urlscan.io logo urlscan.io
SecurityTrails logo

protaxpayouts.com Open in urlscan Pro
104.19.240.93  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cskxxvg2.r.us-west-2.awstrack.me/L0/https:%2F%2Fbml2.co%2Ft%2Fc%2F07d124b0-09d4-45c4-b56a-fffd89243dc6%2F018e9ba8-67b4-62f9-3fe5-...
Effective URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Submission: On April 04 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 2 countries across 18 domains to perform 90 HTTP transactions. The main IP is 104.19.240.93, located in and belongs to CLOUDFLARENET, US. The main domain is protaxpayouts.com.
TLS certificate: Issued by E1 on March 27th 2024. Valid for: 3 months.
This is the only time protaxpayouts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 35.81.112.107 16509 (AMAZON-02)
1 1 18.205.129.253 14618 (AMAZON-AES)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 34.117.6.58 396982 (GOOGLE-CL...)
17 104.19.240.93 13335 (CLOUDFLAR...)
1 2a04:4e42:600... 54113 (FASTLY)
1 2607:f8b0:400... 15169 (GOOGLE)
6 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 34.102.180.111 396982 (GOOGLE-CL...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 138.197.49.164 14061 (DIGITALOC...)
37 2600:9000:21d... 16509 (AMAZON-02)
1 108.138.106.101 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
5 44.219.134.219 14618 (AMAZON-AES)
10 13.225.66.230 16509 (AMAZON-02)
1 108.138.125.145 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 18.164.96.87 16509 (AMAZON-02)
1 2a03:2880:f11... 32934 (FACEBOOK)
90 18
1    35.81.112.107 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-81-112-107.us-west-2.compute.amazonaws.com
cskxxvg2.r.us-west-2.awstrack.me
1    18.205.129.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-129-253.compute-1.amazonaws.com
bml2.co
1    2606:4700:3035::ac43:bd85 (United States)

ASN13335 (CLOUDFLARENET, US)
setc.bluefunding.com
1    34.117.6.58 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.6.117.34.bc.googleusercontent.com
www.m19dtrk.com
17    104.19.240.93 (None, )

ASN13335 (CLOUDFLARENET, US)
protaxpayouts.com
1    2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2607:f8b0:4006:820::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2607:f8b0:4006:80e::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2607:f8b0:4006:80f::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    34.102.180.111 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 111.180.102.34.bc.googleusercontent.com
www.bls29trk.com
1    2606:4700:10::ac43:29e5 (United States)

ASN13335 (CLOUDFLARENET, US)
create.lidstatic.com
1    138.197.49.164 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
ipv4.geojs.io
37    2600:9000:21da:1800:1c:37e5:3f40:21 (United States)

ASN16509 (AMAZON-02, US)
d1muf25xaso8hp.cloudfront.net
1    108.138.106.101 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-101.jfk50.r.cloudfront.net
static.hotjar.com
2    2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    44.219.134.219 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-219-134-219.compute-1.amazonaws.com
create.leadid.com
10    13.225.66.230 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-66-230.ewr53.r.cloudfront.net
d1muf25xaso8hp.cloudfront.net
1    108.138.125.145 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-125-145.jfk50.r.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
1    2607:f8b0:4006:80b::200e (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    18.164.96.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-87.jfk50.r.cloudfront.net
script.hotjar.com
1    2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
48 cloudfront.net
d1muf25xaso8hp.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
312 KB
17 protaxpayouts.com
protaxpayouts.com
1 MB
6 gstatic.com
fonts.gstatic.com
47 KB
5 leadid.com
create.leadid.com — Cisco Umbrella Rank: 13626
3 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 176
72 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 780
script.hotjar.com — Cisco Umbrella Rank: 1035
59 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
166 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 99
270 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
255 B
1 geojs.io
ipv4.geojs.io — Cisco Umbrella Rank: 86656
611 B
1 lidstatic.com
create.lidstatic.com — Cisco Umbrella Rank: 25587
38 KB
1 bls29trk.com
www.bls29trk.com
19 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 38
887 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 332
2 KB
1 m19dtrk.com
www.m19dtrk.com
466 B
1 bluefunding.com
setc.bluefunding.com
472 B
1 bml2.co
bml2.co
272 B
1 awstrack.me
cskxxvg2.r.us-west-2.awstrack.me
207 B
90 18
Domain Requested by
47 d1muf25xaso8hp.cloudfront.net protaxpayouts.com
17 protaxpayouts.com protaxpayouts.com
6 fonts.gstatic.com fonts.googleapis.com
5 create.leadid.com create.lidstatic.com
2 connect.facebook.net protaxpayouts.com
connect.facebook.net
2 www.googletagmanager.com protaxpayouts.com
www.googletagmanager.com
1 www.facebook.com protaxpayouts.com
1 script.hotjar.com static.hotjar.com
1 www.google-analytics.com www.googletagmanager.com
1 d2m2wsoho8qq12.cloudfront.net create.lidstatic.com
1 static.hotjar.com www.googletagmanager.com
1 ipv4.geojs.io protaxpayouts.com
1 create.lidstatic.com protaxpayouts.com
1 www.bls29trk.com protaxpayouts.com
1 fonts.googleapis.com protaxpayouts.com
1 cdn.jsdelivr.net protaxpayouts.com
1 www.m19dtrk.com 1 redirects
1 setc.bluefunding.com 1 redirects
1 bml2.co 1 redirects
1 cskxxvg2.r.us-west-2.awstrack.me 1 redirects
90 20

This site contains no links.

Subject Issuer Validity Valid
protaxpayouts.com
E1		 2024-03-27 -
2024-06-25		 3 months crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-09-27 -
2024-10-28		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
bls29trk.com
Starfield Secure Certificate Authority - G2		 2023-05-12 -
2024-05-12		 a year crt.sh
lidstatic.com
E1		 2024-03-27 -
2024-06-25		 3 months crt.sh
get-test.geojs.io
R3		 2024-02-05 -
2024-05-05		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
*.hotjar.com
Amazon ECDSA 256 M03		 2024-02-07 -
2025-03-08		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-01-12 -
2024-04-11		 3 months crt.sh
create.leadid.com
Amazon RSA 2048 M02		 2023-08-21 -
2024-09-17		 a year crt.sh

This page contains 2 frames:

Primary Page: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Frame ID: 5EF15824D861D29C2347C38922C6A8E8
Requests: 89 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=78425C33-5104-828E-086C-3DF2CDAAA38F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=203C13FE-967D-017A-0CD4-26F1760711A9&lac=54386448-36AC-86ED-3CA2-6D2E9804120D
Frame ID: B1F36C0462D1D5EA0966882162ABB20E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Pro Tax Payouts

Page URL History Show full URLs

  1. https://cskxxvg2.r.us-west-2.awstrack.me/L0/https:%2F%2Fbml2.co%2Ft%2Fc%2F07d124b0-09d4-45c4-b56a-fffd89243dc6%2F018e... HTTP 302
    https://bml2.co/t/c/07d124b0-09d4-45c4-b56a-fffd89243dc6/018e9ba8-67b4-62f9-3fe5-209cdb197873 HTTP 302
    https://setc.bluefunding.com/?sub1=email1&sub2=top&sub3=list2 HTTP 301
    https://www.m19dtrk.com/3C3SW9/4LQKR6T/?sub1=email1&sub2=top&sub3=list2 HTTP 302
    https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

90
Requests

99 %
HTTPS

48 %
IPv6

18
Domains

20
Subdomains

18
IPs

2
Countries

1910 kB
Transfer

7117 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cskxxvg2.r.us-west-2.awstrack.me/L0/https:%2F%2Fbml2.co%2Ft%2Fc%2F07d124b0-09d4-45c4-b56a-fffd89243dc6%2F018e9ba8-67b4-62f9-3fe5-209cdb197873/1/0101018ea868641e-6337cefb-e26f-46c0-8682-c7d3f2a460c4-000000/E-tQpmKOBUG1CaboWsjTPNZMC3g=369 HTTP 302
    https://bml2.co/t/c/07d124b0-09d4-45c4-b56a-fffd89243dc6/018e9ba8-67b4-62f9-3fe5-209cdb197873 HTTP 302
    https://setc.bluefunding.com/?sub1=email1&sub2=top&sub3=list2 HTTP 301
    https://www.m19dtrk.com/3C3SW9/4LQKR6T/?sub1=email1&sub2=top&sub3=list2 HTTP 302
    https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

90 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
protaxpayouts.com/v4/
Redirect Chain
  • https://cskxxvg2.r.us-west-2.awstrack.me/L0/https:%2F%2Fbml2.co%2Ft%2Fc%2F07d124b0-09d4-45c4-b56a-fffd89243dc6%2F018e9ba8-67b4-62f9-3fe5-209cdb197873/1/0101018ea868641e-6337cefb-e26f-46c0-8682-c7d3...
  • https://bml2.co/t/c/07d124b0-09d4-45c4-b56a-fffd89243dc6/018e9ba8-67b4-62f9-3fe5-209cdb197873
  • https://setc.bluefunding.com/?sub1=email1&sub2=top&sub3=list2
  • https://www.m19dtrk.com/3C3SW9/4LQKR6T/?sub1=email1&sub2=top&sub3=list2
  • https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
75853ee46a0e4c897e8aba85c4bc92649b8d238d1ec54bb635e755087665cc4d

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store
cf-cache-status
DYNAMIC
cf-ray
86f04fc04f608758-MIA
content-encoding
br
content-type
text/html
date
Thu, 04 Apr 2024 09:36:00 GMT
referrer-policy
origin
server
cloudflare
vary
Accept-Encoding
x-bubble-capacity-limit
0 ms slower
x-bubble-capacity-used
0.112 unit-seconds used
x-bubble-perf
{"total":159.7,"percents":{"top":{"bubble_cpu":30.3,"block":68.7,"capacity_rl":0,"other_pause":0,"pre_fiber":0.4},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":15.2,"appserver_cache_misses_time":0,"redis":55.6,"fiber_queue":3.2,"capacity_wait":1.2}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":9,"derived_cache_memory_misses":9,"serverjson":28,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":81,"fiber_queue":79,"blocks":78},"misc":{"userdb_results":1,"userdb_data":206,"spent_time":7252032}}
x-powered-by
Express

Redirect headers

accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
content-type
text/html; charset=utf-8
date
Thu, 04 Apr 2024 09:35:59 GMT
location
https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
server
nginx
vary
Origin
via
1.1 google
x-eflow-request-id
de8db643-d33c-4c29-8717-c4d260e1159b
early.js
protaxpayouts.com/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://protaxpayouts.com/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
Origin
https://protaxpayouts.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 09:36:00 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":52.6,"percents":{"top":{"bubble_cpu":15.6,"block":82.4,"capacity_rl":0,"other_pause":0,"pre_fiber":1.1},"sub":{"pp_userdb":1.9,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":17.3,"fiber_queue":1.8,"capacity_wait":2.8}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":12,"fiber_queue":15,"blocks":14},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":1233392}}
age
3171555
x-powered-by
Express
x-bubble-capacity-used
0.019 unit-seconds used
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
86f04fc249288758-MIA
x-bubble-capacity-limit
0 ms slower
run.css
protaxpayouts.com/package/run_css/1bf0ea57d9d232be207b0c61220e206671a0b2c55aa042350bee0895a4d3051e/protaxpayouts/live/v4/xfalse/xfalse/ 		346 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://protaxpayouts.com/package/run_css/1bf0ea57d9d232be207b0c61220e206671a0b2c55aa042350bee0895a4d3051e/protaxpayouts/live/v4/xfalse/xfalse/run.css
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ed59150544a982355fcb4cc4eacb98ecbbfbfb87a0645e29f45c45514fa2d9a9

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 09:36:00 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":147.8,"percents":{"top":{"bubble_cpu":29,"block":70.1,"capacity_rl":0,"other_pause":0,"pre_fiber":0.6},"sub":{"pp_userdb":1.4,"pp_wait_userdb":0,"http_request":0,"serverjson":6.3,"appserver_cache_misses_time":0,"redis":26.8,"fiber_queue":1.8,"capacity_wait":0}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":2,"derived_cache_memory_misses":2,"serverjson":13,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":38,"fiber_queue":47,"blocks":46},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":6433937}}
age
47389
cf-polished
origSize=455119
x-powered-by
Express
x-bubble-capacity-used
0.099 unit-seconds used
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
86f04fc249268758-MIA
x-bubble-capacity-limit
0 ms slower
pre_run_jquery.js
protaxpayouts.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://protaxpayouts.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
Origin
https://protaxpayouts.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 09:36:00 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":116.5,"percents":{"top":{"bubble_cpu":7.7,"block":92.1,"capacity_rl":0,"other_pause":0,"pre_fiber":0.3},"sub":{"pp_userdb":7.7,"pp_wait_userdb":0,"http_request":0,"serverjson":3.9,"appserver_cache_misses_time":0,"redis":17.4,"fiber_queue":1.4,"capacity_wait":1.5}},"counts":{"pp_userdb":2,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":21,"fiber_queue":25,"blocks":24},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":8346854}}
age
30990
x-powered-by
Express
x-bubble-capacity-used
0.128 unit-seconds used
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
86f04fc249298758-MIA
x-bubble-capacity-limit
0 ms slower
run.js
protaxpayouts.com/package/run_js/3395dc66762cb702b37723fbb3abed41b8cbafed17b20a9e7a9c0a118cdb6533/xfalse/x25/ 		3 MB
711 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://protaxpayouts.com/package/run_js/3395dc66762cb702b37723fbb3abed41b8cbafed17b20a9e7a9c0a118cdb6533/xfalse/x25/run.js
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
16ec133e2db0969ab924a6f5d9d4cd4db54c39264c3ac8b4d9dae1d61b9c7927

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
Origin
https://protaxpayouts.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 09:36:00 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":165.4,"percents":{"top":{"bubble_cpu":14.4,"block":84.5,"capacity_rl":0,"other_pause":0,"pre_fiber":0.9},"sub":{"pp_userdb":1.2,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":17.7,"fiber_queue":1.2,"capacity_wait":3.5}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":16,"fiber_queue":18,"blocks":17},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":3579764}}
age
123145
x-powered-by
Express
x-bubble-capacity-used
0.055 unit-seconds used
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
86f04fc2492a8758-MIA
x-bubble-capacity-limit
0 ms slower
static.js
protaxpayouts.com/package/static_js/078ad53dac71fc877fe09dee9aa3a29c3b05e70862977a3dd9684958ae920347/protaxpayouts/live/v4/xnull/xfalse/xfalse/xfalse/ 		933 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://protaxpayouts.com/package/static_js/078ad53dac71fc877fe09dee9aa3a29c3b05e70862977a3dd9684958ae920347/protaxpayouts/live/v4/xnull/xfalse/xfalse/xfalse/static.js
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
61e3d08402e2d2ecb03cccc2324075441c67c7c5742102eccd1849f8e51996de

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
Origin
https://protaxpayouts.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 09:36:00 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":174.4,"percents":{"top":{"bubble_cpu":30.3,"block":68.5,"capacity_rl":0,"other_pause":0,"pre_fiber":0.3},"sub":{"pp_userdb":1.1,"pp_wait_userdb":0,"http_request":0,"serverjson":8.2,"appserver_cache_misses_time":0,"redis":30.4,"fiber_queue":3.1,"capacity_wait":0}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":7,"derived_cache_memory_misses":7,"serverjson":14,"appserver_cache_attempts":2,"appserver_mem_cache_hits":0,"appserver_cache_hits":2,"appserver_cache_misses":0,"redis":48,"fiber_queue":50,"blocks":49},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":7917713}}
age
47389
x-powered-by
Express
x-bubble-capacity-used
0.122 unit-seconds used
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
86f04fc2492b8758-MIA
x-bubble-capacity-limit
0 ms slower
dynamic.js
protaxpayouts.com/package/dynamic_js/6d280aa644dd4ddb49b8c0ea56f40d0ff564b60a91954123c37f7930a279accd/protaxpayouts/live/v4/xnull/xfalse/xfalse/en_us/xfalse/xfalse/ 		1 MB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://protaxpayouts.com/package/dynamic_js/6d280aa644dd4ddb49b8c0ea56f40d0ff564b60a91954123c37f7930a279accd/protaxpayouts/live/v4/xnull/xfalse/xfalse/en_us/xfalse/xfalse/dynamic.js
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6070b161eaea7b2dff35dd05dfd9d41d3955d8aa96283bd3e5c402640e6f07f2

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
Origin
https://protaxpayouts.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 09:36:00 GMT
content-encoding
br
cf-cache-status
HIT
x-bubble-perf
{"total":342.9,"percents":{"top":{"bubble_cpu":8.5,"block":91.2,"capacity_rl":0,"other_pause":0,"pre_fiber":0.3},"sub":{"pp_userdb":1.2,"pp_wait_userdb":0.3,"http_request":0,"serverjson":2,"appserver_cache_misses_time":0,"redis":37.2,"fiber_queue":0.7,"capacity_wait":0.6}},"counts":{"pp_userdb":2,"http_request":0,"derived_build":0,"derived_cache_attempts":4,"derived_cache_memory_misses":4,"serverjson":6,"appserver_cache_attempts":1,"appserver_mem_cache_hits":0,"appserver_cache_hits":1,"appserver_cache_misses":0,"redis":32,"fiber_queue":35,"blocks":34},"misc":{"userdb_results":1,"userdb_data":4,"spent_time":9372463}}
age
2297
x-powered-by
Express
x-bubble-capacity-used
0.144 unit-seconds used
alt-svc
h3=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
cf-ray
86f04fc2492c8758-MIA
x-bubble-capacity-limit
0 ms slower
production.min.js
cdn.jsdelivr.net/gh/joeymalvinni/webrtc-ip/dist/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/joeymalvinni/webrtc-ip/dist/production.min.js
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3a6733e85a8e7daed51893fb8c1ec84fcb06627dc8b78dc614ad85ca967a6501
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 04 Apr 2024 09:36:00 GMT
x-content-type-options
nosniff
content-encoding
br
age
731
x-jsd-version
3.5.4
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1185
x-served-by
cache-fra-etou8220066-FRA, cache-mia-kmia1760055-MIA
x-jsd-version-type
version
etag
W/"10b2-wWyor/Ey3d2s5Lzum+lBNIcSW5A"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
css
fonts.googleapis.com/ 		4 KB
887 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:300%7CPoppins:regular%7CPoppins:500%7CPoppins:600%7CPoppins:700%7CPoppins:800
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/package/early_js/05ae9fe83d6b755291132aab9d325d70918aafd336da1bd91a41a31c8b25734b/early.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:820::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d3f78e051d78d87c99e6b286503b34402e82e741415039790bb9e9eaabce7493
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 04 Apr 2024 09:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 04 Apr 2024 09:36:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 04 Apr 2024 09:36:00 GMT
data
protaxpayouts.com/api/1.1/init/ 		283 B
866 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://protaxpayouts.com/api/1.1/init/data?location=https%3A%2F%2Fprotaxpayouts.com%2Fv4%2F%3Fefclick%3D1916d551a1654a14b9c37d48dbef95fd%26aid%3D52
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
6ced6c3ed2531ea2fe7ad37c549fe58bddcd2c3fbe522cb477078beb8a8b74eb

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 09:36:00 GMT
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":38,"percents":{"top":{"bubble_cpu":24.3,"block":73.7,"capacity_rl":0,"other_pause":0,"pre_fiber":1.3},"sub":{"pp_userdb":15.8,"pp_wait_userdb":0,"http_request":0,"serverjson":19,"appserver_cache_misses_time":0,"redis":52.1,"fiber_queue":2.5,"capacity_wait":5.3}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":4,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":21,"fiber_queue":23,"blocks":22},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":7382605}}
server
cloudflare
x-powered-by
Express
x-bubble-capacity-used
0.114 unit-seconds used
cf-ray
86f04fc2a98a8758-MIA
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300%7CPoppins:regular%7CPoppins:500%7CPoppins:600%7CPoppins:700%7CPoppins:800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://protaxpayouts.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 15:49:11 GMT
x-content-type-options
nosniff
age
150409
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7840
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:02:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Apr 2025 15:49:11 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300%7CPoppins:regular%7CPoppins:500%7CPoppins:600%7CPoppins:700%7CPoppins:800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://protaxpayouts.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 03:02:31 GMT
x-content-type-options
nosniff
age
196409
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Apr 2025 03:02:31 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300%7CPoppins:regular%7CPoppins:500%7CPoppins:600%7CPoppins:700%7CPoppins:800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://protaxpayouts.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 23:06:05 GMT
x-content-type-options
nosniff
age
210595
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Apr 2025 23:06:05 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300%7CPoppins:regular%7CPoppins:500%7CPoppins:600%7CPoppins:700%7CPoppins:800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://protaxpayouts.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 04:35:26 GMT
x-content-type-options
nosniff
age
190834
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Apr 2025 04:35:26 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300%7CPoppins:regular%7CPoppins:500%7CPoppins:600%7CPoppins:700%7CPoppins:800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://protaxpayouts.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 11:09:35 GMT
x-content-type-options
nosniff
age
167185
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Apr 2025 11:09:35 GMT
pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDD4Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300%7CPoppins:regular%7CPoppins:500%7CPoppins:600%7CPoppins:700%7CPoppins:800
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://fonts.googleapis.com/
Origin
https://protaxpayouts.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 23:11:51 GMT
x-content-type-options
nosniff
age
210249
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7824
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 01 Apr 2025 23:11:51 GMT
gtm.js
www.googletagmanager.com/ 		190 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PXHTJH46
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c8d906d488151fca48c286ed08783fbd72524a48ba0248c6c9974d234126c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 09:36:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70162
x-xss-protection
0
last-modified
Thu, 04 Apr 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 04 Apr 2024 09:36:01 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://protaxpayouts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
everflow.js
www.bls29trk.com/scripts/sdk/ 		60 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bls29trk.com/scripts/sdk/everflow.js
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.180.111 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
111.180.102.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
536e0080feee86359e5a5e8e39b079d19bfd406c60635a43f2835e88da3a7c4f

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 09:36:01 GMT
content-encoding
gzip
via
1.1 google
accept-ch
Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
server
nginx
vary
Origin
content-type
text/javascript
cache-control
max-age=14400
x-eflow-request-id
fa57ece9-0b5c-4cd4-bd43-2a85261b7d09
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
203c13fe-967d-017a-0cd4-26f1760711a9.js
create.lidstatic.com/campaign/ 		121 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://create.lidstatic.com/campaign/203c13fe-967d-017a-0cd4-26f1760711a9.js?snippet_version=2
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:29e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
857f395a6792ca75b75c3d369513c440a225109fd3e55fe7719d52150dc509e6

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 09:36:01 GMT
x-amz-version-id
WiReuvQlEZKewNZ..5vqRkFWyJngrXmI
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-request-id
RDJYZJ4XH5BD3NP0
x-amz-server-side-encryption
AES256
x-amz-replication-status
COMPLETED
x-amz-id-2
a86HrXSre8OgAUNc9BT90sayfZJoBDzxvyNDtbZfUQQTHz+SUo3onAbca0LBf8/Y4bhP3Fnuv94=
last-modified
Wed, 20 Mar 2024 12:30:03 GMT
server
cloudflare
etag
W/"50d6563c9bf6db64cb02a8cc155b7c84"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
86f04fc8da3e21f9-MIA
geo.json
ipv4.geojs.io/v1/ip/ 		341 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipv4.geojs.io/v1/ip/geo.json
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.197.49.164 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
openresty /
Resource Hash
646b5f26a099a12f06e31038fa7d6de8677556f7994aea190c36303a9a3e287a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept
*/*
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-geojs-location
NYC
pragma
no-cache
date
Thu, 04 Apr 2024 09:36:01 GMT
strict-transport-security
max-age=15768000
server
openresty
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
x-request-id
82396d6867ae68d0c481df400ff6f170-NYC
hi
protaxpayouts.com/user/ 		57 B
858 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://protaxpayouts.com/user/hi
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
afeb84dd7c988348a37cbd986bf1c6ee86353e3e210e4ccdf566fa2342c77ac8

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-Bubble-Epoch-Name
Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID
1712223360966x392933215729063040
X-Bubble-Fiber-ID
1712223361424x410165522212613950
X-Bubble-PL
1712223360188x379
accept-language
en-US,en;q=0.9
X-Bubble-R
https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5
sec-ch-ua-platform
"Win32"
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
Referer
https://protaxpayouts.com/

Response headers

date
Thu, 04 Apr 2024 09:36:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":18.7,"percents":{"top":{"bubble_cpu":24.4,"block":70,"capacity_rl":0,"other_pause":0,"pre_fiber":4.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":22.4,"appserver_cache_misses_time":0,"redis":57.7,"fiber_queue":4.1,"capacity_wait":9.9}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":13,"fiber_queue":14,"blocks":13},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":682328}}
server
cloudflare
x-bubble-appname
protaxpayouts
x-powered-by
Express
x-bubble-request-took
18
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.01 unit-seconds used
cf-ray
86f04fc90a6a2589-MIA
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700698888591x452444752346095300%2Fptp.png
d1muf25xaso8hp.cloudfront.net/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700698888591x452444752346095300%2Fptp.png?w=384&h=123&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
b6f498c5de3b002326b917d7191e1b5d05a3e0c68bf2a7b9c79aa7ae2e7f22d8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 14:03:56 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
1540656
x-cache
Hit from cloudfront
x-imgix-id
b00beef5b07effabb0cc10a12a642e5982f83bf4
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7019
x-served-by
cache-sjc1000117-SJC, cache-iad-kcgs7200057-IAD
last-modified
Sun, 17 Mar 2024 13:38:25 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
MkL4C-TJIJ_d9WDvhrYPGS_qcflnc0_YsSxtqcwE0w-N6Rh8LgDARw==
https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041529232x307455324007315650%2Fimg-1.ac76cc2.png
d1muf25xaso8hp.cloudfront.net/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041529232x307455324007315650%2Fimg-1.ac76cc2.png?w=96&h=54&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
865a29016cdf521fefe0ea5a57850d520972657b60b35b887be09e9d0c9f1849
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 21:55:51 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
653706
x-cache
Hit from cloudfront
x-imgix-id
5e8654ff3cf76bad56786bd1e46a0fbc5e55cc61
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1628
x-served-by
cache-sjc1000115-SJC, cache-iad-kjyo7100096-IAD
last-modified
Wed, 27 Mar 2024 20:00:55 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
ortlz5pMoH71A8T_amly8t9Dyh03zE_4BK5GpnY5KXS4ucrFsWETkw==
https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041539808x248149398514115650%2Fimg-2.72c77c0.png
d1muf25xaso8hp.cloudfront.net/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041539808x248149398514115650%2Fimg-2.72c77c0.png?w=48&h=86&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
fe7481706a55f66b10650b74deb04ed78564944007fd7dcf50638a369ea97665
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 24 Mar 2024 19:56:13 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
913188
x-cache
Hit from cloudfront
x-imgix-id
9648a8f0e98322fc05d1e8a95380da7be36fa584
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1795
x-served-by
cache-sjc1000145-SJC, cache-iad-kcgs7200030-IAD
last-modified
Sun, 24 Mar 2024 19:56:13 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
1YJI9QNxZ4w1gVZJcX8bQYhjhH7OcjTFqtiukzQpLaxAz4VmqHrRfw==
https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041558233x152419338647863840%2Fimg-3.61d42d8.png
d1muf25xaso8hp.cloudfront.net/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041558233x152419338647863840%2Fimg-3.61d42d8.png?w=96&h=35&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c3bdacf9461e18969932745ed91bfd8fef61aa92a71e534600ff94d8ace82bac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 24 Mar 2024 19:56:12 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
1968826
x-cache
Hit from cloudfront
x-imgix-id
6405e4c757e1be57b3faac8a5760dba2ca72f852
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1903
x-served-by
cache-sjc1000107-SJC, cache-iad-kjyo7100100-IAD
last-modified
Tue, 12 Mar 2024 14:42:15 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
qz_g0uvyDzCub0FYdp1xJQ65JLvk1r4CZ84kUB04aiDBOB2vBopAag==
https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041564096x199627280331761800%2Fimg-4.5444431.png
d1muf25xaso8hp.cloudfront.net/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041564096x199627280331761800%2Fimg-4.5444431.png?w=128&h=25&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
fd1c1ca3379b65fedc859d8cd23b958c89692a9ad0cb57bae0098922c2734cc8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 24 Mar 2024 19:56:13 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
913188
x-cache
Hit from cloudfront
x-imgix-id
afbadda47ebeb1a4beb715b77c8676118eb5add6
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1916
x-served-by
cache-sjc10066-SJC, cache-iad-kiad7000119-IAD
last-modified
Sun, 24 Mar 2024 19:56:13 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
f_vAFvPiRz_5CJ13d9BIbPJTEyINWHBgbbiywc-ylJ-CcM-vu-u2iA==
https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041571757x698245854828185300%2Fimg-5.2116970.png
d1muf25xaso8hp.cloudfront.net/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041571757x698245854828185300%2Fimg-5.2116970.png?w=128&h=18&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
696eaad02011c009a8bb3e9c3796a2e6ecf85459bde131927893de69aea598ad
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 24 Mar 2024 19:56:13 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
913188
x-cache
Hit from cloudfront
x-imgix-id
ea94ad43b0b57837f1ebd4900ec3a6fe07b9f136
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1770
x-served-by
cache-sjc1000143-SJC, cache-iad-kiad7000158-IAD
last-modified
Sun, 24 Mar 2024 19:56:13 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
S2St5d-ViSh-MT4aiagX16vKVH_MOTvvldmllmP79cffsJpSyy69FQ==
https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041580289x469485673360457800%2Fimg-6.20141e6.png
d1muf25xaso8hp.cloudfront.net/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041580289x469485673360457800%2Fimg-6.20141e6.png?w=128&h=36&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
12c2a3a547ea0bebbce2351010f3d33915f617153126aea558503cc09f3450c8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 24 Mar 2024 19:56:13 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
1974209
x-cache
Hit from cloudfront
x-imgix-id
17fb127410065e9ceb772321d79530d7354daec1
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1934
x-served-by
cache-sjc1000091-SJC, cache-iad-kjyo7100166-IAD
last-modified
Tue, 12 Mar 2024 13:12:31 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
-G6sixZttgnv76TcMf-Q9Z4XRg9YlxJBN5I5aRH0whgAifATDtVH2w==
https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041585372x881696922757155300%2Fimg-7.b6a1764.png
d1muf25xaso8hp.cloudfront.net/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041585372x881696922757155300%2Fimg-7.b6a1764.png?w=96&h=32&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
8a4422c15d2795bf2e533e825ce400f037c5ac359fc164953a9a175c5bdba54c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 11:55:01 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
1327822
x-cache
Hit from cloudfront
x-imgix-id
c4520129b6d4278299d39608ce7f3cff8fa422cb
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1550
x-served-by
cache-sjc10053-SJC, cache-iad-kcgs7200161-IAD
last-modified
Wed, 20 Mar 2024 00:45:40 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
4ptQ1c1HTkhjM4ZYJTcgr-J7BYWNF4XyQjE1_8G0fPgoFJJo-Y8i1Q==
https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041591472x397536251855640700%2Fimg-8.292131f.png
d1muf25xaso8hp.cloudfront.net/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041591472x397536251855640700%2Fimg-8.292131f.png?w=128&h=25&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
bee85665677a8310c3ae0b183621d88c62d021d6caaadc35dc49ff100275bafe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 20:58:42 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
1521418
x-cache
Hit from cloudfront
x-imgix-id
f02a968fddf897e55004b3286ad5704e9921f07a
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1163
x-served-by
cache-sjc10030-SJC, cache-iad-kiad7000121-IAD
last-modified
Sun, 17 Mar 2024 18:59:03 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
eHMicoJrSi1-W2M5gT5bqU7SGTS0nq9RVbUfzi18rviB23W0TLWVmg==
https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041597551x144125875654037800%2Fimg-9.b3b1b5a.png
d1muf25xaso8hp.cloudfront.net/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041597551x144125875654037800%2Fimg-9.b3b1b5a.png?w=192&h=24&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
6cdae06921b72c3eda7fb09d4aa41077aa8ba42a691ceb2a2fc61eef103e78f4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 16:32:53 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
839333
x-cache
Hit from cloudfront
x-imgix-id
bf2b234264a29ec4f90b4c0fa36ad520a899f66f
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2508
x-served-by
cache-sjc1000092-SJC, cache-iad-kcgs7200104-IAD
last-modified
Mon, 25 Mar 2024 16:27:08 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
8PKyGq18JPEz1YMFZ7OT_YjB-1I8uVxLBNMa_lXPkJtYsvnbGVxYlg==
https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041606748x279253220560156770%2Fimg-10.8fac322.png
d1muf25xaso8hp.cloudfront.net/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041606748x279253220560156770%2Fimg-10.8fac322.png?w=256&h=25&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
87d0b8e09129b3a04c34f9147232f466293db457f94716004a781ffe113ac67c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 24 Mar 2024 19:56:13 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
2258900
x-cache
Hit from cloudfront
x-imgix-id
257603890ddf10e54363cdd853f99d9970726dcd
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2999
x-served-by
cache-sjc1000110-SJC, cache-iad-kcgs7200037-IAD
last-modified
Sat, 09 Mar 2024 06:07:40 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
h2zDn-iECStrddlWo9uacU5yWFo0DU8SdbvY8Ko6Bn9ycaHnYH439w==
https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700697777789x143445194643106560%2Fimage-removebg-preview%2520%25284%2529.png
d1muf25xaso8hp.cloudfront.net/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700697777789x143445194643106560%2Fimage-removebg-preview%2520%25284%2529.png?w=192&h=192&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
dc6d20ba246008c3d2cb192b9b42e70603806620f33aca3ea00046ddfc2088c5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 20:00:17 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
1974004
x-cache
Hit from cloudfront
x-imgix-id
fa43705c198387cf849b3b7a451221ed9bc56288
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6794
x-served-by
cache-sjc1000091-SJC, cache-iad-kiad7000127-IAD
last-modified
Tue, 12 Mar 2024 13:15:57 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
dwMEaujNcuv11Au5U5xcFcC3t6-9v-OEhCJgUBOJs4WOCE8pcIUMVA==
https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700697790423x511501791887445360%2Fimage-removebg-preview%2520%25285%2529.png
d1muf25xaso8hp.cloudfront.net/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700697790423x511501791887445360%2Fimage-removebg-preview%2520%25285%2529.png?w=192&h=192&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e74cc2aa8d4c66a7ed2ac0c6c68f56793c14d19ea3c3b6fcfb53a7e2bc0f75f0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 20:47:32 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
1383178
x-cache
Hit from cloudfront
x-imgix-id
ec9463f5737c823badbcdaeb7ecedc78a5ea6c27
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5007
x-served-by
cache-sjc1000140-SJC, cache-iad-kjyo7100081-IAD
last-modified
Tue, 19 Mar 2024 09:23:03 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
0m0ViVFv4o01Wq31_y95SGFYHSnD6QgnRN8ypSNfi1Ii9QJZCxxmlA==
https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700697798010x324032103942441660%2Fimage-removebg-preview%2520%25286%2529.png
d1muf25xaso8hp.cloudfront.net/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700697798010x324032103942441660%2Fimage-removebg-preview%2520%25286%2529.png?w=192&h=192&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
69b60dc7d60a21c721ae35cbdc2c21a535dbe6bb144cec4fe7f51c0747fde63c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 22:13:45 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
1126966
x-cache
Hit from cloudfront
x-imgix-id
58de4527f08572816b9cb9506de3c3df7db6df20
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
9619
x-served-by
cache-sjc10058-SJC, cache-iad-kjyo7100098-IAD
last-modified
Fri, 22 Mar 2024 08:33:15 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
77kZ6LmMawFmRjsdeuP0nK8YnOswbNsRmr8Wln210E_zU4baFFYneQ==
https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700697975335x310187733999592200%2Fanastasiia-chepinska-OBmBHmrc3pw-unsplash.jpg
d1muf25xaso8hp.cloudfront.net/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700697975335x310187733999592200%2Fanastasiia-chepinska-OBmBHmrc3pw-unsplash.jpg?w=512&h=350&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
dd444caec4a7753bb954eb068b9ca3814b972f2585c9f1757b419a612ffc7ca5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 21:55:51 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
1327821
x-cache
Hit from cloudfront
x-imgix-id
f84d914c6b9c1d07a18ee2a5f79926632cad22bd
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14937
x-served-by
cache-sjc1000106-SJC, cache-iad-kiad7000034-IAD
last-modified
Wed, 20 Mar 2024 00:45:40 GMT
server
Google Frontend
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
GvjJnVNiDw6w-Nx7bRNnmLF_bl_BP-xAts_er87bsjX6DBIoRhH_Wg==
https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700698018586x985349979008050000%2Falexander-mils-lCPhGxs7pww-unsplash.jpg
d1muf25xaso8hp.cloudfront.net/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700698018586x985349979008050000%2Falexander-mils-lCPhGxs7pww-unsplash.jpg?w=512&h=350&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
aa9ceea7e8155d7755cfbb8e07613fd88127a69e3f5904b4a967131508fa1f0c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 22:13:45 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
1327821
x-cache
Hit from cloudfront
x-imgix-id
c9825c88112701aaa4e40d3e085ec9605c93e8a8
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25594
x-served-by
cache-sjc1000130-SJC, cache-iad-kjyo7100147-IAD
last-modified
Wed, 20 Mar 2024 00:45:40 GMT
server
Google Frontend
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
GRjvsEq3KTLtGlxnzVQDuERG65j0adYAp9GnhTB2VkPvVFMGi4kxsQ==
https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700698084736x895089719566697000%2FScreen%2520Shot%25202023-11-22%2520at%25206.07.46%2520PM.png
d1muf25xaso8hp.cloudfront.net/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700698084736x895089719566697000%2FScreen%2520Shot%25202023-11-22%2520at%25206.07.46%2520PM.png?w=512&h=349&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
2bf03e6e77410f67e366e8399b6c7292e37a9016c11b58ac8fba04399727d019
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 21:55:54 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
301207
x-cache
Hit from cloudfront
x-imgix-id
a8a06b67ccdba6d7731f1d7350e926880a305d1f
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
24932
x-served-by
cache-sjc10038-SJC, cache-iad-kjyo7100032-IAD
last-modified
Sun, 31 Mar 2024 21:55:53 GMT
server
Google Frontend
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
0ZKTRY8x7kSinX7CRPpyKPXNVJ6HK-GCbCioGL_wFgWmNkG1Qzkf7g==
https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700698338760x732500415730632100%2Fimage-removebg-preview%2520%25287%2529.png
d1muf25xaso8hp.cloudfront.net/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700698338760x732500415730632100%2Fimage-removebg-preview%2520%25287%2529.png?w=192&h=192&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
27532d9837b9943ee49dad09e51f6d2ae7e3746c8bc5979ed754b95e0cf85ed0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 16:32:53 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
498660
x-cache
Hit from cloudfront
x-imgix-id
400dbae4a51210f0d98bf09f2ccf09359274e76a
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5142
x-served-by
cache-sjc1000108-SJC, cache-iad-kjyo7100105-IAD
last-modified
Fri, 29 Mar 2024 15:05:01 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
FKyfLUPg0UVVmRXApgViKofPjK6O7W6i-kotRKnowJLdWNEMtA2erw==
https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700698347245x639944879127290600%2Fimage-removebg-preview%2520%25288%2529.png
d1muf25xaso8hp.cloudfront.net/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700698347245x639944879127290600%2Fimage-removebg-preview%2520%25288%2529.png?w=192&h=192&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
d96e1e5fb733421bd3de02a418d5c6458706328d469871b840f602523c5d54a9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 24 Mar 2024 19:56:13 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
1331814
x-cache
Hit from cloudfront
x-imgix-id
f7a15b003dcceff5e1a281c9c9665675f5f216f6
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
8285
x-served-by
cache-sjc10066-SJC, cache-iad-kiad7000136-IAD
last-modified
Tue, 19 Mar 2024 23:39:07 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
NMqSLNAPBNtozxxt2bBGBAe7SiLEcTxQYT5gRRke9S3FqfOvNnR3zg==
https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700698361359x227017435155707940%2Fimage-removebg-preview%2520%25289%2529.png
d1muf25xaso8hp.cloudfront.net/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700698361359x227017435155707940%2Fimage-removebg-preview%2520%25289%2529.png?w=192&h=192&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
7f38486ecab114203dd690f99c093ee3593c4853aa7fd9565054863590e30250
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 10:53:41 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
1974004
x-cache
Hit from cloudfront
x-imgix-id
2ed8cb640748a05712b32912e0690f40b215b192
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7107
x-served-by
cache-sjc10025-SJC, cache-iad-kiad7000119-IAD
last-modified
Tue, 12 Mar 2024 13:15:57 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
lO-CugW00ZOHq8K4E-t806BJ85kPm_4_cyxlf3yPe4NLsAgWWqZbww==
https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692051595397x733142787957629800%2Fimg-11.f00a2a7.png
d1muf25xaso8hp.cloudfront.net/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692051595397x733142787957629800%2Fimg-11.f00a2a7.png?w=256&h=62&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
0174cee09d6a15293b39e28858e70d6a39683517c9f90a1b1c101e843b4faf11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 21:55:51 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
1974210
x-cache
Hit from cloudfront
x-imgix-id
131374a6104715bc13b2b5838e6bc80d4cbacd49
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2977
x-served-by
cache-sjc1000135-SJC, cache-iad-kcgs7200139-IAD
last-modified
Tue, 12 Mar 2024 13:12:31 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
84a7oJXSfhAQBTNYD_ua9co1ziPCv2dXAvBtOzsyr8J_lg8LCxibgA==
https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692051612445x531203005259321900%2Fimg-12.efc10db.png
d1muf25xaso8hp.cloudfront.net/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692051612445x531203005259321900%2Fimg-12.efc10db.png?w=256&h=52&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
163e0d400c210755460d75f97b54a5a4644f40a7a8d79c09a2c4de033c11a045
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 21:55:51 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
2258902
x-cache
Hit from cloudfront
x-imgix-id
a9d24443084af4343f4c7adb88ab6b69f186c5d0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3084
x-served-by
cache-sjc10029-SJC, cache-iad-kjyo7100022-IAD
last-modified
Sat, 09 Mar 2024 06:07:40 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
GFV1d5eDLeS5MesFKVhoduARf1K8veoz9jR0FOw2HQ_keRQs76x4VQ==
https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700698904624x337183130758969660%2Fptp.png
d1muf25xaso8hp.cloudfront.net/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700698904624x337183130758969660%2Fptp.png?w=384&h=123&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
b6f498c5de3b002326b917d7191e1b5d05a3e0c68bf2a7b9c79aa7ae2e7f22d8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 14:03:59 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
1540656
x-cache
Hit from cloudfront
x-imgix-id
224d19e94ef1050f1b3c5983162952480edfab57
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7019
x-served-by
cache-sjc1000109-SJC, cache-iad-kiad7000165-IAD
last-modified
Sun, 17 Mar 2024 13:38:25 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
c_u3MQhCnrWnjYnebvl5jB9UAgK857WXQylUSfBcM7uPTBYZITeWQg==
MaterialIcons-Regular.woff2
protaxpayouts.com/static/fonts/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://protaxpayouts.com/static/fonts/MaterialIcons-Regular.woff2
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/package/run_css/1bf0ea57d9d232be207b0c61220e206671a0b2c55aa042350bee0895a4d3051e/protaxpayouts/live/v4/xfalse/xfalse/run.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
83be7b2f504af2c948c5106fa907dc4224380a7b75a993a7bff52cd71ec8c7d3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/package/run_css/1bf0ea57d9d232be207b0c61220e206671a0b2c55aa042350bee0895a4d3051e/protaxpayouts/live/v4/xfalse/xfalse/run.css
Origin
https://protaxpayouts.com
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 09:36:01 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-bubble-perf
{"total":14.1,"percents":{"top":{"bubble_cpu":20.2,"block":75.7,"capacity_rl":0,"other_pause":0,"pre_fiber":3.1},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":14.4,"fiber_queue":2.4,"capacity_wait":58.6}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":6,"fiber_queue":8,"blocks":7},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":426743}}
age
3167244
x-powered-by
Express
x-bubble-capacity-used
0.007 unit-seconds used
alt-svc
h3=":443"; ma=86400
content-length
128360
server
cloudflare
etag
83be7b2f504af2c948c5106fa907dc4224380a7b75a993a7bff52cd71ec8c7d3
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
86f04fc9aac02589-MIA
x-bubble-capacity-limit
0 ms slower
msearch
protaxpayouts.com/elasticsearch/ 		1013 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://protaxpayouts.com/elasticsearch/msearch
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ce135cac82aeedf211bd7357c763b24c4e5302b7bd7decc21fff4a7be4be8f1b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-Bubble-Epoch-Name
Epoch: Runmode page fully loaded
X-Bubble-Epoch-ID
1712223360966x392933215729063040
X-Bubble-Fiber-ID
1712223361539x310353427398621060
X-Bubble-PL
1712223360188x379
accept-language
en-US,en;q=0.9
X-Bubble-R
https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5
sec-ch-ua-platform
"Win32"
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
Referer
https://protaxpayouts.com/

Response headers

date
Thu, 04 Apr 2024 09:36:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":30.8,"percents":{"top":{"bubble_cpu":31.7,"block":64.5,"capacity_rl":0,"other_pause":0,"pre_fiber":2.4},"sub":{"pp_userdb":13,"pp_wait_userdb":0,"http_request":0,"serverjson":16.8,"appserver_cache_misses_time":0,"redis":45.8,"fiber_queue":3.1,"capacity_wait":7.3}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":4,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":17,"fiber_queue":17,"blocks":16},"misc":{"userdb_results":2,"userdb_data":1590,"spent_time":3466701}}
server
cloudflare
x-bubble-appname
protaxpayouts
x-powered-by
Express
x-bubble-request-took
31
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.053 unit-seconds used
cf-ray
86f04fc9bac62589-MIA
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
js
www.googletagmanager.com/gtag/ 		291 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3L798PWCB0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXHTJH46
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bae516e25e06b5e57d86574291ad7b4ce5250ff554bd3f123ec247ab551f8bf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 09:36:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
99368
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 04 Apr 2024 09:36:01 GMT
hotjar-3804385.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3804385.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PXHTJH46
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-101.jfk50.r.cloudfront.net
Software
/
Resource Hash
6170cbb07f456e9891d6a9cbb92961027d6733f50d51d7978be44bc4e0b2faae
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Thu, 04 Apr 2024 09:36:01 GMT
via
1.1 f07e3fd03d3423bceb1c6083ab62cf8a.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
etag
W/f5943f617cbc74c88b357ad52bd601bf
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
JMR2Kiq63hbI0tCUFPzdKpR645IyvwYQp3hZ0PUB_URb9NeO0zBfEA==
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 04 Apr 2024 09:36:01 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58040
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=63, rtx=0, c=12, mss=1294, tbw=2773, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
3vHBWS9EMM28NBAuX47+glPZX2dk0Fd1sXjKIWIZ8ibRNcTgoP1wn3lc8QZDV/IqlhLPCGj5W1lppjSJ3OxrSg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
GenerateToken
create.leadid.com/2.12.1/ 		36 B
660 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.12.1/GenerateToken?msn=1&pid=3afde00d-7224-41da-bb74-3f8940906173&_=933489556
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/203c13fe-967d-017a-0cd4-26f1760711a9.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.219.134.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-219-134-219.compute-1.amazonaws.com
Software
nginx /
Resource Hash
fe18c0f79a8463e8524cabee6d606e063938e47dd33414394fa592a5ab87f1ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 04 Apr 2024 09:36:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
m
protaxpayouts.com/user/ 		4 B
654 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://protaxpayouts.com/user/m
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-Bubble-Fiber-ID
1712223361632x930813366574213800
X-Bubble-PL
1712223360188x379
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
cache-control
no-cache
Referer
https://protaxpayouts.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 09:36:01 GMT
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":20.6,"percents":{"top":{"bubble_cpu":23.3,"block":68.8,"capacity_rl":0,"other_pause":0,"pre_fiber":6.7},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":44,"fiber_queue":6,"capacity_wait":9.1}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":11,"fiber_queue":13,"blocks":12},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":720368}}
server
cloudflare
x-powered-by
Express
x-bubble-capacity-used
0.011 unit-seconds used
cf-ray
86f04fca4b212589-MIA
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041539808x248149398514115650%2Fimg-2.72c77c0.png
d1muf25xaso8hp.cloudfront.net/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041539808x248149398514115650%2Fimg-2.72c77c0.png?w=48&h=86&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
fe7481706a55f66b10650b74deb04ed78564944007fd7dcf50638a369ea97665
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 24 Mar 2024 19:56:13 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
913188
x-cache
Hit from cloudfront
x-imgix-id
9648a8f0e98322fc05d1e8a95380da7be36fa584
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1795
x-served-by
cache-sjc1000145-SJC, cache-iad-kcgs7200030-IAD
last-modified
Sun, 24 Mar 2024 19:56:13 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
euVlBqjVr6OvppWNDBP-V7s5XkXyegSPEpEU97a1UgDdDvzGaPCx8w==
https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041529232x307455324007315650%2Fimg-1.ac76cc2.png
d1muf25xaso8hp.cloudfront.net/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041529232x307455324007315650%2Fimg-1.ac76cc2.png?w=96&h=54&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
865a29016cdf521fefe0ea5a57850d520972657b60b35b887be09e9d0c9f1849
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 21:55:51 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
653706
x-cache
Hit from cloudfront
x-imgix-id
5e8654ff3cf76bad56786bd1e46a0fbc5e55cc61
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1628
x-served-by
cache-sjc1000115-SJC, cache-iad-kjyo7100096-IAD
last-modified
Wed, 27 Mar 2024 20:00:55 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
nxh0JgIh3TwH_yPlrFYEmrrVDYx7sdoJWueK7w6M4lNUIAN2yE9AFA==
https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041571757x698245854828185300%2Fimg-5.2116970.png
d1muf25xaso8hp.cloudfront.net/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041571757x698245854828185300%2Fimg-5.2116970.png?w=128&h=18&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
696eaad02011c009a8bb3e9c3796a2e6ecf85459bde131927893de69aea598ad
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 24 Mar 2024 19:56:13 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
913188
x-cache
Hit from cloudfront
x-imgix-id
ea94ad43b0b57837f1ebd4900ec3a6fe07b9f136
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1770
x-served-by
cache-sjc1000143-SJC, cache-iad-kiad7000158-IAD
last-modified
Sun, 24 Mar 2024 19:56:13 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
BbQhR5Y0goB-p6Aj__quJuyPbfSXEUpaNezQn7Mw79SNb2JUBdax8Q==
https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041558233x152419338647863840%2Fimg-3.61d42d8.png
d1muf25xaso8hp.cloudfront.net/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041558233x152419338647863840%2Fimg-3.61d42d8.png?w=96&h=35&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
c3bdacf9461e18969932745ed91bfd8fef61aa92a71e534600ff94d8ace82bac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 24 Mar 2024 19:56:12 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
1968826
x-cache
Hit from cloudfront
x-imgix-id
6405e4c757e1be57b3faac8a5760dba2ca72f852
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1903
x-served-by
cache-sjc1000107-SJC, cache-iad-kjyo7100100-IAD
last-modified
Tue, 12 Mar 2024 14:42:15 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
_rhTATRa4VbGmgrRvzQRnSaLtDKdXT2fZQJSs-y6IHKIQ12eOtblHg==
https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041564096x199627280331761800%2Fimg-4.5444431.png
d1muf25xaso8hp.cloudfront.net/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041564096x199627280331761800%2Fimg-4.5444431.png?w=128&h=25&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
fd1c1ca3379b65fedc859d8cd23b958c89692a9ad0cb57bae0098922c2734cc8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 24 Mar 2024 19:56:13 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
913188
x-cache
Hit from cloudfront
x-imgix-id
afbadda47ebeb1a4beb715b77c8676118eb5add6
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1916
x-served-by
cache-sjc10066-SJC, cache-iad-kiad7000119-IAD
last-modified
Sun, 24 Mar 2024 19:56:13 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
IzNTqesmxB6Mf689P2ghpqjE0yiz8DJBut14BlB18DWaUZ36seLNxw==
https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700698888591x452444752346095300%2Fptp.png
d1muf25xaso8hp.cloudfront.net/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700698888591x452444752346095300%2Fptp.png?w=384&h=123&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
b6f498c5de3b002326b917d7191e1b5d05a3e0c68bf2a7b9c79aa7ae2e7f22d8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 14:03:56 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
1540656
x-cache
Hit from cloudfront
x-imgix-id
b00beef5b07effabb0cc10a12a642e5982f83bf4
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7019
x-served-by
cache-sjc1000117-SJC, cache-iad-kcgs7200057-IAD
last-modified
Sun, 17 Mar 2024 13:38:25 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
BaRWQVPtriYgi_llv-E2vTTLFusZDPZOaDFfJ-CLcay4z1pbSu6p9w==
https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041580289x469485673360457800%2Fimg-6.20141e6.png
d1muf25xaso8hp.cloudfront.net/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041580289x469485673360457800%2Fimg-6.20141e6.png?w=128&h=36&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
12c2a3a547ea0bebbce2351010f3d33915f617153126aea558503cc09f3450c8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 24 Mar 2024 19:56:13 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
1974209
x-cache
Hit from cloudfront
x-imgix-id
17fb127410065e9ceb772321d79530d7354daec1
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1934
x-served-by
cache-sjc1000091-SJC, cache-iad-kjyo7100166-IAD
last-modified
Tue, 12 Mar 2024 13:12:31 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
jo_5XI9YOHpGIRBhXqCNfMjZ73h2uHw6nt-eSbDAmJlDT-Ly_z1nCQ==
https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041585372x881696922757155300%2Fimg-7.b6a1764.png
d1muf25xaso8hp.cloudfront.net/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041585372x881696922757155300%2Fimg-7.b6a1764.png?w=96&h=32&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
8a4422c15d2795bf2e533e825ce400f037c5ac359fc164953a9a175c5bdba54c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 11:55:01 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
1327822
x-cache
Hit from cloudfront
x-imgix-id
c4520129b6d4278299d39608ce7f3cff8fa422cb
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1550
x-served-by
cache-sjc10053-SJC, cache-iad-kcgs7200161-IAD
last-modified
Wed, 20 Mar 2024 00:45:40 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
DSCd7LIi8aanoos-BgzAAx0mPjVfLnq9ziYurETaqREghyKscQK_lA==
https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041591472x397536251855640700%2Fimg-8.292131f.png
d1muf25xaso8hp.cloudfront.net/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041591472x397536251855640700%2Fimg-8.292131f.png?w=128&h=25&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
bee85665677a8310c3ae0b183621d88c62d021d6caaadc35dc49ff100275bafe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 29 Mar 2024 20:58:42 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
1521418
x-cache
Hit from cloudfront
x-imgix-id
f02a968fddf897e55004b3286ad5704e9921f07a
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1163
x-served-by
cache-sjc10030-SJC, cache-iad-kiad7000121-IAD
last-modified
Sun, 17 Mar 2024 18:59:03 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
uh5rx72rhmGyipALjJOrYHxr_OE7ZDjTix2TPR6hMt2euJ0u191PgA==
https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041597551x144125875654037800%2Fimg-9.b3b1b5a.png
d1muf25xaso8hp.cloudfront.net/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041597551x144125875654037800%2Fimg-9.b3b1b5a.png?w=192&h=24&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
6cdae06921b72c3eda7fb09d4aa41077aa8ba42a691ceb2a2fc61eef103e78f4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 16:32:53 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
839333
x-cache
Hit from cloudfront
x-imgix-id
bf2b234264a29ec4f90b4c0fa36ad520a899f66f
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2508
x-served-by
cache-sjc1000092-SJC, cache-iad-kcgs7200104-IAD
last-modified
Mon, 25 Mar 2024 16:27:08 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
ztoAJD0iqh6JBiuQZK-eijkVnXWEz5Y4YJQ7_csuSSEqc8Y9KbX6kw==
msearch
protaxpayouts.com/elasticsearch/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://protaxpayouts.com/elasticsearch/msearch
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
27860f51cd0f088ee0d7276ea8e009f56d5231811d9f2cbff52f83f3c403c399

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-Bubble-Fiber-ID
1712223361745x645610086814105500
X-Bubble-PL
1712223360188x379
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
cache-control
no-cache
Referer
https://protaxpayouts.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 09:36:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":30.3,"percents":{"top":{"bubble_cpu":29.2,"block":67.4,"capacity_rl":0,"other_pause":0,"pre_fiber":2.1},"sub":{"pp_userdb":19.8,"pp_wait_userdb":0,"http_request":0,"serverjson":43,"appserver_cache_misses_time":0,"redis":48.8,"fiber_queue":2.9,"capacity_wait":0}},"counts":{"pp_userdb":1,"http_request":0,"derived_build":0,"serverjson":4,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":13,"fiber_queue":15,"blocks":14},"misc":{"userdb_results":4,"userdb_data":2055,"spent_time":3324962}}
server
cloudflare
x-bubble-appname
protaxpayouts
x-powered-by
Express
x-bubble-request-took
30
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.051 unit-seconds used
cf-ray
86f04fcb0b922589-MIA
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700697777789x143445194643106560%2Fimage-removebg-preview%2520%25284%2529.png
d1muf25xaso8hp.cloudfront.net/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700697777789x143445194643106560%2Fimage-removebg-preview%2520%25284%2529.png?w=192&h=192&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
dc6d20ba246008c3d2cb192b9b42e70603806620f33aca3ea00046ddfc2088c5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Apr 2024 20:00:17 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
1974004
x-cache
Hit from cloudfront
x-imgix-id
fa43705c198387cf849b3b7a451221ed9bc56288
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6794
x-served-by
cache-sjc1000091-SJC, cache-iad-kiad7000127-IAD
last-modified
Tue, 12 Mar 2024 13:15:57 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
wmlx31000WdTls42nes3UzSh_vrWfUUPMXzkAQtzqRYQ57ru9kpjGA==
https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700697790423x511501791887445360%2Fimage-removebg-preview%2520%25285%2529.png
d1muf25xaso8hp.cloudfront.net/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700697790423x511501791887445360%2Fimage-removebg-preview%2520%25285%2529.png?w=192&h=192&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
e74cc2aa8d4c66a7ed2ac0c6c68f56793c14d19ea3c3b6fcfb53a7e2bc0f75f0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 20:47:32 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
1383178
x-cache
Hit from cloudfront
x-imgix-id
ec9463f5737c823badbcdaeb7ecedc78a5ea6c27
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5007
x-served-by
cache-sjc1000140-SJC, cache-iad-kjyo7100081-IAD
last-modified
Tue, 19 Mar 2024 09:23:03 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
0EQ57VLv3R75tSpIi1Fox8mx9ODy0mXOMDF8Q9C15wCzaupuXP5b2g==
https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700698338760x732500415730632100%2Fimage-removebg-preview%2520%25287%2529.png
d1muf25xaso8hp.cloudfront.net/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700698338760x732500415730632100%2Fimage-removebg-preview%2520%25287%2529.png?w=192&h=192&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
27532d9837b9943ee49dad09e51f6d2ae7e3746c8bc5979ed754b95e0cf85ed0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 16:32:53 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
498660
x-cache
Hit from cloudfront
x-imgix-id
400dbae4a51210f0d98bf09f2ccf09359274e76a
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5142
x-served-by
cache-sjc1000108-SJC, cache-iad-kjyo7100105-IAD
last-modified
Fri, 29 Mar 2024 15:05:01 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
LajzqHlS6Jd40HTnnGENRYQ-eawIrqdyVB7lhGi6jzZw1VyHhAHe8g==
https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700698347245x639944879127290600%2Fimage-removebg-preview%2520%25288%2529.png
d1muf25xaso8hp.cloudfront.net/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700698347245x639944879127290600%2Fimage-removebg-preview%2520%25288%2529.png?w=192&h=192&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:1800:1c:37e5:3f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
d96e1e5fb733421bd3de02a418d5c6458706328d469871b840f602523c5d54a9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 24 Mar 2024 19:56:13 GMT
via
1.1 33d20e5c1d4642e72bf534aef6869c58.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
EWR53-C1
age
1331814
x-cache
Hit from cloudfront
x-imgix-id
f7a15b003dcceff5e1a281c9c9665675f5f216f6
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
8285
x-served-by
cache-sjc10066-SJC, cache-iad-kiad7000136-IAD
last-modified
Tue, 19 Mar 2024 23:39:07 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
x83XA_NUzJueuLdeX6fsgAs359XllGnfqLNDeEmOfzdECDjrezkUbw==
https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700698361359x227017435155707940%2Fimage-removebg-preview%2520%25289%2529.png
d1muf25xaso8hp.cloudfront.net/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700698361359x227017435155707940%2Fimage-removebg-preview%2520%25289%2529.png?w=192&h=192&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.225.66.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-66-230.ewr53.r.cloudfront.net
Software
Google Frontend /
Resource Hash
7f38486ecab114203dd690f99c093ee3593c4853aa7fd9565054863590e30250
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 10:53:41 GMT
via
1.1 4c18e6ed879a674305cb5156731cf396.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
1974004
x-amz-cf-pop
EWR53-C1
x-cache
Hit from cloudfront
x-imgix-id
2ed8cb640748a05712b32912e0690f40b215b192
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7107
x-served-by
cache-sjc10025-SJC, cache-iad-kiad7000119-IAD
last-modified
Tue, 12 Mar 2024 13:15:57 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
7-NzJsJBL4W0WhXynt3SsoQ4Dz1LMMmFCxe05MFdjpxBJAtbq5tXAA==
https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041606748x279253220560156770%2Fimg-10.8fac322.png
d1muf25xaso8hp.cloudfront.net/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692041606748x279253220560156770%2Fimg-10.8fac322.png?w=256&h=25&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.225.66.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-66-230.ewr53.r.cloudfront.net
Software
Google Frontend /
Resource Hash
87d0b8e09129b3a04c34f9147232f466293db457f94716004a781ffe113ac67c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 24 Mar 2024 19:56:13 GMT
via
1.1 4c18e6ed879a674305cb5156731cf396.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
2258900
x-amz-cf-pop
EWR53-C1
x-cache
Hit from cloudfront
x-imgix-id
257603890ddf10e54363cdd853f99d9970726dcd
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2999
x-served-by
cache-sjc1000110-SJC, cache-iad-kcgs7200037-IAD
last-modified
Sat, 09 Mar 2024 06:07:40 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
e4Sdi5UwrkfrzuVvrUGiHnHpQ-HqkeU3f3clnIMEL_0jTRC1aBHNwA==
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame B1F3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=78425C33-5104-828E-086C-3DF2CDAAA38F&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.12.1&lck=203C13FE-967D-017A-0CD4-26F1760711A9&lac=54386448-36AC-86ED-3CA2-6D2E9804120D
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/203c13fe-967d-017a-0cd4-26f1760711a9.js?snippet_version=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.138.125.145 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-125-145.jfk50.r.cloudfront.net
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://protaxpayouts.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
en-US,en;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Headers
*
Access-Control-Allow-Origin
*
Age
3302
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Thu, 04 Apr 2024 08:41:06 GMT
Etag
W/"65a0715c-dbb"
Last-Modified
Thu, 11 Jan 2024 22:53:16 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Via
1.1 2041b05ebafba84de0e785871a4269bc.cloudfront.net (CloudFront)
X-Amz-Cf-Id
DOpNgDS9qiGMimUpl_7vpYcHp5wvH4ArMF_NWN8UxwMyESq3Ul9u3Q==
X-Amz-Cf-Pop
JFK50-P4
X-Cache
Hit from cloudfront
SaveDom
create.leadid.com/2.12.1/ 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.12.1/SaveDom?msn=2&pid=3afde00d-7224-41da-bb74-3f8940906173&token=78425C33-5104-828E-086C-3DF2CDAAA38F&_=933489557
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/203c13fe-967d-017a-0cd4-26f1760711a9.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.219.134.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-219-134-219.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 04 Apr 2024 09:36:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
InitFormData
create.leadid.com/2.12.1/ 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.12.1/InitFormData?msn=3&pid=3afde00d-7224-41da-bb74-3f8940906173&token=78425C33-5104-828E-086C-3DF2CDAAA38F&_=933489558
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/203c13fe-967d-017a-0cd4-26f1760711a9.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.219.134.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-219-134-219.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 04 Apr 2024 09:36:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700697975335x310187733999592200%2Fanastasiia-chepinska-OBmBHmrc3pw-unsplash.jpg
d1muf25xaso8hp.cloudfront.net/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700697975335x310187733999592200%2Fanastasiia-chepinska-OBmBHmrc3pw-unsplash.jpg?w=512&h=350&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.225.66.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-66-230.ewr53.r.cloudfront.net
Software
Google Frontend /
Resource Hash
dd444caec4a7753bb954eb068b9ca3814b972f2585c9f1757b419a612ffc7ca5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 21:55:51 GMT
via
1.1 4c18e6ed879a674305cb5156731cf396.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
1327821
x-amz-cf-pop
EWR53-C1
x-cache
Hit from cloudfront
x-imgix-id
f84d914c6b9c1d07a18ee2a5f79926632cad22bd
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14937
x-served-by
cache-sjc1000106-SJC, cache-iad-kiad7000034-IAD
last-modified
Wed, 20 Mar 2024 00:45:40 GMT
server
Google Frontend
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
d3F8dSP7U7yoHp5hjGrNclb17MHyLyRZ62hx8MEfHabeyceNuKC8sA==
https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700698018586x985349979008050000%2Falexander-mils-lCPhGxs7pww-unsplash.jpg
d1muf25xaso8hp.cloudfront.net/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700698018586x985349979008050000%2Falexander-mils-lCPhGxs7pww-unsplash.jpg?w=512&h=350&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.225.66.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-66-230.ewr53.r.cloudfront.net
Software
Google Frontend /
Resource Hash
aa9ceea7e8155d7755cfbb8e07613fd88127a69e3f5904b4a967131508fa1f0c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 22:13:45 GMT
via
1.1 4c18e6ed879a674305cb5156731cf396.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
1327821
x-amz-cf-pop
EWR53-C1
x-cache
Hit from cloudfront
x-imgix-id
c9825c88112701aaa4e40d3e085ec9605c93e8a8
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
25594
x-served-by
cache-sjc1000130-SJC, cache-iad-kjyo7100147-IAD
last-modified
Wed, 20 Mar 2024 00:45:40 GMT
server
Google Frontend
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
WSoIbu4QjyP5yeHroCdBfe3Xb52g6jpLeuLnpfmFg1ebU_HNHPefUQ==
https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700698084736x895089719566697000%2FScreen%2520Shot%25202023-11-22%2520at%25206.07.46%2520PM.png
d1muf25xaso8hp.cloudfront.net/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700698084736x895089719566697000%2FScreen%2520Shot%25202023-11-22%2520at%25206.07.46%2520PM.png?w=512&h=349&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.225.66.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-66-230.ewr53.r.cloudfront.net
Software
Google Frontend /
Resource Hash
2bf03e6e77410f67e366e8399b6c7292e37a9016c11b58ac8fba04399727d019
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 21:55:54 GMT
via
1.1 4c18e6ed879a674305cb5156731cf396.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
301207
x-amz-cf-pop
EWR53-C1
x-cache
Hit from cloudfront
x-imgix-id
a8a06b67ccdba6d7731f1d7350e926880a305d1f
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
24932
x-served-by
cache-sjc10038-SJC, cache-iad-kjyo7100032-IAD
last-modified
Sun, 31 Mar 2024 21:55:53 GMT
server
Google Frontend
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
dax9XpNQNB7Wc8VJdYkwdGZH1wX7dTBx2ZaWTpsii3aQfQKc45PPgw==
https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700698904624x337183130758969660%2Fptp.png
d1muf25xaso8hp.cloudfront.net/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700698904624x337183130758969660%2Fptp.png?w=384&h=123&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.225.66.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-66-230.ewr53.r.cloudfront.net
Software
Google Frontend /
Resource Hash
b6f498c5de3b002326b917d7191e1b5d05a3e0c68bf2a7b9c79aa7ae2e7f22d8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 26 Mar 2024 14:03:59 GMT
via
1.1 4c18e6ed879a674305cb5156731cf396.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
1540656
x-amz-cf-pop
EWR53-C1
x-cache
Hit from cloudfront
x-imgix-id
224d19e94ef1050f1b3c5983162952480edfab57
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7019
x-served-by
cache-sjc1000109-SJC, cache-iad-kiad7000165-IAD
last-modified
Sun, 17 Mar 2024 13:38:25 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
1n3-eL5_wVCXg8f2Bxipdoxr8HkP4yq_MSeXDKQxZF3VAMuVg-xCew==
https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700697798010x324032103942441660%2Fimage-removebg-preview%2520%25286%2529.png
d1muf25xaso8hp.cloudfront.net/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700697798010x324032103942441660%2Fimage-removebg-preview%2520%25286%2529.png?w=192&h=192&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.225.66.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-66-230.ewr53.r.cloudfront.net
Software
Google Frontend /
Resource Hash
69b60dc7d60a21c721ae35cbdc2c21a535dbe6bb144cec4fe7f51c0747fde63c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 30 Mar 2024 22:13:45 GMT
via
1.1 4c18e6ed879a674305cb5156731cf396.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
1126966
x-amz-cf-pop
EWR53-C1
x-cache
Hit from cloudfront
x-imgix-id
58de4527f08572816b9cb9506de3c3df7db6df20
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
9619
x-served-by
cache-sjc10058-SJC, cache-iad-kjyo7100098-IAD
last-modified
Fri, 22 Mar 2024 08:33:15 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
5-PMV5MVQHntp3jgXfJo3gB8pB-UzwFstdKUegKNuPCEEcuv2Zi4fA==
https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692051595397x733142787957629800%2Fimg-11.f00a2a7.png
d1muf25xaso8hp.cloudfront.net/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692051595397x733142787957629800%2Fimg-11.f00a2a7.png?w=256&h=62&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.225.66.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-66-230.ewr53.r.cloudfront.net
Software
Google Frontend /
Resource Hash
0174cee09d6a15293b39e28858e70d6a39683517c9f90a1b1c101e843b4faf11
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 21:55:51 GMT
via
1.1 4c18e6ed879a674305cb5156731cf396.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
1974211
x-amz-cf-pop
EWR53-C1
x-cache
Hit from cloudfront
x-imgix-id
131374a6104715bc13b2b5838e6bc80d4cbacd49
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2977
x-served-by
cache-sjc1000135-SJC, cache-iad-kcgs7200139-IAD
last-modified
Tue, 12 Mar 2024 13:12:31 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
1SLaMjkuDScggEciYfr7JTMeOFd7rGgRFup_l7Pp2BcOP5gjV58yCg==
https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692051612445x531203005259321900%2Fimg-12.efc10db.png
d1muf25xaso8hp.cloudfront.net/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2Fd23f3ce3b7d5b9a6ef43b693ab77e994.cdn.bubble.io%2Ff1692051612445x531203005259321900%2Fimg-12.efc10db.png?w=256&h=52&auto=compress&dpr=1&fit=max
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.225.66.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-66-230.ewr53.r.cloudfront.net
Software
Google Frontend /
Resource Hash
163e0d400c210755460d75f97b54a5a4644f40a7a8d79c09a2c4de033c11a045
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 31 Mar 2024 21:55:51 GMT
via
1.1 4c18e6ed879a674305cb5156731cf396.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
2258903
x-amz-cf-pop
EWR53-C1
x-cache
Hit from cloudfront
x-imgix-id
a9d24443084af4343f4c7adb88ab6b69f186c5d0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3084
x-served-by
cache-sjc10029-SJC, cache-iad-kjyo7100022-IAD
last-modified
Sat, 09 Mar 2024 06:07:40 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
DwsBTDKLVlUTANR2FG2_MGXsnQIgx6OxMHgh4QrJ0QVg_7vF9i10HA==
collect
www.google-analytics.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-3L798PWCB0&gtm=45je4410v9173777646z89173154238za200&_p=1712223360959&gcd=13l3l3l3l1&npa=0&dma=0&cid=560310028.1712223362&ul=en-us&sr=800x600&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B123.0.6312.105%7CNot%253AA-Brand%3B8.0.0.0%7CChromium%3B123.0.6312.105&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712223362&sct=1&seg=0&dl=https%3A%2F%2Fprotaxpayouts.com%2Fv4%2F%3Fefclick%3D1916d551a1654a14b9c37d48dbef95fd%26aid%3D52&dt=Pro%20Tax%20Payouts&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3L798PWCB0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80b::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 04 Apr 2024 09:36:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://protaxpayouts.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.4bbac2bdc7f1b66d3009.js
script.hotjar.com/ 		221 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.4bbac2bdc7f1b66d3009.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3804385.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-87.jfk50.r.cloudfront.net
Software
/
Resource Hash
261e44bd5998183c1bde239149a4be112fd5afd76c1efb12da82f24cf20561d4
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Apr 2024 12:55:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 b5fe18267507cb61755963d8928a60f4.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
160856
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55706
last-modified
Tue, 02 Apr 2024 12:54:16 GMT
etag
"d8eecaf9ad4fc4bf64b1230f03df9166"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
XQlFGSvokvEvTdFhULYFG2Dls8sO1GAiNA981JovbNcXu0X1nCysag==
890613399323495
connect.facebook.net/signals/config/ 		63 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/890613399323495?v=2.9.151&r=stable&domain=protaxpayouts.com&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1288f027377141254f7ebc55961199aeb1b18df3c9fb8777429edaa5cc79e521
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 04 Apr 2024 09:36:02 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=64, rtx=0, c=64, mss=1294, tbw=63139, tp=-1, tpl=-1, uplat=108, ullat=0
pragma
public
x-fb-debug
nZi/oQo5vfLj+Gae2kyxR8xDqPi+3UXjepNs+aseREzVJ1goZEpeJKcoB2z99JwnFord+krpfk+KU1IG1HmhCA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
bulk_watch
protaxpayouts.com/elasticsearch/ 		77 B
791 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://protaxpayouts.com/elasticsearch/bulk_watch
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b33e219e4d244197183878c99f1751bf6cdd3d73d4e0cc3df3b3fe91ba308187

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-Bubble-Fiber-ID
1712223362335x535650998801183740
X-Bubble-PL
1712223360188x379
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
cache-control
no-cache
Referer
https://protaxpayouts.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 09:36:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":28.7,"percents":{"top":{"bubble_cpu":24.7,"block":72.9,"capacity_rl":0,"other_pause":0,"pre_fiber":2.3},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":18.6,"appserver_cache_misses_time":0,"redis":57.9,"fiber_queue":3,"capacity_wait":7.4}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":4,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":19,"fiber_queue":20,"blocks":19},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1064273}}
server
cloudflare
x-bubble-appname
protaxpayouts
x-powered-by
Express
x-bubble-request-took
29
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.016 unit-seconds used
cf-ray
86f04fcebdb92589-MIA
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
/
www.facebook.com/tr/ 		0
270 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=890613399323495&ev=PageView&dl=https%3A%2F%2Fprotaxpayouts.com%2Fv4%2F%3Fefclick%3D1916d551a1654a14b9c37d48dbef95fd%26aid%3D52&rl=&if=false&ts=1712223362446&sw=800&sh=600&v=2.9.151&r=stable&ec=0&o=4126&fbp=fb.1.1712223362442.1726323983&cs_est=true&ler=empty&cdl=API_unavailable&it=1712223362214&coo=false&rqm=GET
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=63, rtx=0, c=10, mss=1294, tbw=2767, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 04 Apr 2024 09:36:02 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700861681707x119571768825953440%2FNew%2520Project%2520%25289%2529.png
d1muf25xaso8hp.cloudfront.net/ 		2 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d1muf25xaso8hp.cloudfront.net/https%3A%2F%2F292c416d2137092183ebec532322e83b.cdn.bubble.io%2Ff1700861681707x119571768825953440%2FNew%2520Project%2520%25289%2529.png?w=128&h=&auto=compress&dpr=1&fit=max
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
13.225.66.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-66-230.ewr53.r.cloudfront.net
Software
Google Frontend /
Resource Hash
d60eaa57f1a257e354381326d3f193e898d12339557cac7fdcc01e84425a9452
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 23 Mar 2024 16:12:27 GMT
via
1.1 4c18e6ed879a674305cb5156731cf396.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
1446553
x-amz-cf-pop
EWR53-C1
x-cache
Hit from cloudfront
x-imgix-id
f243a9d932dc473320e9774c055c1c20dfe65997
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2362
x-served-by
cache-sjc10077-SJC, cache-iad-kcgs7200139-IAD
last-modified
Mon, 18 Mar 2024 15:46:49 GMT
server
Google Frontend
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
vrvwpmpCMzvixYUY9rQK_FIyW4g46YrNGTLSJYRe6GGJvgQosZALvQ==
apm
protaxpayouts.com/user/ 		4 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://protaxpayouts.com/user/apm
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-Bubble-Fiber-ID
1712223362846x245964784218664060
X-Bubble-PL
1712223360188x379
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
cache-control
no-cache
Referer
https://protaxpayouts.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 09:36:02 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":15.2,"percents":{"top":{"bubble_cpu":27.4,"block":67.1,"capacity_rl":0,"other_pause":0,"pre_fiber":5},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":54,"fiber_queue":3.8,"capacity_wait":11.4}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":11,"fiber_queue":12,"blocks":11},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":624803}}
server
cloudflare
x-bubble-appname
protaxpayouts
x-powered-by
Express
x-bubble-request-took
15
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.01 unit-seconds used
cf-ray
86f04fd1ef602589-MIA
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
frg
protaxpayouts.com/ 		4 B
722 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://protaxpayouts.com/frg
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-Bubble-Fiber-ID
1712223364635x769493012967000000
X-Bubble-PL
1712223360188x379
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
cache-control
no-cache
Referer
https://protaxpayouts.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 09:36:04 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":13.5,"percents":{"top":{"bubble_cpu":29.2,"block":65.9,"capacity_rl":0,"other_pause":0,"pre_fiber":5.3},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":0,"appserver_cache_misses_time":0,"redis":63.7,"fiber_queue":4.7,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"serverjson":0,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":8,"fiber_queue":9,"blocks":8},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":593291}}
server
cloudflare
x-bubble-appname
protaxpayouts
x-powered-by
Express
x-bubble-request-took
13
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.009 unit-seconds used
cf-ray
86f04fdd1e1c2589-MIA
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
frg
protaxpayouts.com/ 		4 B
767 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://protaxpayouts.com/frg
Requested by
Host: protaxpayouts.com
URL: https://protaxpayouts.com/package/pre_run_jquery_js/dee903a9e36db713e4c86d0cdd96d921e37be0c1293ed8dee29e2e4d7713b9ff/pre_run_jquery.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.240.93 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
X-Bubble-Fiber-ID
1712223364792x531086026690558400
X-Bubble-PL
1712223360188x379
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/javascript, */*; q=0.01
X-Bubble-R
https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
cache-control
no-cache
Referer
https://protaxpayouts.com/
X-Requested-With
XMLHttpRequest
X-Bubble-Breaking-Revision
5
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 04 Apr 2024 09:36:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-bubble-perf
{"total":537.4,"percents":{"top":{"bubble_cpu":2,"block":95.9,"capacity_rl":0,"other_pause":0,"pre_fiber":2.2},"sub":{"pp_userdb":0,"pp_wait_userdb":0,"http_request":0,"serverjson":1.7,"appserver_cache_misses_time":0,"redis":2,"fiber_queue":0.2,"capacity_wait":0}},"counts":{"pp_userdb":0,"http_request":0,"derived_build":0,"derived_cache_attempts":1,"derived_cache_memory_misses":1,"serverjson":2,"appserver_cache_attempts":0,"appserver_mem_cache_hits":0,"appserver_cache_hits":0,"appserver_cache_misses":0,"redis":10,"fiber_queue":12,"blocks":11},"misc":{"userdb_results":0,"userdb_data":0,"spent_time":1578679}}
server
cloudflare
x-bubble-appname
protaxpayouts
x-powered-by
Express
x-bubble-request-took
537
vary
Accept-Encoding
content-type
application/json
cache-control
no-cache
x-bubble-capacity-used
0.024 unit-seconds used
cf-ray
86f04fde1f3b2589-MIA
alt-svc
h3=":443"; ma=86400
x-bubble-capacity-limit
0 ms slower
Snap
create.leadid.com/2.12.1/ 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.12.1/Snap?msn=4&pid=3afde00d-7224-41da-bb74-3f8940906173&token=78425C33-5104-828E-086C-3DF2CDAAA38F&_=933489559
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/203c13fe-967d-017a-0cd4-26f1760711a9.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.219.134.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-219-134-219.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 04 Apr 2024 09:36:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
Snap
create.leadid.com/2.12.1/ 		0
623 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://create.leadid.com/2.12.1/Snap?msn=5&pid=3afde00d-7224-41da-bb74-3f8940906173&token=78425C33-5104-828E-086C-3DF2CDAAA38F&_=933489560
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/203c13fe-967d-017a-0cd4-26f1760711a9.js?snippet_version=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.219.134.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-219-134-219.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-platform
"Win32"
Referer
https://protaxpayouts.com/
accept-language
en-US,en;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Thu, 04 Apr 2024 09:36:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 string| bubble_session_uid object| headers_source_maps function| load_error_function object| load_error_log function| disableLoadErrorFunction object| _bubble_page_load_data object| webfont object| WebFont function| FontFaceObserver string| gm_key boolean| glrl_key_status string| bubble_page_load_id string| bubble_plp_token boolean| bubble_is_leanjs string| _p string| bubble_page_name function| $ function| jQuery function| Lib_post_load string| bubble_bundle_name function| clearImmediate function| setImmediate object| BrowserDetect function| highlight_dom_changes function| local_storage_fallback object| u function| appquery function| google_web_fonts_active_cb function| fontface_webfonts_loaded_cb object| element_performance_counts function| kill_notifier_socket function| restore_notifier_socket number| server_time_offset object| client_db object| safe_require object| testing function| authenticate_as object| document_ready_key function| gapListener function| display_page function| switch_page object| preloaded object| __code__ function| Inputmask object| _bubble_watcher_cache number| bubble_version function| initialize_stripe_form object| optional_modules object| plugins object| bubble_run_derived function| Picker object| translation_data object| language_data string| application_language object| app function| Lib function| everything_ready function| wait_for_everything object| dataLayer function| is_ipv4 function| is_ipv6 object| simpleIPRegex function| peer function| publicIPs function| getIPTypes function| getIPv4 function| getIPv6 function| getIPs boolean| __bubble_module_mode object| captured_test_errors number| render_end_timestamp function| bubble_fn_token boolean| google_web_fonts_active object| fontface_loaded boolean| all_fontface_loaded object| EF object| google_tag_manager object| google_tag_data function| hj object| _hjSettings function| fbq function| _fbq object| LeadiDconfig object| LeadiD string| label string| id boolean| sensitiveData function| onYouTubeIframeAPIReady object| gaGlobal object| hjSiteSettings function| hjBootstrap object| hjLazyModules object| hjBootstrapCalled object| defaultStyleFrame

15 Cookies

Domain/Path Name / Value
www.m19dtrk.com/ Name: uniqueClick_4LQKR6T
Value: 6b7943af-855a-4f12-acf1-7e06692a2a3a:1712223359
www.m19dtrk.com/ Name: transaction_id
Value: 1916d551a1654a14b9c37d48dbef95fd
.protaxpayouts.com/ Name: protaxpayouts_live_u2main
Value: us_protaxpayouts_live_1712223360145x421135357103978200_1712223360161x814988055358011800
.protaxpayouts.com/ Name: protaxpayouts_live_u2main.sig
Value: aZQ-F1uVeMVT4taXA0knKQ7Up-I
.protaxpayouts.com/ Name: protaxpayouts_u1main
Value: 1712223360145x421135357103978200
protaxpayouts.com/ Name: leadid_token-54386448-36AC-86ED-3CA2-6D2E9804120D-203C13FE-967D-017A-0CD4-26F1760711A9
Value: 78425C33-5104-828E-086C-3DF2CDAAA38F
.protaxpayouts.com/ Name: _ga_3L798PWCB0
Value: GS1.1.1712223362.1.0.1712223362.0.0.0
.protaxpayouts.com/ Name: _ga
Value: GA1.1.560310028.1712223362
.trueleadid.com/ Name: nlbi_3051494
Value: g2XdW/mcoEdobFUQC30iGwAAAABapYhugbWxqPKgT5nTM/tY
.trueleadid.com/ Name: visid_incap_3051494
Value: IDw5vVJ6Rt2E365MqpGWYYF0DmYAAAAAQUIPAAAAAABk7gn2kvfr8i8G+8Fvwnfn
.trueleadid.com/ Name: incap_ses_1702_3051494
Value: oXpraGm2+VRLLx7sb7ieF4F0DmYAAAAAMg4shjydxq9/Eot1MBQ/lw==
.deviceid.trueleadid.com/ Name: uuid
Value: e707c9406da649a9ab5b82fb091d315f
.protaxpayouts.com/ Name: _fbp
Value: fb.1.1712223362442.1726323983
.protaxpayouts.com/ Name: _hjSessionUser_3804385
Value: eyJpZCI6ImE4NDA2NzVmLWUwMmYtNTViZi04OTU3LTBmMGI2Yjg2M2QxMCIsImNyZWF0ZWQiOjE3MTIyMjMzNjI1ODksImV4aXN0aW5nIjpmYWxzZX0=
.protaxpayouts.com/ Name: _hjSession_3804385
Value: eyJpZCI6Ijc0MWY2ZmY5LTlhNjItNDEyNS1hZTU1LTdmZWE2Njc1OTkxNCIsImMiOjE3MTIyMjMzNjI1OTEsInMiOjAsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=

15 Console Messages

Source Level URL
Text
other warning URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/890613399323495?v=2.9.151&r=stable&domain=protaxpayouts.com&hme=8ce74e881727851b4427183947937854816d72704925561b9de6420cd43214ee&ex_m=66%2C111%2C98%2C102%2C57%2C3%2C92%2C65%2C15%2C90%2C83%2C48%2C50%2C157%2C160%2C171%2C167%2C168%2C170%2C28%2C93%2C49%2C72%2C169%2C152%2C155%2C164%2C165%2C172%2C120%2C14%2C47%2C176%2C175%2C122%2C17%2C32%2C36%2C1%2C40%2C61%2C62%2C63%2C67%2C87%2C16%2C13%2C89%2C86%2C85%2C99%2C101%2C35%2C100%2C29%2C25%2C153%2C156%2C129%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C53%2C58%2C60%2C70%2C94%2C26%2C71%2C8%2C7%2C75%2C45%2C20%2C96%2C95%2C9%2C19%2C18%2C77%2C82%2C44%2C43%2C81%2C37%2C39%2C80%2C52%2C78%2C31%2C41%2C34%2C69%2C0%2C88%2C4%2C84%2C76%2C79%2C2%2C33%2C59%2C38%2C97%2C42%2C74%2C64%2C103%2C56%2C55%2C30%2C91%2C54%2C51%2C46%2C73%2C68%2C23%2C104(Line 107)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://protaxpayouts.com/v4/?efclick=1916d551a1654a14b9c37d48dbef95fd&aid=52
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bml2.co
cdn.jsdelivr.net
connect.facebook.net
create.leadid.com
create.lidstatic.com
cskxxvg2.r.us-west-2.awstrack.me
d1muf25xaso8hp.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
ipv4.geojs.io
protaxpayouts.com
script.hotjar.com
setc.bluefunding.com
static.hotjar.com
www.bls29trk.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.m19dtrk.com
104.19.240.93
108.138.106.101
108.138.125.145
13.225.66.230
138.197.49.164
18.164.96.87
18.205.129.253
2600:9000:21da:1800:1c:37e5:3f40:21
2606:4700:10::ac43:29e5
2606:4700:3035::ac43:bd85
2607:f8b0:4006:80b::200e
2607:f8b0:4006:80e::2003
2607:f8b0:4006:80f::2008
2607:f8b0:4006:820::200a
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:600::485
34.102.180.111
34.117.6.58
35.81.112.107
44.219.134.219
0174cee09d6a15293b39e28858e70d6a39683517c9f90a1b1c101e843b4faf11
047e3259b6f0b42d781532fa122b2d8de9aed187d766fd45efcf119450eeb4c4
1288f027377141254f7ebc55961199aeb1b18df3c9fb8777429edaa5cc79e521
12c2a3a547ea0bebbce2351010f3d33915f617153126aea558503cc09f3450c8
163e0d400c210755460d75f97b54a5a4644f40a7a8d79c09a2c4de033c11a045
16ec133e2db0969ab924a6f5d9d4cd4db54c39264c3ac8b4d9dae1d61b9c7927
261e44bd5998183c1bde239149a4be112fd5afd76c1efb12da82f24cf20561d4
27532d9837b9943ee49dad09e51f6d2ae7e3746c8bc5979ed754b95e0cf85ed0
27860f51cd0f088ee0d7276ea8e009f56d5231811d9f2cbff52f83f3c403c399
2bf03e6e77410f67e366e8399b6c7292e37a9016c11b58ac8fba04399727d019
3a6733e85a8e7daed51893fb8c1ec84fcb06627dc8b78dc614ad85ca967a6501
450e62180e870526d437f065fa76a5d4e31517905e37a98184ef79b0fc2abd5b
536e0080feee86359e5a5e8e39b079d19bfd406c60635a43f2835e88da3a7c4f
6070b161eaea7b2dff35dd05dfd9d41d3955d8aa96283bd3e5c402640e6f07f2
60bf0aba6526436f3930c58c12047687fbb6bff4dd180cce4613458ed3439ea2
6170cbb07f456e9891d6a9cbb92961027d6733f50d51d7978be44bc4e0b2faae
61e3d08402e2d2ecb03cccc2324075441c67c7c5742102eccd1849f8e51996de
646b5f26a099a12f06e31038fa7d6de8677556f7994aea190c36303a9a3e287a
696eaad02011c009a8bb3e9c3796a2e6ecf85459bde131927893de69aea598ad
69b60dc7d60a21c721ae35cbdc2c21a535dbe6bb144cec4fe7f51c0747fde63c
6cdae06921b72c3eda7fb09d4aa41077aa8ba42a691ceb2a2fc61eef103e78f4
6ced6c3ed2531ea2fe7ad37c549fe58bddcd2c3fbe522cb477078beb8a8b74eb
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
75853ee46a0e4c897e8aba85c4bc92649b8d238d1ec54bb635e755087665cc4d
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f38486ecab114203dd690f99c093ee3593c4853aa7fd9565054863590e30250
83be7b2f504af2c948c5106fa907dc4224380a7b75a993a7bff52cd71ec8c7d3
857f395a6792ca75b75c3d369513c440a225109fd3e55fe7719d52150dc509e6
865a29016cdf521fefe0ea5a57850d520972657b60b35b887be09e9d0c9f1849
87d0b8e09129b3a04c34f9147232f466293db457f94716004a781ffe113ac67c
8a4422c15d2795bf2e533e825ce400f037c5ac359fc164953a9a175c5bdba54c
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
aa9ceea7e8155d7755cfbb8e07613fd88127a69e3f5904b4a967131508fa1f0c
af748dff16c7b49cce6f515dea95648e888cd5fb2d5aed38f83b86ec41e32789
afeb84dd7c988348a37cbd986bf1c6ee86353e3e210e4ccdf566fa2342c77ac8
b33e219e4d244197183878c99f1751bf6cdd3d73d4e0cc3df3b3fe91ba308187
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b6f498c5de3b002326b917d7191e1b5d05a3e0c68bf2a7b9c79aa7ae2e7f22d8
bae516e25e06b5e57d86574291ad7b4ce5250ff554bd3f123ec247ab551f8bf7
bee85665677a8310c3ae0b183621d88c62d021d6caaadc35dc49ff100275bafe
c3bdacf9461e18969932745ed91bfd8fef61aa92a71e534600ff94d8ace82bac
c8d906d488151fca48c286ed08783fbd72524a48ba0248c6c9974d234126c7bf
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
ce135cac82aeedf211bd7357c763b24c4e5302b7bd7decc21fff4a7be4be8f1b
d3f78e051d78d87c99e6b286503b34402e82e741415039790bb9e9eaabce7493
d60eaa57f1a257e354381326d3f193e898d12339557cac7fdcc01e84425a9452
d96e1e5fb733421bd3de02a418d5c6458706328d469871b840f602523c5d54a9
dc6d20ba246008c3d2cb192b9b42e70603806620f33aca3ea00046ddfc2088c5
dd444caec4a7753bb954eb068b9ca3814b972f2585c9f1757b419a612ffc7ca5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e74cc2aa8d4c66a7ed2ac0c6c68f56793c14d19ea3c3b6fcfb53a7e2bc0f75f0
ed59150544a982355fcb4cc4eacb98ecbbfbfb87a0645e29f45c45514fa2d9a9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
fd1c1ca3379b65fedc859d8cd23b958c89692a9ad0cb57bae0098922c2734cc8
fe18c0f79a8463e8524cabee6d606e063938e47dd33414394fa592a5ab87f1ba
fe7481706a55f66b10650b74deb04ed78564944007fd7dcf50638a369ea97665