c01a333b7a6074d96e8ffd7e29e
724b5f4c241ad87fdc5945eb8e3d617fff235bc2ad6cab258a5b2da6ffdf5360
73cde7a77e806402c63e2d1a83e6d82cf1329dab8800cddbe043211ecc3689af
77ae565eb8c054e6d7d1da8b47ee0d3dcacbced65719ad66a76d0dc71c37a589
78b528010803720fa52f0f93451df668e25142cd83a38917fbf525069a281b5d
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7f68e2818a376ada1e4274d96f349b3e6eb3dc4eda66dcb51b859b84b92b6352
7fb5201761f6a4558eed23d12dad832422541f5ea4ed1dfce7ae1e3750bced9e
8001f30a6865a4d0a174642d213599964b0d21493404c833f36871da0c978d87
807bf403ddd2ecc9a6f12b5922b739b6956b52643f557ffcf387a0c53226889e
8252c21268e8ad2d95133f4ec25dfa99beef3ed6fdb2eb9df341741ed2f91a0a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
907ffe446b6382139ac05a8eb44154f5430954ab23f056fed39bcebcdf73015d
9555148920f70c5d0e32cfe7141dff299caf609d82c91a36ddf04565e82768dc
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b2eafec3675baf2a8d1570291500c6c027db6fced43bfc2698fbb76c050071d
9f2556e4264118d0f45702575f35ca3ebdc6d7615d98b6e81a639e287cbfc3c6
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a54e22a0aae25cbaf8a332e6ad6c574c313d734317426b2af1c3f6b5933b18b1
ab75d2b0c8cc42eb0741c91c456679dd5fa0d6ea201ad0c7e50b06fe916f2c5d
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af622d7c3f64a438fe5fc1dd9e39ddc461f179e8749137f3a18998515e9c5197
af65dc0760437b9b5aaba3524f1ddf5daed4ad5aac7f37992c254d08b015cbc7
b059eed69c80f1b3140756cbf74008f01592ebdba3347383355d1c720e97f3f4
b06a47c4d73da15b24a0da54eef13ef53ce4547c6baa2abb64ce64122ce5ac25
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b57839788686bf37d29f47bbe45ad8258085e3aebf54650ab389c0b515b977e1
b719a446401c59e2784e7979101371a8a12f04139b37c8632682ea60a5720b21
b94fc29afaf066c90b8161d4a244b9867bcd6409e8f487de8f480ff1cacda1d9
c1b194fb2c0dc9fa1d0c7b4959da8d76abc79f7db35251e6953dfbbae7d7d05b
c75d8bdd1d5498551294cf4551304e5c2158b9788ac1779d03a2edd611a6c93e
c80692c2b985f79aac7e9564952e2f0a1968e88d6cf488e71ca18e85172764ef
ca004dad8a06a469ea2662a9743cacb66e9e41ea4c2583e5cdf317e7e767e03d
cbbf5adf5e1b2658e8d3679197d00f1a9e903bf9a67b283376145cefe16fef00
cc9dc21f983c2de7e3fe2723bbd25a547b831591f43603c7532b28b5960e2e78
cdcba7a929f59658000da20f172ceb43c5122235f6569bb11f3530622b0ec28f
d4538b500dbad64b4c530857d7faf7d63bf921bcab573e94160c459ce859c90d
d48bcd74ced29bf10f8a9398f1d054f2f92689dd3cddc8d813191ae2d7b2e8e4
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d8a9932951cc9de2f43c5f4d6efe1d12bc3f6867932d62645933845029c2f9c2
d97ca913935c9897ac4e255d17e14c8a3f0d8513681fe5b6736c4921fc5dd078
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed34b7cf47badd31666d6f91b4de19ab0abb60ac52d9bf01003f9ed6c6b67eb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f42283e0ca17a52688c5250e714ecd1b6a53af8b0f6e54ac64546499b0ec1b19
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3

apply.taxfreshstartinitiative.com Open in urlscan Pro 54.197.224.139 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

95 Requests

96 %HTTPS

57 %IPv6

36 Domains

49 Subdomains

45 IPs

5 Countries

2879 kBTransfer

11401 kBSize

40 Cookies

2 Outgoing links

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

apply.taxfreshstartinitiative.com Open in urlscan Pro
54.197.224.139 Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

96 %
HTTPS

57 %
IPv6

36
Domains

49
Subdomains

45
IPs

5
Countries

2879 kB
Transfer

11401 kB
Size

40
Cookies

95 HTTP transactions
0 data transactions