urlscan.io logo urlscan.io
SecurityTrails logo

discountefile.efile1.com Open in urlscan Pro
2620:1ec:46::44  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cl.exct.net/?qs=6c2f3e33bd3bf0fdb6771c24f618283cacbbcd6d1eb5d7af9bc2f6d8ebd7710e1efc94b3c6c8928fb763233029a6...
Effective URL: https://discountefile.efile1.com/
Submission: On March 30 via manual from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 11 domains to perform 54 HTTP transactions. The main IP is 2620:1ec:46::44, located in United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is discountefile.efile1.com.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on October 19th 2021. Valid for: a year.
This is the only time discountefile.efile1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
6 2620:1ec:46::44 8068 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.16.114.53 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.201.112.186 15169 (GOOGLE)
10 93.184.220.42 15133 (EDGECAST)
1 35.186.194.58 15169 (GOOGLE)
3 34.96.127.16 15169 (GOOGLE)
14 40.79.154.192 8075 (MICROSOFT...)
7 23.75.227.23 16625 (AKAMAI-AS)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
54 15
1    2a02:26f0:3500:595::416d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cl.exct.net
6    2620:1ec:46::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
discountefile.efile1.com
2    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    104.16.114.53 (None, )

ASN13335 (CLOUDFLARENET, US)
js.recurly.com
1    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:2156:d600:1f:aa31:7740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.pendo.io
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    35.201.112.186 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com
edge.fullstory.com
10    93.184.220.42 (London, United Kingdom)

ASN15133 (EDGECAST, US)
static.olark.com
1    35.186.194.58 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 58.194.186.35.bc.googleusercontent.com
rs.fullstory.com
3    34.96.127.16 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 16.127.96.34.bc.googleusercontent.com
nrpc.olark.com
api.olark.com
log.olark.com
14    40.79.154.192 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adminapi.formstax.com
excaliburapi.formstax.com
7    23.75.227.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-227-23.deploy.static.akamaitechnologies.com
cdn.formstax.com
3    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:82f::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
app.pendo.io
Apex Domain
Subdomains		 Transfer
21 formstax.com
adminapi.formstax.com
excaliburapi.formstax.com
cdn.formstax.com
1 MB
13 olark.com
static.olark.com — Cisco Umbrella Rank: 12494
nrpc.olark.com — Cisco Umbrella Rank: 22847
api.olark.com — Cisco Umbrella Rank: 14132
log.olark.com — Cisco Umbrella Rank: 13575
439 KB
6 efile1.com
discountefile.efile1.com
3 MB
3 gstatic.com
fonts.gstatic.com
51 KB
3 pendo.io
cdn.pendo.io — Cisco Umbrella Rank: 1199
app.pendo.io — Cisco Umbrella Rank: 1708
142 KB
2 fullstory.com
edge.fullstory.com — Cisco Umbrella Rank: 2609
rs.fullstory.com — Cisco Umbrella Rank: 2319
70 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45
2 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
20 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 70
61 KB
1 recurly.com
js.recurly.com — Cisco Umbrella Rank: 16937
81 KB
1 exct.net
cl.exct.net — Cisco Umbrella Rank: 37467
304 B
54 11
Domain Requested by
12 excaliburapi.formstax.com discountefile.efile1.com
10 static.olark.com discountefile.efile1.com
srcdoc
static.olark.com
7 cdn.formstax.com
6 discountefile.efile1.com discountefile.efile1.com
3 fonts.gstatic.com fonts.googleapis.com
2 app.pendo.io discountefile.efile1.com
2 adminapi.formstax.com discountefile.efile1.com
2 fonts.googleapis.com discountefile.efile1.com
1 log.olark.com
1 api.olark.com static.olark.com
1 nrpc.olark.com static.olark.com
1 rs.fullstory.com edge.fullstory.com
1 edge.fullstory.com discountefile.efile1.com
1 www.google-analytics.com www.googletagmanager.com
1 cdn.pendo.io discountefile.efile1.com
1 www.googletagmanager.com discountefile.efile1.com
1 js.recurly.com discountefile.efile1.com
1 cl.exct.net 1 redirects
54 18

This site contains no links.

Subject Issuer Validity Valid
*.efile1.com
GeoTrust TLS RSA CA G1		 2021-10-19 -
2022-11-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.recurly.com
DigiCert SHA2 High Assurance Server CA		 2020-04-21 -
2022-06-03		 2 years crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
cdn.pendo.io
Amazon		 2021-08-29 -
2022-09-27		 a year crt.sh
edge.fullstory.com
GTS CA 1D4		 2022-02-14 -
2022-05-15		 3 months crt.sh
s2.wac.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-09 -
2022-11-30		 a year crt.sh
*.fullstory.com
R3		 2022-02-14 -
2022-05-15		 3 months crt.sh
*.olark.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-09-20 -
2022-10-21		 a year crt.sh
*.formstax.com
GeoTrust RSA CA 2018		 2020-06-17 -
2022-07-22		 2 years crt.sh
www.taylortechservices.com
GeoTrust RSA CA 2018		 2021-06-27 -
2022-07-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
app.pendo.io
GTS CA 1D4		 2022-02-01 -
2022-05-02		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://discountefile.efile1.com/
Frame ID: 441F4CACFCAEFD43DB8A7CBD34C8818D
Requests: 37 HTTP requests in this frame

Frame: https://static.olark.com/jsclient/loader0.js
Frame ID: 2CDD3C5AC8DA7B30DCCA686D412271E7
Requests: 1 HTTP requests in this frame

Frame: https://static.olark.com/jsclient/app.js
Frame ID: A3A68F2831ED348E24F9504657FFE967
Requests: 7 HTTP requests in this frame

Frame: https://static.olark.com/jsclient-bucket3/storage.html?v=1647537480776
Frame ID: 041D7CC6EA86446EFD439815556FC8CD
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Discount e-FileRequired AsteriskRequired AsteriskOlark launch button clip path

Page URL History Show full URLs

  1. https://cl.exct.net/?qs=6c2f3e33bd3bf0fdb6771c24f618283cacbbcd6d1eb5d7af9bc2f6d8ebd7710e1efc94b3... HTTP 302
    https://discountefile.efile1.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • js\.recurly\.com
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Page Statistics

54
Requests

98 %
HTTPS

53 %
IPv6

11
Domains

18
Subdomains

15
IPs

4
Countries

4870 kB
Transfer

15249 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cl.exct.net/?qs=6c2f3e33bd3bf0fdb6771c24f618283cacbbcd6d1eb5d7af9bc2f6d8ebd7710e1efc94b3c6c8928fb763233029a6654ecfce17818b2ddabb8f7200dd0b45893a HTTP 302
    https://discountefile.efile1.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
discountefile.efile1.com/
Redirect Chain
  • https://cl.exct.net/?qs=6c2f3e33bd3bf0fdb6771c24f618283cacbbcd6d1eb5d7af9bc2f6d8ebd7710e1efc94b3c6c8928fb763233029a6654ecfce17818b2ddabb8f7200dd0b45893a
  • https://discountefile.efile1.com/
2 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://discountefile.efile1.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
81697f7625fa52653b0558194c7dec439f182247470a0d4171a3374f7f85bc77
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-src 'self' https: static.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com static.olark.com js.recurly.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-SUB_ID.storage.googleapis.com data.pendo.io; script-src-elem data: 'unsafe-inline' 'self' https: www.googletagmanager.com www.google-analytics.com *.olark.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com; style-src 'self' 'unsafe-inline' fonts.gstatic.com fonts.googleapis.com *.olark.com www.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io cdn.pendo.io pendo-static-SUB_ID.storage.googleapis.com; font-src fonts.gstatic.com fonts.googleapis.com 'self' static.olark.com www.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com data:; img-src 'self' *.blob.core.windows.net cdn0.iconfinder.com cdn.formstaxqa.com cdn.formstax.com www.googletagmanager.com *.google-analytics.com *.olark.com rs.fullstory.com stats.g.doubleclick.net app.pendo.io pendo-static-SUB_ID.storage.googleapis.com data.pendo.io bat.bing.com data:; connect-src 'self' wss: devformstaxsignalr.service.signalr.net qaformstaxsignalr.service.signalr.net prodformstaxsignalr.service.signalr.net *.azurewebsites.net *.formstax.crdev.inet *.formstaxqa.com *.formstax.com api.recurly.com *.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io data.pendo.io pendo-static-SUB_ID.storage.googleapis.com; object-src 'none'; media-src *.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com; frame-ancestors app.pendo.io; child-src app.pendo.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-security-policy
default-src 'none'; frame-src 'self' https: static.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com static.olark.com js.recurly.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-SUB_ID.storage.googleapis.com data.pendo.io; script-src-elem data: 'unsafe-inline' 'self' https: www.googletagmanager.com www.google-analytics.com *.olark.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com; style-src 'self' 'unsafe-inline' fonts.gstatic.com fonts.googleapis.com *.olark.com www.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io cdn.pendo.io pendo-static-SUB_ID.storage.googleapis.com; font-src fonts.gstatic.com fonts.googleapis.com 'self' static.olark.com www.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com data:; img-src 'self' *.blob.core.windows.net cdn0.iconfinder.com cdn.formstaxqa.com cdn.formstax.com www.googletagmanager.com *.google-analytics.com *.olark.com rs.fullstory.com stats.g.doubleclick.net app.pendo.io pendo-static-SUB_ID.storage.googleapis.com data.pendo.io bat.bing.com data:; connect-src 'self' wss: devformstaxsignalr.service.signalr.net qaformstaxsignalr.service.signalr.net prodformstaxsignalr.service.signalr.net *.azurewebsites.net *.formstax.crdev.inet *.formstaxqa.com *.formstax.com api.recurly.com *.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io data.pendo.io pendo-static-SUB_ID.storage.googleapis.com; object-src 'none'; media-src *.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com; frame-ancestors app.pendo.io; child-src app.pendo.io;
content-type
text/html
date
Wed, 30 Mar 2022 15:28:00 GMT
etag
"1d83df4030e1366"
expires
0
last-modified
Tue, 22 Mar 2022 13:52:04 GMT
permissions-policy
fullscreen=(self), gyroscope=(), microphone=(), display-capture=(), camera=(), geolocation=(), sync-xhr=(self), accelerometer=(), autoplay=(), display-capture=(), document-domain=(), encrypted-media=(), magnetometer=(), midi=(), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), usb=(self),screen-wake-lock=(), web-share=(self), xr-spatial-tracking=()
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-azure-ref
0AHdEYgAAAACyc8KKxQafSZHk+/VFfIIvTFRTRURHRTEyMTQANTJkMzAwZmYtZWM1NC00MDliLWE5YjAtODNjOTVhMTg4MjQ5
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-frame-options
DENY
x-xss-protection
1; mode=block

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
149
Content-Type
text/html; charset=utf-8
Date
Wed, 30 Mar 2022 15:27:59 GMT
Expires
Wed, 30 Mar 2022 15:27:59 GMT
Location
https://discountefile.efile1.com
Pragma
no-cache
icon
fonts.googleapis.com/ 		2 KB
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material%20Icons%7CMaterial%20Icons%20Outlined%7CMaterial%20Icons%20Round
Requested by
Host: discountefile.efile1.com
URL: https://discountefile.efile1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a8ce2c5194e12befe6181273a440932158c39143d9732c9be1eee67325b3aea9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://discountefile.efile1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 30 Mar 2022 15:28:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 30 Mar 2022 15:28:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 30 Mar 2022 15:28:00 GMT
css
fonts.googleapis.com/ 		17 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700,800,900%7CNunito:300,400,600,700&display=swap
Requested by
Host: discountefile.efile1.com
URL: https://discountefile.efile1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
18e71eadd9c6f57625860c63699d554780def6ce05a646b482a2a1aa83cea5a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://discountefile.efile1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 30 Mar 2022 15:28:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 30 Mar 2022 15:28:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 30 Mar 2022 15:28:00 GMT
recurly.js
js.recurly.com/v4/ 		314 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.recurly.com/v4/recurly.js
Requested by
Host: discountefile.efile1.com
URL: https://discountefile.efile1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.114.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
100f8c6cd76e4ac97f38db5e1d96ca6997b62be036185c19e23c449e5856bfa3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://discountefile.efile1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 15:28:00 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
age
3581
last-modified
Fri, 25 Feb 2022 02:25:47 GMT
server
cloudflare
etag
W/"62183e2b-4e695"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 google
cache-control
public, max-age=14400
access-control-allow-credentials
false
cf-ray
6f41df6348ec4072-LHR
expires
Wed, 30 Mar 2022 19:28:00 GMT
styles.cfb4b7aa12a4d191d788.css
discountefile.efile1.com/ 		293 KB
78 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://discountefile.efile1.com/styles.cfb4b7aa12a4d191d788.css
Requested by
Host: discountefile.efile1.com
URL: https://discountefile.efile1.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c47fabbb2020685b3fb5182c50ac1f5b253f5cae95ebd62122715e4ab9d66ece
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-src 'self' https: static.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com static.olark.com js.recurly.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-SUB_ID.storage.googleapis.com data.pendo.io; script-src-elem data: 'unsafe-inline' 'self' https: www.googletagmanager.com www.google-analytics.com *.olark.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com; style-src 'self' 'unsafe-inline' fonts.gstatic.com fonts.googleapis.com *.olark.com www.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io cdn.pendo.io pendo-static-SUB_ID.storage.googleapis.com; font-src fonts.gstatic.com fonts.googleapis.com 'self' static.olark.com www.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com data:; img-src 'self' *.blob.core.windows.net cdn0.iconfinder.com cdn.formstaxqa.com cdn.formstax.com www.googletagmanager.com *.google-analytics.com *.olark.com rs.fullstory.com stats.g.doubleclick.net app.pendo.io pendo-static-SUB_ID.storage.googleapis.com data.pendo.io bat.bing.com data:; connect-src 'self' wss: devformstaxsignalr.service.signalr.net qaformstaxsignalr.service.signalr.net prodformstaxsignalr.service.signalr.net *.azurewebsites.net *.formstax.crdev.inet *.formstaxqa.com *.formstax.com api.recurly.com *.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io data.pendo.io pendo-static-SUB_ID.storage.googleapis.com; object-src 'none'; media-src *.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com; frame-ancestors app.pendo.io; child-src app.pendo.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://discountefile.efile1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
etag
"1d83df4030a8e44"
x-cache
CONFIG_NOCACHE
x-azure-ref
0AHdEYgAAAAARjSWTQIyQS6xAvwf7F9hoTFRTRURHRTEyMTQANTJkMzAwZmYtZWM1NC00MDliLWE5YjAtODNjOTVhMTg4MjQ5
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 22 Mar 2022 13:52:04 GMT
x-frame-options
DENY
date
Wed, 30 Mar 2022 15:28:00 GMT
vary
Accept-Encoding
content-type
text/css
cache-control
no-cache, no-store, must-revalidate
permissions-policy
fullscreen=(self), gyroscope=(), microphone=(), display-capture=(), camera=(), geolocation=(), sync-xhr=(self), accelerometer=(), autoplay=(), display-capture=(), document-domain=(), encrypted-media=(), magnetometer=(), midi=(), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), usb=(self),screen-wake-lock=(), web-share=(self), xr-spatial-tracking=()
content-security-policy
default-src 'none'; frame-src 'self' https: static.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com static.olark.com js.recurly.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-SUB_ID.storage.googleapis.com data.pendo.io; script-src-elem data: 'unsafe-inline' 'self' https: www.googletagmanager.com www.google-analytics.com *.olark.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com; style-src 'self' 'unsafe-inline' fonts.gstatic.com fonts.googleapis.com *.olark.com www.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io cdn.pendo.io pendo-static-SUB_ID.storage.googleapis.com; font-src fonts.gstatic.com fonts.googleapis.com 'self' static.olark.com www.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com data:; img-src 'self' *.blob.core.windows.net cdn0.iconfinder.com cdn.formstaxqa.com cdn.formstax.com www.googletagmanager.com *.google-analytics.com *.olark.com rs.fullstory.com stats.g.doubleclick.net app.pendo.io pendo-static-SUB_ID.storage.googleapis.com data.pendo.io bat.bing.com data:; connect-src 'self' wss: devformstaxsignalr.service.signalr.net qaformstaxsignalr.service.signalr.net prodformstaxsignalr.service.signalr.net *.azurewebsites.net *.formstax.crdev.inet *.formstaxqa.com *.formstax.com api.recurly.com *.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io data.pendo.io pendo-static-SUB_ID.storage.googleapis.com; object-src 'none'; media-src *.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com; frame-ancestors app.pendo.io; child-src app.pendo.io;
accept-ranges
bytes
x-content-type-options
nosniff
expires
0
runtime.7d9d4678f9511567f211.js
discountefile.efile1.com/ 		1 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://discountefile.efile1.com/runtime.7d9d4678f9511567f211.js
Requested by
Host: discountefile.efile1.com
URL: https://discountefile.efile1.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
6c5acbb82a46a4971660f65131241dffcc28828f4dbd76b8ec7bab0b468250f8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-src 'self' https: static.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com static.olark.com js.recurly.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-SUB_ID.storage.googleapis.com data.pendo.io; script-src-elem data: 'unsafe-inline' 'self' https: www.googletagmanager.com www.google-analytics.com *.olark.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com; style-src 'self' 'unsafe-inline' fonts.gstatic.com fonts.googleapis.com *.olark.com www.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io cdn.pendo.io pendo-static-SUB_ID.storage.googleapis.com; font-src fonts.gstatic.com fonts.googleapis.com 'self' static.olark.com www.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com data:; img-src 'self' *.blob.core.windows.net cdn0.iconfinder.com cdn.formstaxqa.com cdn.formstax.com www.googletagmanager.com *.google-analytics.com *.olark.com rs.fullstory.com stats.g.doubleclick.net app.pendo.io pendo-static-SUB_ID.storage.googleapis.com data.pendo.io bat.bing.com data:; connect-src 'self' wss: devformstaxsignalr.service.signalr.net qaformstaxsignalr.service.signalr.net prodformstaxsignalr.service.signalr.net *.azurewebsites.net *.formstax.crdev.inet *.formstaxqa.com *.formstax.com api.recurly.com *.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io data.pendo.io pendo-static-SUB_ID.storage.googleapis.com; object-src 'none'; media-src *.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com; frame-ancestors app.pendo.io; child-src app.pendo.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://discountefile.efile1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
etag
"1d83df4030e1fcd"
x-cache
CONFIG_NOCACHE
x-azure-ref
0AHdEYgAAAAA6WPGuOPweR4Ibx6siqvwvTFRTRURHRTEyMTQANTJkMzAwZmYtZWM1NC00MDliLWE5YjAtODNjOTVhMTg4MjQ5
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 22 Mar 2022 13:52:04 GMT
x-frame-options
DENY
date
Wed, 30 Mar 2022 15:28:00 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
permissions-policy
fullscreen=(self), gyroscope=(), microphone=(), display-capture=(), camera=(), geolocation=(), sync-xhr=(self), accelerometer=(), autoplay=(), display-capture=(), document-domain=(), encrypted-media=(), magnetometer=(), midi=(), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), usb=(self),screen-wake-lock=(), web-share=(self), xr-spatial-tracking=()
content-security-policy
default-src 'none'; frame-src 'self' https: static.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com static.olark.com js.recurly.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-SUB_ID.storage.googleapis.com data.pendo.io; script-src-elem data: 'unsafe-inline' 'self' https: www.googletagmanager.com www.google-analytics.com *.olark.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com; style-src 'self' 'unsafe-inline' fonts.gstatic.com fonts.googleapis.com *.olark.com www.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io cdn.pendo.io pendo-static-SUB_ID.storage.googleapis.com; font-src fonts.gstatic.com fonts.googleapis.com 'self' static.olark.com www.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com data:; img-src 'self' *.blob.core.windows.net cdn0.iconfinder.com cdn.formstaxqa.com cdn.formstax.com www.googletagmanager.com *.google-analytics.com *.olark.com rs.fullstory.com stats.g.doubleclick.net app.pendo.io pendo-static-SUB_ID.storage.googleapis.com data.pendo.io bat.bing.com data:; connect-src 'self' wss: devformstaxsignalr.service.signalr.net qaformstaxsignalr.service.signalr.net prodformstaxsignalr.service.signalr.net *.azurewebsites.net *.formstax.crdev.inet *.formstaxqa.com *.formstax.com api.recurly.com *.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io data.pendo.io pendo-static-SUB_ID.storage.googleapis.com; object-src 'none'; media-src *.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com; frame-ancestors app.pendo.io; child-src app.pendo.io;
accept-ranges
bytes
x-content-type-options
nosniff
expires
0
polyfills.b1ce7a0814935c76afc7.js
discountefile.efile1.com/ 		348 KB
147 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://discountefile.efile1.com/polyfills.b1ce7a0814935c76afc7.js
Requested by
Host: discountefile.efile1.com
URL: https://discountefile.efile1.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
989bb90fd51b49f2db648560a36ac7b01327e796872df241432fdb4993b54b80
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-src 'self' https: static.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com static.olark.com js.recurly.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-SUB_ID.storage.googleapis.com data.pendo.io; script-src-elem data: 'unsafe-inline' 'self' https: www.googletagmanager.com www.google-analytics.com *.olark.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com; style-src 'self' 'unsafe-inline' fonts.gstatic.com fonts.googleapis.com *.olark.com www.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io cdn.pendo.io pendo-static-SUB_ID.storage.googleapis.com; font-src fonts.gstatic.com fonts.googleapis.com 'self' static.olark.com www.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com data:; img-src 'self' *.blob.core.windows.net cdn0.iconfinder.com cdn.formstaxqa.com cdn.formstax.com www.googletagmanager.com *.google-analytics.com *.olark.com rs.fullstory.com stats.g.doubleclick.net app.pendo.io pendo-static-SUB_ID.storage.googleapis.com data.pendo.io bat.bing.com data:; connect-src 'self' wss: devformstaxsignalr.service.signalr.net qaformstaxsignalr.service.signalr.net prodformstaxsignalr.service.signalr.net *.azurewebsites.net *.formstax.crdev.inet *.formstaxqa.com *.formstax.com api.recurly.com *.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io data.pendo.io pendo-static-SUB_ID.storage.googleapis.com; object-src 'none'; media-src *.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com; frame-ancestors app.pendo.io; child-src app.pendo.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://discountefile.efile1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
etag
"1d83df4030b6b40"
x-cache
CONFIG_NOCACHE
x-azure-ref
0AHdEYgAAAADQorWYp+9RTaq9K4gtchnyTFRTRURHRTEyMTQANTJkMzAwZmYtZWM1NC00MDliLWE5YjAtODNjOTVhMTg4MjQ5
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 22 Mar 2022 13:52:04 GMT
x-frame-options
DENY
date
Wed, 30 Mar 2022 15:28:00 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
permissions-policy
fullscreen=(self), gyroscope=(), microphone=(), display-capture=(), camera=(), geolocation=(), sync-xhr=(self), accelerometer=(), autoplay=(), display-capture=(), document-domain=(), encrypted-media=(), magnetometer=(), midi=(), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), usb=(self),screen-wake-lock=(), web-share=(self), xr-spatial-tracking=()
content-security-policy
default-src 'none'; frame-src 'self' https: static.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com static.olark.com js.recurly.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-SUB_ID.storage.googleapis.com data.pendo.io; script-src-elem data: 'unsafe-inline' 'self' https: www.googletagmanager.com www.google-analytics.com *.olark.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com; style-src 'self' 'unsafe-inline' fonts.gstatic.com fonts.googleapis.com *.olark.com www.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io cdn.pendo.io pendo-static-SUB_ID.storage.googleapis.com; font-src fonts.gstatic.com fonts.googleapis.com 'self' static.olark.com www.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com data:; img-src 'self' *.blob.core.windows.net cdn0.iconfinder.com cdn.formstaxqa.com cdn.formstax.com www.googletagmanager.com *.google-analytics.com *.olark.com rs.fullstory.com stats.g.doubleclick.net app.pendo.io pendo-static-SUB_ID.storage.googleapis.com data.pendo.io bat.bing.com data:; connect-src 'self' wss: devformstaxsignalr.service.signalr.net qaformstaxsignalr.service.signalr.net prodformstaxsignalr.service.signalr.net *.azurewebsites.net *.formstax.crdev.inet *.formstaxqa.com *.formstax.com api.recurly.com *.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io data.pendo.io pendo-static-SUB_ID.storage.googleapis.com; object-src 'none'; media-src *.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com; frame-ancestors app.pendo.io; child-src app.pendo.io;
accept-ranges
bytes
x-content-type-options
nosniff
expires
0
main.c9bffdc57cc4993899e0.js
discountefile.efile1.com/ 		10 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://discountefile.efile1.com/main.c9bffdc57cc4993899e0.js
Requested by
Host: discountefile.efile1.com
URL: https://discountefile.efile1.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
d8aab579b0928b3175cc95a6cfa6fdf7f563ef97b3c7e4d1bd603ca3c7c6c7d8
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-src 'self' https: static.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com static.olark.com js.recurly.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-SUB_ID.storage.googleapis.com data.pendo.io; script-src-elem data: 'unsafe-inline' 'self' https: www.googletagmanager.com www.google-analytics.com *.olark.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com; style-src 'self' 'unsafe-inline' fonts.gstatic.com fonts.googleapis.com *.olark.com www.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io cdn.pendo.io pendo-static-SUB_ID.storage.googleapis.com; font-src fonts.gstatic.com fonts.googleapis.com 'self' static.olark.com www.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com data:; img-src 'self' *.blob.core.windows.net cdn0.iconfinder.com cdn.formstaxqa.com cdn.formstax.com www.googletagmanager.com *.google-analytics.com *.olark.com rs.fullstory.com stats.g.doubleclick.net app.pendo.io pendo-static-SUB_ID.storage.googleapis.com data.pendo.io bat.bing.com data:; connect-src 'self' wss: devformstaxsignalr.service.signalr.net qaformstaxsignalr.service.signalr.net prodformstaxsignalr.service.signalr.net *.azurewebsites.net *.formstax.crdev.inet *.formstaxqa.com *.formstax.com api.recurly.com *.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io data.pendo.io pendo-static-SUB_ID.storage.googleapis.com; object-src 'none'; media-src *.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com; frame-ancestors app.pendo.io; child-src app.pendo.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://discountefile.efile1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
etag
"1d83df40391ff37"
x-cache
CONFIG_NOCACHE
x-azure-ref
0AHdEYgAAAAB/lPTyuXsBTL3LSbgyLJZgTFRTRURHRTEyMTQANTJkMzAwZmYtZWM1NC00MDliLWE5YjAtODNjOTVhMTg4MjQ5
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
last-modified
Tue, 22 Mar 2022 13:52:04 GMT
x-frame-options
DENY
date
Wed, 30 Mar 2022 15:28:00 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate
permissions-policy
fullscreen=(self), gyroscope=(), microphone=(), display-capture=(), camera=(), geolocation=(), sync-xhr=(self), accelerometer=(), autoplay=(), display-capture=(), document-domain=(), encrypted-media=(), magnetometer=(), midi=(), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), usb=(self),screen-wake-lock=(), web-share=(self), xr-spatial-tracking=()
content-security-policy
default-src 'none'; frame-src 'self' https: static.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com static.olark.com js.recurly.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-SUB_ID.storage.googleapis.com data.pendo.io; script-src-elem data: 'unsafe-inline' 'self' https: www.googletagmanager.com www.google-analytics.com *.olark.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com; style-src 'self' 'unsafe-inline' fonts.gstatic.com fonts.googleapis.com *.olark.com www.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io cdn.pendo.io pendo-static-SUB_ID.storage.googleapis.com; font-src fonts.gstatic.com fonts.googleapis.com 'self' static.olark.com www.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com data:; img-src 'self' *.blob.core.windows.net cdn0.iconfinder.com cdn.formstaxqa.com cdn.formstax.com www.googletagmanager.com *.google-analytics.com *.olark.com rs.fullstory.com stats.g.doubleclick.net app.pendo.io pendo-static-SUB_ID.storage.googleapis.com data.pendo.io bat.bing.com data:; connect-src 'self' wss: devformstaxsignalr.service.signalr.net qaformstaxsignalr.service.signalr.net prodformstaxsignalr.service.signalr.net *.azurewebsites.net *.formstax.crdev.inet *.formstaxqa.com *.formstax.com api.recurly.com *.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io data.pendo.io pendo-static-SUB_ID.storage.googleapis.com; object-src 'none'; media-src *.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com; frame-ancestors app.pendo.io; child-src app.pendo.io;
accept-ranges
bytes
x-content-type-options
nosniff
expires
0
gtm.js
www.googletagmanager.com/ 		175 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-52385F
Requested by
Host: discountefile.efile1.com
URL: https://discountefile.efile1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
89602c5b9eb48450360e8710fa8fdccce14683fc9158156b00a49e16e3884bea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://discountefile.efile1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 15:28:00 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61477
x-xss-protection
0
last-modified
Wed, 30 Mar 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 30 Mar 2022 15:28:00 GMT
pendo.js
cdn.pendo.io/agent/static/3e8a2ad7-4492-4712-4a37-0c39beeb1d44/ 		454 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pendo.io/agent/static/3e8a2ad7-4492-4712-4a37-0c39beeb1d44/pendo.js
Requested by
Host: discountefile.efile1.com
URL: https://discountefile.efile1.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:d600:1f:aa31:7740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c63f15faf154ba51aa194bdf814fa306301b2689d636d9e024d65905f9ab8f88

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://discountefile.efile1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 30 Mar 2022 15:28:00 GMT
Content-Encoding
gzip
X-Amz-Cf-Pop
FRA50-C1
X-GUploader-UploadID
ADPycduiXs18OVHQSnwyoY1Z6_iXOyZ7xZXNL19Cdg2Dwxag3wXmY6LdrGkxyOqlx93Vooz2IFCb9y7dJwuHLSDkzTU
X-Cache
RefreshHit from cloudfront
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
Connection
keep-alive
Content-Length
143207
Access-Control-Allow-Origin
*
Last-Modified
Thu, 24 Mar 2022 19:12:12 GMT
Server
UploadServer
ETag
"67128d6755a9b05cbd6db8fb25d609b1"
Vary
Accept-Encoding
x-goog-hash
crc32c=V9y2EA==, md5=ZxKNZ1WpsFy9bbj7JdYJsQ==
x-goog-generation
1648149131912488
Via
1.1 5317564e96c9dceb46123f6c5f149a02.cloudfront.net (CloudFront)
Access-Control-Expose-Headers
*
Cache-Control
max-age=450
x-goog-stored-content-length
143207
Accept-Ranges
bytes
Content-Type
application/javascript
X-Amz-Cf-Id
U5UBH7eWIkAMFYeDc_wu-XTl3bArlHnkLmimzzLnzzTxMmSXQtdF-A==
Expires
Wed, 30 Mar 2022 15:35:30 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52385F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://discountefile.efile1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4994
date
Wed, 30 Mar 2022 14:04:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 30 Mar 2022 16:04:46 GMT
fs.js
edge.fullstory.com/s/ 		230 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: discountefile.efile1.com
URL: https://discountefile.efile1.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
f85c30f1a0c5b895ba2dc75ce3474d287b0038cdf928d930a2370cac1b3461f4

Request headers

Referer
https://discountefile.efile1.com/
Origin
https://discountefile.efile1.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 14:29:06 GMT
content-encoding
gzip
age
3534
x-guploader-uploadid
ADPycdu2HviogtS_LeQRkWnYg14QOCT0TJpkz7ENDpDaIgpVinzkcLMu7-hWx-uBHY_1PEEWI3qQdaI-symbQCRJReI
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70606
last-modified
Fri, 25 Mar 2022 17:37:10 GMT
server
UploadServer
etag
"6f466719eeaab287832bfb547629bc31"
x-goog-hash
crc32c=4bPeXg==, md5=b0ZnGe6qsoeDK/tUdim8MQ==
x-goog-generation
1648229829991712
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
70606
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 30 Mar 2022 15:29:06 GMT
loader0.js
static.olark.com/jsclient/ Frame 2CDD 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.olark.com/jsclient/loader0.js
Requested by
Host: discountefile.efile1.com
URL: https://discountefile.efile1.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/630B) /
Resource Hash
e4d08f877611f0c9211f3099d2bf66a57b97f4c8a03e4bc8f9dcc9299b4d09e7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://discountefile.efile1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 15:28:01 GMT
content-encoding
gzip
last-modified
Thu, 17 Mar 2022 17:20:55 GMT
server
ECS (lhb/630B)
age
1743
etag
"62336df7-224a"
vary
Accept-Encoding
x-cache
HIT
p3p
CP='Olark does not have a P3P policy. Learn why here: http://olark.com/p3p'
via
1.1 google
cache-control
max-age=2700
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
3152
expires
Wed, 30 Mar 2022 16:13:01 GMT
page
rs.fullstory.com/rec/ 		47 B
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rs.fullstory.com/rec/page
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.194.58 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
58.194.186.35.bc.googleusercontent.com
Software
/
Resource Hash
d9641d66fab819871b989c5dc091bec8f187217c81d25334ca7c128f2b2d1d36
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://discountefile.efile1.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 30 Mar 2022 15:28:01 GMT
via
1.1 google
x-content-type-options
nosniff
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://discountefile.efile1.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47
app.js
static.olark.com/jsclient/ Frame A3A6 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.olark.com/jsclient/app.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6299) /
Resource Hash
2346617a3ef2e01bb1a05ca6f4c4bd330b7abee6fb9e7e0ffb1bbd1ed81a20bd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://discountefile.efile1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 15:28:01 GMT
content-encoding
gzip
last-modified
Thu, 17 Mar 2022 17:21:11 GMT
server
ECS (lhb/6299)
age
3955
etag
W/"62336e07-db52"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=10800
accept-ranges
bytes
content-length
18639
via
1.1 google
expires
Wed, 30 Mar 2022 18:28:01 GMT
3176-841-10-8932.js
static.olark.com/a/assets/v0/site/ Frame A3A6 		16 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.olark.com/a/assets/v0/site/3176-841-10-8932.js?cb=1648654081097
Requested by
Host: static.olark.com
URL: https://static.olark.com/jsclient/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/636D) /
Resource Hash
a6192f0e27d41ad81b39b4da7fbe2d7bd2f5a380f72026bae4adafed594aeb96

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://discountefile.efile1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 15:28:01 GMT
via
1.1 google
last-modified
Wed, 30 Mar 2022 13:09:11 GMT
server
ECS (lhb/636D)
age
8330
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
accept-ranges
bytes
content-length
16779
c
nrpc.olark.com/nrpc/ Frame A3A6 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nrpc.olark.com/nrpc/c?c=create&s=3176-841-10-8932&v=pAiW2G1AqReOAjyI2V8BM0PkraAAYy6j&i=Z3aGtPexyh8HbHfw2V8BM0PA6AaY0kjb&g=ALL&q=precache0723864628182395&j=o0&version=loader-precache&xhttp=1&u=https%3A%2F%2Fdiscountefile.efile1.com%2F&r=&ca=false&ru=false&ae=
Requested by
Host: static.olark.com
URL: https://static.olark.com/jsclient/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.127.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
16.127.96.34.bc.googleusercontent.com
Software
TwistedWeb/21.2.0 /
Resource Hash
df583a5726521562945d365428c98e59e1e33c85a56f8a0703a0e7ef3bc719a4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://discountefile.efile1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 30 Mar 2022 15:28:01 GMT
via
1.1 google
last-modified
Wed, 30 Mar 2022 15:28:01 UTC
server
TwistedWeb/21.2.0
x-rpc
nrpc-http-7d46b89b95-jsgfh
access-control-allow-origin
*
cache-control
post-check=0, pre-check=0
content-disposition
inline; filename="rpc.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 26 Jul 1997 05:00:00 GMT
application2.js
static.olark.com/jsclient-bucket3/ Frame A3A6 		1 MB
309 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.olark.com/jsclient-bucket3/application2.js?v=1647537480776
Requested by
Host: static.olark.com
URL: https://static.olark.com/jsclient/app.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6391) /
Resource Hash
d5799c35c9cf7d1b576014e932e510053ff78adb26fe0453fbd341480786d857

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://discountefile.efile1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 15:28:01 GMT
content-encoding
gzip
last-modified
Thu, 17 Mar 2022 17:21:02 GMT
server
ECS (lhb/6391)
age
3244
etag
W/"62336dfe-11ecd7"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=10800
accept-ranges
bytes
content-length
316106
via
1.1 google
expires
Wed, 30 Mar 2022 18:28:01 GMT
storage.html
static.olark.com/jsclient-bucket3/ Frame 041D 		180 B
269 B 		Document
General
Check archive.org
Download Go to
Full URL
https://static.olark.com/jsclient-bucket3/storage.html?v=1647537480776
Requested by
Host: static.olark.com
URL: https://static.olark.com/jsclient-bucket3/application2.js?v=1647537480776
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/63A5) /
Resource Hash
a22662992fb807e0c84c85514bd032e04de946cbf6bd933448381f162e0a2a3d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://discountefile.efile1.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
3249
cache-control
max-age=10800
content-encoding
gzip
content-length
157
content-type
text/html; charset=utf-8
date
Wed, 30 Mar 2022 15:28:01 GMT
etag
"62336def-b4"
expires
Wed, 30 Mar 2022 18:28:01 GMT
last-modified
Thu, 17 Mar 2022 17:20:47 GMT
server
ECS (lhb/63A5)
vary
Accept-Encoding
via
1.1 google
x-cache
HIT
storage.js
static.olark.com/jsclient-bucket3/ Frame 041D 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.olark.com/jsclient-bucket3/storage.js?v=1647537480776
Requested by
Host: static.olark.com
URL: https://static.olark.com/jsclient-bucket3/storage.html?v=1647537480776
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/6287) /
Resource Hash
caa53054dc12f4194410b03956c943038cfc7963c54b95c2fcab47f2aecb6111

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://static.olark.com/jsclient-bucket3/storage.html?v=1647537480776
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 15:28:01 GMT
content-encoding
gzip
last-modified
Thu, 17 Mar 2022 17:20:47 GMT
server
ECS (lhb/6287)
age
3871
etag
W/"62336def-15d17"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=10800
accept-ranges
bytes
content-length
28656
via
1.1 google
expires
Wed, 30 Mar 2022 18:28:01 GMT
visits
api.olark.com/2.0/sites/3176-841-10-8932/ Frame A3A6 		112 B
419 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.olark.com/2.0/sites/3176-841-10-8932/visits?_callback=_olark_callback_c2a29453_34de_457a_b3a8_588573633a26&_method=POST&_data=%7B%22conversation_id%22%3A%22Z3aGtPexyh8HbHfw2V8BM0PA6AaY0kjb%22%2C%22cache%22%3A%220.9718945530126462%22%7D
Requested by
Host: static.olark.com
URL: https://static.olark.com/jsclient-bucket3/application2.js?v=1647537480776
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.127.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
16.127.96.34.bc.googleusercontent.com
Software
NotARealServer/1.33.7 /
Resource Hash
98caa1c7107090ef1354b6b6099ef4ca94ccd5f8adea99f5122753df4262309f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://discountefile.efile1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 15:28:01 GMT
via
1.1 google
server
NotARealServer/1.33.7
access-control-allow-headers
X-Access-Token, X-CSRF-Token, Content-Type, Authorization
access-control-max-age
432000
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH
content-type
application/javascript
access-control-allow-origin
*
content-disposition
inline; filename="api.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
olark-chimes.ogg
static.olark.com/jsclient/sounds/ Frame A3A6 		11 KB
11 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://static.olark.com/jsclient/sounds/olark-chimes.ogg
Requested by
Host: discountefile.efile1.com
URL: https://discountefile.efile1.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/63FA) /
Resource Hash
b1fa55944d393c97b9d9c938e639e532e95ccb046440b9adfffca4e1b0a2bcae

Request headers

Referer
https://discountefile.efile1.com/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Range
bytes=0-

Response headers

date
Wed, 30 Mar 2022 15:28:01 GMT
via
1.1 google
last-modified
Thu, 17 Mar 2022 17:20:55 GMT
server
ECS (lhb/63FA)
age
3857
etag
"62336df7-2a35"
x-cache
HIT
content-type
audio/ogg
access-control-allow-origin
*
cache-control
max-age=10800
Content-Range
bytes 0-10804/10805
accept-ranges
bytes
Content-Length
10805
expires
Wed, 30 Mar 2022 18:28:01 GMT
config
discountefile.efile1.com/ 		481 B
727 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://discountefile.efile1.com/config
Requested by
Host: discountefile.efile1.com
URL: https://discountefile.efile1.com/polyfills.b1ce7a0814935c76afc7.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
a56fcdb8108b0a5e51dbaece4f8dcfe50ee4032fd5725d1d1f6e021f50fff091
Security Headers
Name Value
Content-Security-Policy default-src 'none'; frame-src 'self' https: static.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com static.olark.com js.recurly.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-SUB_ID.storage.googleapis.com data.pendo.io; script-src-elem data: 'unsafe-inline' 'self' https: www.googletagmanager.com www.google-analytics.com *.olark.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com; style-src 'self' 'unsafe-inline' fonts.gstatic.com fonts.googleapis.com *.olark.com www.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io cdn.pendo.io pendo-static-SUB_ID.storage.googleapis.com; font-src fonts.gstatic.com fonts.googleapis.com 'self' static.olark.com www.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com data:; img-src 'self' *.blob.core.windows.net cdn0.iconfinder.com cdn.formstaxqa.com cdn.formstax.com www.googletagmanager.com *.google-analytics.com *.olark.com rs.fullstory.com stats.g.doubleclick.net app.pendo.io pendo-static-SUB_ID.storage.googleapis.com data.pendo.io bat.bing.com data:; connect-src 'self' wss: devformstaxsignalr.service.signalr.net qaformstaxsignalr.service.signalr.net prodformstaxsignalr.service.signalr.net *.azurewebsites.net *.formstax.crdev.inet *.formstaxqa.com *.formstax.com api.recurly.com *.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io data.pendo.io pendo-static-SUB_ID.storage.googleapis.com; object-src 'none'; media-src *.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com; frame-ancestors app.pendo.io; child-src app.pendo.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://discountefile.efile1.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
x-cache
CONFIG_NOCACHE
x-azure-ref
0AndEYgAAAACtQRFrRaSHR76B7+K0guY1TFRTRURHRTEyMTQANTJkMzAwZmYtZWM1NC00MDliLWE5YjAtODNjOTVhMTg4MjQ5
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
x-frame-options
DENY
date
Wed, 30 Mar 2022 15:28:02 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
permissions-policy
fullscreen=(self), gyroscope=(), microphone=(), display-capture=(), camera=(), geolocation=(), sync-xhr=(self), accelerometer=(), autoplay=(), display-capture=(), document-domain=(), encrypted-media=(), magnetometer=(), midi=(), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), usb=(self),screen-wake-lock=(), web-share=(self), xr-spatial-tracking=()
content-security-policy
default-src 'none'; frame-src 'self' https: static.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com static.olark.com js.recurly.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-SUB_ID.storage.googleapis.com data.pendo.io; script-src-elem data: 'unsafe-inline' 'self' https: www.googletagmanager.com www.google-analytics.com *.olark.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com; style-src 'self' 'unsafe-inline' fonts.gstatic.com fonts.googleapis.com *.olark.com www.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io cdn.pendo.io pendo-static-SUB_ID.storage.googleapis.com; font-src fonts.gstatic.com fonts.googleapis.com 'self' static.olark.com www.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com data:; img-src 'self' *.blob.core.windows.net cdn0.iconfinder.com cdn.formstaxqa.com cdn.formstax.com www.googletagmanager.com *.google-analytics.com *.olark.com rs.fullstory.com stats.g.doubleclick.net app.pendo.io pendo-static-SUB_ID.storage.googleapis.com data.pendo.io bat.bing.com data:; connect-src 'self' wss: devformstaxsignalr.service.signalr.net qaformstaxsignalr.service.signalr.net prodformstaxsignalr.service.signalr.net *.azurewebsites.net *.formstax.crdev.inet *.formstaxqa.com *.formstax.com api.recurly.com *.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io data.pendo.io pendo-static-SUB_ID.storage.googleapis.com; object-src 'none'; media-src *.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com; frame-ancestors app.pendo.io; child-src app.pendo.io;
expires
0
GetMessage
adminapi.formstax.com/api/siteMessage/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adminapi.formstax.com/api/siteMessage/GetMessage
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.192 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,eventsessionid,partnerid,subjectid
Access-Control-Request-Method
GET
Origin
https://discountefile.efile1.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
authorization,content-type,eventsessionid,partnerid,subjectid
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
https://discountefile.efile1.com
Cache-Control
no-cache, no-store, must-revalidate
Date
Wed, 30 Mar 2022 15:28:02 GMT
Expires
0
Permissions-Policy
fullscreen: 'self'; gyroscope: 'none'; legacy-image-formats: 'self'; layout-animations: 'self'; microphone 'none'; camera: 'none'; geolocation 'none'; sync-xhr: 'self'; usermedia 'self'; accelerometer 'none'; autoplay: 'none'; battery: 'none'; display-capture: 'none'; document-domain: 'none'; encrypted-media: 'none'; magnetometer: 'none'; midi: 'none'; oversied-images: 'self'; payment: 'self'; picture-in-picture: 'self'; publickey-credentials-get: 'self'; unoptimized-images: 'none'; unsized-media: 'self'; usb: 'self'; vibrate: 'none'; vr: 'none'; screen-wake-lock: 'none'; web-share: 'self'; xr-spatial-tracking: 'none'
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Request-Context
appId=cid-v1:ac3472d6-965a-48c4-8c7a-cc759c9c30ca
Vary
Origin
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
getpartnerinfo
excaliburapi.formstax.com/api/Account/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://excaliburapi.formstax.com/api/Account/getpartnerinfo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.192 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,eventsessionid,partnerid,subjectid
Access-Control-Request-Method
GET
Origin
https://discountefile.efile1.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
authorization,content-type,eventsessionid,partnerid,subjectid
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
https://discountefile.efile1.com
Cache-Control
no-cache, no-store, must-revalidate
Date
Wed, 30 Mar 2022 15:28:02 GMT
Expires
0
Permissions-Policy
fullscreen: 'self'; gyroscope: 'none'; legacy-image-formats: 'self'; layout-animations: 'self'; microphone 'none'; camera: 'none'; geolocation 'none'; sync-xhr: 'self'; usermedia 'self'; accelerometer 'none'; autoplay: 'none'; battery: 'none'; display-capture: 'none'; document-domain: 'none'; encrypted-media: 'none'; magnetometer: 'none'; midi: 'none'; oversied-images: 'self'; payment: 'self'; picture-in-picture: 'self'; publickey-credentials-get: 'self'; unoptimized-images: 'none'; unsized-media: 'self'; usb: 'self'; vibrate: 'none'; vr: 'none'; screen-wake-lock: 'none'; web-share: 'self'; xr-spatial-tracking: 'none'
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Request-Context
appId=cid-v1:8ee4fdd0-c866-4328-ab38-13ec82fa62d7
Vary
Origin
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
GetMessage
adminapi.formstax.com/api/siteMessage/ 		195 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://adminapi.formstax.com/api/siteMessage/GetMessage
Requested by
Host: discountefile.efile1.com
URL: https://discountefile.efile1.com/polyfills.b1ce7a0814935c76afc7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.192 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
4bf26bb470300bac6870aa338290c634d1978bfed3c35dea25b053418199ef89
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

SubjectId
Accept-Language
en-GB,en;q=0.9
Authorization
Content-Type
application/json
Accept
application/json, text/plain, application/pdf
Referer
https://discountefile.efile1.com/
EventSessionId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
PartnerId

Response headers

Strict-Transport-Security
max-age=2592000
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:ac3472d6-965a-48c4-8c7a-cc759c9c30ca
Pragma
no-cache,no-cache
Referrer-Policy
strict-origin-when-cross-origin
Date
Wed, 30 Mar 2022 15:28:03 GMT
Vary
Origin,Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://discountefile.efile1.com
Cache-Control
no-store,no-cache,no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Permissions-Policy
fullscreen: 'self'; gyroscope: 'none'; legacy-image-formats: 'self'; layout-animations: 'self'; microphone 'none'; camera: 'none'; geolocation 'none'; sync-xhr: 'self'; usermedia 'self'; accelerometer 'none'; autoplay: 'none'; battery: 'none'; display-capture: 'none'; document-domain: 'none'; encrypted-media: 'none'; magnetometer: 'none'; midi: 'none'; oversied-images: 'self'; payment: 'self'; picture-in-picture: 'self'; publickey-credentials-get: 'self'; unoptimized-images: 'none'; unsized-media: 'self'; usb: 'self'; vibrate: 'none'; vr: 'none'; screen-wake-lock: 'none'; web-share: 'self'; xr-spatial-tracking: 'none'
Expires
0
getpartnerinfo
excaliburapi.formstax.com/api/Account/ 		417 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://excaliburapi.formstax.com/api/Account/getpartnerinfo
Requested by
Host: discountefile.efile1.com
URL: https://discountefile.efile1.com/polyfills.b1ce7a0814935c76afc7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.192 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ab1da145fc820ea87160455377dbeddee4f125eebb4c52e661744bd0300540ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

SubjectId
Accept-Language
en-GB,en;q=0.9
Authorization
Content-Type
application/json
Accept
application/json, text/plain, application/pdf
Referer
https://discountefile.efile1.com/
EventSessionId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
PartnerId

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:8ee4fdd0-c866-4328-ab38-13ec82fa62d7
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Date
Wed, 30 Mar 2022 15:28:02 GMT
Vary
Origin,Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://discountefile.efile1.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Permissions-Policy
fullscreen: 'self'; gyroscope: 'none'; legacy-image-formats: 'self'; layout-animations: 'self'; microphone 'none'; camera: 'none'; geolocation 'none'; sync-xhr: 'self'; usermedia 'self'; accelerometer 'none'; autoplay: 'none'; battery: 'none'; display-capture: 'none'; document-domain: 'none'; encrypted-media: 'none'; magnetometer: 'none'; midi: 'none'; oversied-images: 'self'; payment: 'self'; picture-in-picture: 'self'; publickey-credentials-get: 'self'; unoptimized-images: 'none'; unsized-media: 'self'; usb: 'self'; vibrate: 'none'; vr: 'none'; screen-wake-lock: 'none'; web-share: 'self'; xr-spatial-tracking: 'none'
Expires
0
getpartnerinfo
excaliburapi.formstax.com/api/Account/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://excaliburapi.formstax.com/api/Account/getpartnerinfo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.192 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,eventsessionid,partnerid,subjectid
Access-Control-Request-Method
GET
Origin
https://discountefile.efile1.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
authorization,content-type,eventsessionid,partnerid,subjectid
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
https://discountefile.efile1.com
Cache-Control
no-cache, no-store, must-revalidate
Date
Wed, 30 Mar 2022 15:28:02 GMT
Expires
0
Permissions-Policy
fullscreen: 'self'; gyroscope: 'none'; legacy-image-formats: 'self'; layout-animations: 'self'; microphone 'none'; camera: 'none'; geolocation 'none'; sync-xhr: 'self'; usermedia 'self'; accelerometer 'none'; autoplay: 'none'; battery: 'none'; display-capture: 'none'; document-domain: 'none'; encrypted-media: 'none'; magnetometer: 'none'; midi: 'none'; oversied-images: 'self'; payment: 'self'; picture-in-picture: 'self'; publickey-credentials-get: 'self'; unoptimized-images: 'none'; unsized-media: 'self'; usb: 'self'; vibrate: 'none'; vr: 'none'; screen-wake-lock: 'none'; web-share: 'self'; xr-spatial-tracking: 'none'
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Request-Context
appId=cid-v1:8ee4fdd0-c866-4328-ab38-13ec82fa62d7
Vary
Origin
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
partner_hero_background.svg
cdn.formstax.com/images/backgrounds/ 		781 KB
593 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.formstax.com/images/backgrounds/partner_hero_background.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.227.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-227-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4dd03ee66177999b5abb459f3ddb7c20ffe6e747a9834a930cb9377787584352

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://discountefile.efile1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 15:28:02 GMT
content-encoding
gzip
last-modified
Thu, 05 Nov 2020 00:14:34 GMT
server
x-powered-by
etag
"a0afa2a38b3d61:0"
vary
Accept-Encoding
content-type
image/svg+xml
server-timing
cdn-cache; desc=HIT, edge; dur=15
accept-ranges
bytes
content-length
605319
pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v11/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v11/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700,800,900%7CNunito:300,400,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b125629b135235aea4609c07048a5a7671a9058910b632db5d69a0d09339ed4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://discountefile.efile1.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 19:37:58 GMT
x-content-type-options
nosniff
age
589804
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16840
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:16:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Mar 2023 19:37:58 GMT
green_circle_checkmark.svg
cdn.formstax.com/images/icons/ 		405 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.formstax.com/images/icons/green_circle_checkmark.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.227.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-227-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6942bd44b3391c6a121a9a692f3ab45013e619d36347b1fc6b3e196cb7234674

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://discountefile.efile1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 15:28:02 GMT
content-encoding
gzip
last-modified
Tue, 03 Nov 2020 18:01:34 GMT
server
x-powered-by
etag
"148d75dbb2d61:0"
vary
Accept-Encoding
content-type
image/svg+xml
server-timing
cdn-cache; desc=HIT, edge; dur=15
accept-ranges
bytes
content-length
258
pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v11/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v11/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700,800,900%7CNunito:300,400,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abf55d853f3bbe3a244ea8f3b8ed9b4127f028a096fefc942020a3605433d99a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://discountefile.efile1.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 19:37:59 GMT
x-content-type-options
nosniff
age
589803
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17108
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:15:13 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Mar 2023 19:37:59 GMT
pe03MImSLYBIv1o4X1M8cc8aBc5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v11/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v11/pe03MImSLYBIv1o4X1M8cc8aBc5tU1E.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700,800,900%7CNunito:300,400,600,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b913028cae336af75686538cf833779bac3d2e42701ac7800415dfe3d32a76d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://discountefile.efile1.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 23 Mar 2022 20:05:17 GMT
x-content-type-options
nosniff
age
588165
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17228
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:14:50 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 23 Mar 2023 20:05:17 GMT
getpartnerinfo
excaliburapi.formstax.com/api/Account/ 		417 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://excaliburapi.formstax.com/api/Account/getpartnerinfo
Requested by
Host: discountefile.efile1.com
URL: https://discountefile.efile1.com/polyfills.b1ce7a0814935c76afc7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.192 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ab1da145fc820ea87160455377dbeddee4f125eebb4c52e661744bd0300540ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

SubjectId
Accept-Language
en-GB,en;q=0.9
Authorization
Content-Type
application/json
Accept
application/json, text/plain, application/pdf
Referer
https://discountefile.efile1.com/
EventSessionId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
PartnerId

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:8ee4fdd0-c866-4328-ab38-13ec82fa62d7
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Date
Wed, 30 Mar 2022 15:28:03 GMT
Vary
Origin,Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://discountefile.efile1.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Permissions-Policy
fullscreen: 'self'; gyroscope: 'none'; legacy-image-formats: 'self'; layout-animations: 'self'; microphone 'none'; camera: 'none'; geolocation 'none'; sync-xhr: 'self'; usermedia 'self'; accelerometer 'none'; autoplay: 'none'; battery: 'none'; display-capture: 'none'; document-domain: 'none'; encrypted-media: 'none'; magnetometer: 'none'; midi: 'none'; oversied-images: 'self'; payment: 'self'; picture-in-picture: 'self'; publickey-credentials-get: 'self'; unoptimized-images: 'none'; unsized-media: 'self'; usb: 'self'; vibrate: 'none'; vr: 'none'; screen-wake-lock: 'none'; web-share: 'self'; xr-spatial-tracking: 'none'
Expires
0
getpartnerinfo
excaliburapi.formstax.com/api/Account/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://excaliburapi.formstax.com/api/Account/getpartnerinfo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.192 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,eventsessionid,partnerid,subjectid
Access-Control-Request-Method
GET
Origin
https://discountefile.efile1.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
authorization,content-type,eventsessionid,partnerid,subjectid
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
https://discountefile.efile1.com
Cache-Control
no-cache, no-store, must-revalidate
Date
Wed, 30 Mar 2022 15:28:02 GMT
Expires
0
Permissions-Policy
fullscreen: 'self'; gyroscope: 'none'; legacy-image-formats: 'self'; layout-animations: 'self'; microphone 'none'; camera: 'none'; geolocation 'none'; sync-xhr: 'self'; usermedia 'self'; accelerometer 'none'; autoplay: 'none'; battery: 'none'; display-capture: 'none'; document-domain: 'none'; encrypted-media: 'none'; magnetometer: 'none'; midi: 'none'; oversied-images: 'self'; payment: 'self'; picture-in-picture: 'self'; publickey-credentials-get: 'self'; unoptimized-images: 'none'; unsized-media: 'self'; usb: 'self'; vibrate: 'none'; vr: 'none'; screen-wake-lock: 'none'; web-share: 'self'; xr-spatial-tracking: 'none'
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Request-Context
appId=cid-v1:8ee4fdd0-c866-4328-ab38-13ec82fa62d7
Vary
Origin
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
getpartnerinfo
excaliburapi.formstax.com/api/Account/ 		417 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://excaliburapi.formstax.com/api/Account/getpartnerinfo
Requested by
Host: discountefile.efile1.com
URL: https://discountefile.efile1.com/polyfills.b1ce7a0814935c76afc7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.192 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ab1da145fc820ea87160455377dbeddee4f125eebb4c52e661744bd0300540ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

SubjectId
Accept-Language
en-GB,en;q=0.9
Authorization
Content-Type
application/json
Accept
application/json, text/plain, application/pdf
Referer
https://discountefile.efile1.com/
EventSessionId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
PartnerId

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:8ee4fdd0-c866-4328-ab38-13ec82fa62d7
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Date
Wed, 30 Mar 2022 15:28:02 GMT
Vary
Origin,Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://discountefile.efile1.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Permissions-Policy
fullscreen: 'self'; gyroscope: 'none'; legacy-image-formats: 'self'; layout-animations: 'self'; microphone 'none'; camera: 'none'; geolocation 'none'; sync-xhr: 'self'; usermedia 'self'; accelerometer 'none'; autoplay: 'none'; battery: 'none'; display-capture: 'none'; document-domain: 'none'; encrypted-media: 'none'; magnetometer: 'none'; midi: 'none'; oversied-images: 'self'; payment: 'self'; picture-in-picture: 'self'; publickey-credentials-get: 'self'; unoptimized-images: 'none'; unsized-media: 'self'; usb: 'self'; vibrate: 'none'; vr: 'none'; screen-wake-lock: 'none'; web-share: 'self'; xr-spatial-tracking: 'none'
Expires
0
hippa-training-badge10-orig.svg
cdn.formstax.com/images/logos/ 		16 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.formstax.com/images/logos/hippa-training-badge10-orig.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.227.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-227-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ef92827a8d38cee72d2a9e74a769a0e626a2f183ad9185208d2638b79a786460

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://discountefile.efile1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 15:28:03 GMT
content-encoding
gzip
last-modified
Wed, 09 Dec 2020 12:51:04 GMT
server
x-powered-by
etag
"4258bff429ced61:0"
vary
Accept-Encoding
content-type
image/svg+xml
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=21, origin; dur=662
accept-ranges
bytes
content-length
5507
socforserviceorganizationslogosos.jpg
cdn.formstax.com/images/logos/ 		40 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.formstax.com/images/logos/socforserviceorganizationslogosos.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.227.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-227-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2b5450152283298c088b3565fab45d392c6439ed6df9aac48c70840a524d65b5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://discountefile.efile1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 15:28:02 GMT
last-modified
Wed, 09 Dec 2020 12:51:06 GMT
server
x-powered-by
etag
"b8f597f529ced61:0"
content-type
image/jpeg
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
41364
IRS-transmitter-badge-blue.svg
cdn.formstax.com/images/logos/ 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.formstax.com/images/logos/IRS-transmitter-badge-blue.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.227.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-227-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
81e491c1eaeddce07b633fd637b56bd24150ea377f4f3311f1935454f9cd8db5

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://discountefile.efile1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 15:28:02 GMT
content-encoding
gzip
last-modified
Wed, 09 Dec 2020 12:51:05 GMT
server
x-powered-by
etag
"fe14f6f429ced61:0"
vary
Accept-Encoding
content-type
image/svg+xml
server-timing
cdn-cache; desc=HIT, edge; dur=1
accept-ranges
bytes
content-length
3449
3e8a2ad7-4492-4712-4a37-0c39beeb1d44
app.pendo.io/data/ptm.gif/ 		42 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.pendo.io/data/ptm.gif/3e8a2ad7-4492-4712-4a37-0c39beeb1d44?v=2.129.2_prod&ct=1648654082233&jzb=eJzNUl2L2zAQ_C96Nv6Q7eOctwOnNLmjPbgUCqUIxV4nCrJkJPmKG_Lfs3JCcHPXQh9S-hLi2d2Z2dF-2xM3dEBmRNSgnGgGEpC10T8sGOZEi5XkLru_y7P4nlKaBuRVWOG0YaLGoV7V0AgFNU7xqtK9cm8LvZGIbJ3r7CyKamHHPixLCMffJKx0G0m9EQrbO6M7S2Z7omXNflFjz_NP5We2Yh9KvX3MPma0-IoDvu-34n9r94AGuMEoVny9wJLqpQyIO32Qp-3yefe0ehh62HUS5sjTGN7CWJwbmvxslrZ6fCkWzpY-ycEB7pJmxSG4JN2C439MOf-XKZ-V_N83nNBy4VmnmNHSLzGFFCZwBUmuNj3feBgU-_Licz1bf1fpHQrruLvG8GmcAjPGPcUrA9wJrcrrkctzPlzEEapPbWkcxWlEY0r9oYCxyIAwDRNahJRhRDe6hzzJJ_cgNfc7_Cf34N2cPdA0Rp832J9m6eH7EVtLfNA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://discountefile.efile1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 15:28:02 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-max-age
600
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
access-control-allow-credentials
false
access-control-allow-headers
Origin,Accept,Content-Type,Authorization
content-length
42
3e8a2ad7-4492-4712-4a37-0c39beeb1d44
app.pendo.io/data/guide.json/ 		810 B
877 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.pendo.io/data/guide.json/3e8a2ad7-4492-4712-4a37-0c39beeb1d44?jzb=eJxtkLFuAyEMht-FOTou3NTbKnXpXHWOLHCvlsCcwGSp8u4xGU4VyYLQx-_vB_7MlSpJLp_BrKZxwB9iDOZkwPvcWJ54K1HJr8heV2sD1UdMjyNOj_U8-ZxszBuxxhMKBBAw61HVtzRqMQF18X9WcsQBMaQRReCtwdYx8uX7y9yOy79seqGoAjKyHYowPv-LLwhCmT_GEa3VGWR5P8oV6dt7bJntvFg3O6eKK5aqBsVuOru3yV32klVwuwMQk4VJ&v=2.129.2_prod&ct=1648654082235
Requested by
Host: discountefile.efile1.com
URL: https://discountefile.efile1.com/polyfills.b1ce7a0814935c76afc7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
2bd22a358a35366ad405813426557d58d5fd0f83ccecdad15d7174dad724bc1e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://discountefile.efile1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 15:28:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
*
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/json
via
1.1 google
access-control-max-age
600
access-control-allow-credentials
false
access-control-allow-headers
Origin,Accept,Content-Type,Authorization
theme.css
static.olark.com/jsclient/styles/cryptic-capybara/ 		165 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.olark.com/jsclient/styles/cryptic-capybara/theme.css
Requested by
Host: static.olark.com
URL: https://static.olark.com/jsclient-bucket3/application2.js?v=1647537480776
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/631E) /
Resource Hash
a6a690239715806bc8e4a978ee678c07c24ec3627aed2b39bcc06d8f2a3b3e8d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://discountefile.efile1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 15:28:02 GMT
content-encoding
gzip
last-modified
Thu, 17 Mar 2022 17:21:11 GMT
server
ECS (lhb/631E)
age
3935
etag
W/"62336e07-29593"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=10800
accept-ranges
bytes
content-length
19790
via
1.1 google
expires
Wed, 30 Mar 2022 18:28:02 GMT
log.png
log.olark.com/jslog/ 		2 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.olark.com/jslog/log.png?version=-bucket3&location=https%3A%2F%2Fdiscountefile.efile1.com%2Flogin&message=%23chatbox-size-md%20%23using_theme.cryptic_capybara%20%23using_theme%20&tabname=oktab6202445632087805&conversation_id=Z3aGtPexyh8HbHfw2V8BM0PA6AaY0kjb&visitor_id=pAiW2G1AqReOAjyI2V8BM0PkraAAYy6j&site_id=3176-841-10-8932&bucket=bucket3&level=count&timestamp=1648654082245&properties=%7B%7D&recent_logs=%5B%5D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.127.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
16.127.96.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://discountefile.efile1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 15:28:02 GMT
via
1.1 google
server
nginx
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain
favicon.ico
cdn.formstax.com/images/ Frame A3A6 		0
0
noto-sans-v11-latin-700.woff2
static.olark.com/jsclient/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.olark.com/jsclient/fonts/noto-sans-v11-latin-700.woff2
Requested by
Host: static.olark.com
URL: https://static.olark.com/jsclient/styles/cryptic-capybara/theme.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/631D) /
Resource Hash
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5

Request headers

Referer
https://static.olark.com/jsclient/styles/cryptic-capybara/theme.css
Origin
https://discountefile.efile1.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 15:28:02 GMT
via
1.1 google
last-modified
Thu, 17 Mar 2022 17:21:11 GMT
server
ECS (lhb/631D)
age
3924
etag
"62336e07-3f34"
x-cache
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=10800
accept-ranges
bytes
content-length
16180
expires
Wed, 30 Mar 2022 18:28:02 GMT
noto-sans-v11-latin-regular.woff2
static.olark.com/jsclient/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.olark.com/jsclient/fonts/noto-sans-v11-latin-regular.woff2
Requested by
Host: static.olark.com
URL: https://static.olark.com/jsclient/styles/cryptic-capybara/theme.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (lhb/630D) /
Resource Hash
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec

Request headers

Referer
https://static.olark.com/jsclient/styles/cryptic-capybara/theme.css
Origin
https://discountefile.efile1.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 15:28:02 GMT
via
1.1 google
last-modified
Thu, 17 Mar 2022 17:20:55 GMT
server
ECS (lhb/630D)
age
3897
etag
"62336df7-3eb8"
x-cache
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=10800
accept-ranges
bytes
content-length
16056
expires
Wed, 30 Mar 2022 18:28:02 GMT
discountefile
excaliburapi.formstax.com/api/Account/getpartnerfeaturebypartnerid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://excaliburapi.formstax.com/api/Account/getpartnerfeaturebypartnerid/discountefile
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.192 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,eventsessionid,partnerid,subjectid
Access-Control-Request-Method
GET
Origin
https://discountefile.efile1.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
authorization,content-type,eventsessionid,partnerid,subjectid
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
https://discountefile.efile1.com
Cache-Control
no-cache, no-store, must-revalidate
Date
Wed, 30 Mar 2022 15:28:02 GMT
Expires
0
Permissions-Policy
fullscreen: 'self'; gyroscope: 'none'; legacy-image-formats: 'self'; layout-animations: 'self'; microphone 'none'; camera: 'none'; geolocation 'none'; sync-xhr: 'self'; usermedia 'self'; accelerometer 'none'; autoplay: 'none'; battery: 'none'; display-capture: 'none'; document-domain: 'none'; encrypted-media: 'none'; magnetometer: 'none'; midi: 'none'; oversied-images: 'self'; payment: 'self'; picture-in-picture: 'self'; publickey-credentials-get: 'self'; unoptimized-images: 'none'; unsized-media: 'self'; usb: 'self'; vibrate: 'none'; vr: 'none'; screen-wake-lock: 'none'; web-share: 'self'; xr-spatial-tracking: 'none'
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Request-Context
appId=cid-v1:8ee4fdd0-c866-4328-ab38-13ec82fa62d7
Vary
Origin
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
discountefile
excaliburapi.formstax.com/api/Account/getpartnerfeaturebypartnerid/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://excaliburapi.formstax.com/api/Account/getpartnerfeaturebypartnerid/discountefile
Requested by
Host: discountefile.efile1.com
URL: https://discountefile.efile1.com/polyfills.b1ce7a0814935c76afc7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.192 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f448e5b7c48267eda0c0a52811de97bd64ada25f53586bce49b15d3f41f7ea34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

SubjectId
Accept-Language
en-GB,en;q=0.9
Authorization
Content-Type
application/json
Accept
application/json, text/plain, application/pdf
Referer
https://discountefile.efile1.com/
EventSessionId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
PartnerId
discountefile

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:8ee4fdd0-c866-4328-ab38-13ec82fa62d7
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Date
Wed, 30 Mar 2022 15:28:03 GMT
Vary
Origin,Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://discountefile.efile1.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Permissions-Policy
fullscreen: 'self'; gyroscope: 'none'; legacy-image-formats: 'self'; layout-animations: 'self'; microphone 'none'; camera: 'none'; geolocation 'none'; sync-xhr: 'self'; usermedia 'self'; accelerometer 'none'; autoplay: 'none'; battery: 'none'; display-capture: 'none'; document-domain: 'none'; encrypted-media: 'none'; magnetometer: 'none'; midi: 'none'; oversied-images: 'self'; payment: 'self'; picture-in-picture: 'self'; publickey-credentials-get: 'self'; unoptimized-images: 'none'; unsized-media: 'self'; usb: 'self'; vibrate: 'none'; vr: 'none'; screen-wake-lock: 'none'; web-share: 'self'; xr-spatial-tracking: 'none'
Expires
0
discountefile
excaliburapi.formstax.com/api/Account/getpartnerfeaturebypartnerid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://excaliburapi.formstax.com/api/Account/getpartnerfeaturebypartnerid/discountefile
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.192 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,eventsessionid,partnerid,subjectid
Access-Control-Request-Method
GET
Origin
https://discountefile.efile1.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
authorization,content-type,eventsessionid,partnerid,subjectid
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
https://discountefile.efile1.com
Cache-Control
no-cache, no-store, must-revalidate
Date
Wed, 30 Mar 2022 15:28:02 GMT
Expires
0
Permissions-Policy
fullscreen: 'self'; gyroscope: 'none'; legacy-image-formats: 'self'; layout-animations: 'self'; microphone 'none'; camera: 'none'; geolocation 'none'; sync-xhr: 'self'; usermedia 'self'; accelerometer 'none'; autoplay: 'none'; battery: 'none'; display-capture: 'none'; document-domain: 'none'; encrypted-media: 'none'; magnetometer: 'none'; midi: 'none'; oversied-images: 'self'; payment: 'self'; picture-in-picture: 'self'; publickey-credentials-get: 'self'; unoptimized-images: 'none'; unsized-media: 'self'; usb: 'self'; vibrate: 'none'; vr: 'none'; screen-wake-lock: 'none'; web-share: 'self'; xr-spatial-tracking: 'none'
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Request-Context
appId=cid-v1:8ee4fdd0-c866-4328-ab38-13ec82fa62d7
Vary
Origin
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
discountefile
excaliburapi.formstax.com/api/Account/getpartnerfeaturebypartnerid/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://excaliburapi.formstax.com/api/Account/getpartnerfeaturebypartnerid/discountefile
Requested by
Host: discountefile.efile1.com
URL: https://discountefile.efile1.com/polyfills.b1ce7a0814935c76afc7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.192 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f448e5b7c48267eda0c0a52811de97bd64ada25f53586bce49b15d3f41f7ea34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

SubjectId
Accept-Language
en-GB,en;q=0.9
Authorization
Content-Type
application/json
Accept
application/json, text/plain, application/pdf
Referer
https://discountefile.efile1.com/
EventSessionId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
PartnerId
discountefile

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:8ee4fdd0-c866-4328-ab38-13ec82fa62d7
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Date
Wed, 30 Mar 2022 15:28:03 GMT
Vary
Origin,Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://discountefile.efile1.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Permissions-Policy
fullscreen: 'self'; gyroscope: 'none'; legacy-image-formats: 'self'; layout-animations: 'self'; microphone 'none'; camera: 'none'; geolocation 'none'; sync-xhr: 'self'; usermedia 'self'; accelerometer 'none'; autoplay: 'none'; battery: 'none'; display-capture: 'none'; document-domain: 'none'; encrypted-media: 'none'; magnetometer: 'none'; midi: 'none'; oversied-images: 'self'; payment: 'self'; picture-in-picture: 'self'; publickey-credentials-get: 'self'; unoptimized-images: 'none'; unsized-media: 'self'; usb: 'self'; vibrate: 'none'; vr: 'none'; screen-wake-lock: 'none'; web-share: 'self'; xr-spatial-tracking: 'none'
Expires
0
partner_hero_business_woman.png
cdn.formstax.com/images/backgrounds/ 		682 KB
683 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.formstax.com/images/backgrounds/partner_hero_business_woman.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.227.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-227-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e473207f4dffdb3f041a6b93433453bb2bbb117fa6a05dea648f5c1ddccd1b65

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://discountefile.efile1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 15:28:03 GMT
last-modified
Wed, 04 Nov 2020 21:35:41 GMT
server
x-powered-by
etag
"aa11472f2b2d61:0"
content-type
image/png
server-timing
cdn-cache; desc=HIT, edge; dur=10
accept-ranges
bytes
content-length
698049
discountefile
excaliburapi.formstax.com/api/Account/getpartnerfeaturebypartnerid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://excaliburapi.formstax.com/api/Account/getpartnerfeaturebypartnerid/discountefile
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.192 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,eventsessionid,partnerid,subjectid
Access-Control-Request-Method
GET
Origin
https://discountefile.efile1.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
authorization,content-type,eventsessionid,partnerid,subjectid
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
https://discountefile.efile1.com
Cache-Control
no-cache, no-store, must-revalidate
Date
Wed, 30 Mar 2022 15:28:03 GMT
Expires
0
Permissions-Policy
fullscreen: 'self'; gyroscope: 'none'; legacy-image-formats: 'self'; layout-animations: 'self'; microphone 'none'; camera: 'none'; geolocation 'none'; sync-xhr: 'self'; usermedia 'self'; accelerometer 'none'; autoplay: 'none'; battery: 'none'; display-capture: 'none'; document-domain: 'none'; encrypted-media: 'none'; magnetometer: 'none'; midi: 'none'; oversied-images: 'self'; payment: 'self'; picture-in-picture: 'self'; publickey-credentials-get: 'self'; unoptimized-images: 'none'; unsized-media: 'self'; usb: 'self'; vibrate: 'none'; vr: 'none'; screen-wake-lock: 'none'; web-share: 'self'; xr-spatial-tracking: 'none'
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Request-Context
appId=cid-v1:8ee4fdd0-c866-4328-ab38-13ec82fa62d7
Vary
Origin
X-Content-Type-Options
nosniff
X-XSS-Protection
1; mode=block
discountefile
excaliburapi.formstax.com/api/Account/getpartnerfeaturebypartnerid/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://excaliburapi.formstax.com/api/Account/getpartnerfeaturebypartnerid/discountefile
Requested by
Host: discountefile.efile1.com
URL: https://discountefile.efile1.com/polyfills.b1ce7a0814935c76afc7.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.79.154.192 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
f448e5b7c48267eda0c0a52811de97bd64ada25f53586bce49b15d3f41f7ea34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

SubjectId
Accept-Language
en-GB,en;q=0.9
Authorization
Content-Type
application/json
Accept
application/json, text/plain, application/pdf
Referer
https://discountefile.efile1.com/
EventSessionId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
PartnerId
discountefile

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
X-XSS-Protection
1; mode=block
Request-Context
appId=cid-v1:8ee4fdd0-c866-4328-ab38-13ec82fa62d7
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Date
Wed, 30 Mar 2022 15:28:02 GMT
Vary
Origin,Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://discountefile.efile1.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Permissions-Policy
fullscreen: 'self'; gyroscope: 'none'; legacy-image-formats: 'self'; layout-animations: 'self'; microphone 'none'; camera: 'none'; geolocation 'none'; sync-xhr: 'self'; usermedia 'self'; accelerometer 'none'; autoplay: 'none'; battery: 'none'; display-capture: 'none'; document-domain: 'none'; encrypted-media: 'none'; magnetometer: 'none'; midi: 'none'; oversied-images: 'self'; payment: 'self'; picture-in-picture: 'self'; publickey-credentials-get: 'self'; unoptimized-images: 'none'; unsized-media: 'self'; usb: 'self'; vibrate: 'none'; vr: 'none'; screen-wake-lock: 'none'; web-share: 'self'; xr-spatial-tracking: 'none'
Expires
0
discountefile.png
cdn.formstax.com/partner/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.formstax.com/partner/discountefile.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.75.227.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-227-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0b22aa7bf70f3e06cad31b4e4dd7f170dc8c1f7162dbd6eda5b2707f727411c4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://discountefile.efile1.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 30 Mar 2022 15:28:04 GMT
last-modified
Fri, 18 Sep 2020 00:32:35 GMT
server
x-powered-by
etag
"d53f5534538dd61:0"
content-type
image/png
server-timing
cdn-cache; desc=MISS, edge; dur=11, origin; dur=883
accept-ranges
bytes
content-length
9940

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.formstax.com
URL
https://cdn.formstax.com/images/favicon.ico

Verdicts & Comments Add Verdict or Comment

182 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| recurly object| dataLayer object| pendo object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga boolean| _fs_debug string| _fs_host string| _fs_script string| _fs_org string| _fs_namespace function| FS function| olark object| webpackJsonp string| _fs_loaded function| _fs_shutdown object| gaplugins object| gaGlobal object| gaData function| setImmediate function| clearImmediate boolean| __Zone_enable_cross_context_check function| Zone function| __zone_symbol__Promise function| __zone_symbol__ZoneAwarePromise function| __zone_symbol__fetch function| __zone_symbol__legacyPatch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__setImmediate function| __zone_symbol__clearImmediate function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononmessageerrorpatched function| __zone_symbol__ON_PROPERTYfocus object| __zone_symbol__focusfalse function| __zone_symbol__ON_PROPERTYblur object| __zone_symbol__blurfalse object| __zone_symbol__mousemovefalse function| saveAs object| ng object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| __zone_symbol__resizefalse object| __zone_symbol__scrollfalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| __zone_symbol__unloadfalse object| __zone_symbol__messagefalse object| __zone_symbol__storagefalse function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

10 Cookies

Domain/Path Name / Value
discountefile.efile1.com/ Name: wcsid
Value: Z3aGtPexyh8HbHfw2V8BM0PA6AaY0kjb
discountefile.efile1.com/ Name: hblid
Value: pAiW2G1AqReOAjyI2V8BM0PkraAAYy6j
discountefile.efile1.com/ Name: _oklv
Value: 1648654081132%2CZ3aGtPexyh8HbHfw2V8BM0PA6AaY0kjb
discountefile.efile1.com/ Name: _okdetect
Value: %7B%22token%22%3A%2216486540812900%22%2C%22proto%22%3A%22about%3A%22%2C%22host%22%3A%22%22%7D
discountefile.efile1.com/ Name: olfsk
Value: olfsk5594544184662604
discountefile.efile1.com/ Name: _ok
Value: 3176-841-10-8932
discountefile.efile1.com/ Name: _okbk
Value: cd5%3Davailable%2Ccd4%3Dtrue%2Cvi5%3D0%2Cvi4%3D1648654081438%2Cvi3%3Dactive%2Cvi2%3Dfalse%2Cvi1%3Dfalse%2Ccd8%3Dchat%2Ccd6%3D0%2Ccd3%3Dfalse%2Ccd2%3D0%2Ccd1%3D0%2C
.discountefile.efile1.com/ Name: _ga
Value: GA1.3.1366937253.1648654081
.discountefile.efile1.com/ Name: _gid
Value: GA1.3.463564038.1648654081
.adminapi.formstax.com/ Name: ARRAffinitySameSite
Value: 71d2d7a8f4cd9d6a986c0a940d99dcaf7c4113839b6504e887305d018d93ada3

27 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security error URL: https://discountefile.efile1.com/
Message:
The source list for the Content Security Policy directive 'script-src' contains an invalid source: 'pendo-static-SUB_ID.storage.googleapis.com'. It will be ignored.
security error URL: https://discountefile.efile1.com/
Message:
The source list for the Content Security Policy directive 'style-src' contains an invalid source: 'pendo-static-SUB_ID.storage.googleapis.com'. It will be ignored.
security error URL: https://discountefile.efile1.com/
Message:
The source list for the Content Security Policy directive 'img-src' contains an invalid source: 'pendo-static-SUB_ID.storage.googleapis.com'. It will be ignored.
security error URL: https://discountefile.efile1.com/
Message:
The source list for the Content Security Policy directive 'connect-src' contains an invalid source: 'pendo-static-SUB_ID.storage.googleapis.com'. It will be ignored.
security error (Line 2)
Message:
The source list for the Content Security Policy directive 'script-src' contains an invalid source: 'pendo-static-SUB_ID.storage.googleapis.com'. It will be ignored.
security error (Line 2)
Message:
The source list for the Content Security Policy directive 'style-src' contains an invalid source: 'pendo-static-SUB_ID.storage.googleapis.com'. It will be ignored.
security error (Line 2)
Message:
The source list for the Content Security Policy directive 'img-src' contains an invalid source: 'pendo-static-SUB_ID.storage.googleapis.com'. It will be ignored.
security error (Line 2)
Message:
The source list for the Content Security Policy directive 'connect-src' contains an invalid source: 'pendo-static-SUB_ID.storage.googleapis.com'. It will be ignored.
security error (Line 2)
Message:
The source list for the Content Security Policy directive 'script-src' contains an invalid source: 'pendo-static-SUB_ID.storage.googleapis.com'. It will be ignored.
security error (Line 2)
Message:
The source list for the Content Security Policy directive 'style-src' contains an invalid source: 'pendo-static-SUB_ID.storage.googleapis.com'. It will be ignored.
security error (Line 2)
Message:
The source list for the Content Security Policy directive 'img-src' contains an invalid source: 'pendo-static-SUB_ID.storage.googleapis.com'. It will be ignored.
security error (Line 2)
Message:
The source list for the Content Security Policy directive 'connect-src' contains an invalid source: 'pendo-static-SUB_ID.storage.googleapis.com'. It will be ignored.
security error URL: https://static.olark.com/jsclient/loader0.js
Message:
The source list for the Content Security Policy directive 'script-src' contains an invalid source: 'pendo-static-SUB_ID.storage.googleapis.com'. It will be ignored.
security error URL: https://static.olark.com/jsclient/loader0.js
Message:
The source list for the Content Security Policy directive 'style-src' contains an invalid source: 'pendo-static-SUB_ID.storage.googleapis.com'. It will be ignored.
security error URL: https://static.olark.com/jsclient/loader0.js
Message:
The source list for the Content Security Policy directive 'img-src' contains an invalid source: 'pendo-static-SUB_ID.storage.googleapis.com'. It will be ignored.
security error URL: https://static.olark.com/jsclient/loader0.js
Message:
The source list for the Content Security Policy directive 'connect-src' contains an invalid source: 'pendo-static-SUB_ID.storage.googleapis.com'. It will be ignored.
security error URL: about:srcdoc
Message:
The source list for the Content Security Policy directive 'script-src' contains an invalid source: 'pendo-static-SUB_ID.storage.googleapis.com'. It will be ignored.
security error URL: about:srcdoc
Message:
The source list for the Content Security Policy directive 'style-src' contains an invalid source: 'pendo-static-SUB_ID.storage.googleapis.com'. It will be ignored.
security error URL: about:srcdoc
Message:
The source list for the Content Security Policy directive 'img-src' contains an invalid source: 'pendo-static-SUB_ID.storage.googleapis.com'. It will be ignored.
security error URL: about:srcdoc
Message:
The source list for the Content Security Policy directive 'connect-src' contains an invalid source: 'pendo-static-SUB_ID.storage.googleapis.com'. It will be ignored.
security error URL: https://static.olark.com/jsclient-bucket3/application2.js?v=1647537480776(Line 18)
Message:
The source list for the Content Security Policy directive 'script-src' contains an invalid source: 'pendo-static-SUB_ID.storage.googleapis.com'. It will be ignored.
security error URL: https://static.olark.com/jsclient-bucket3/application2.js?v=1647537480776(Line 18)
Message:
The source list for the Content Security Policy directive 'style-src' contains an invalid source: 'pendo-static-SUB_ID.storage.googleapis.com'. It will be ignored.
security error URL: https://static.olark.com/jsclient-bucket3/application2.js?v=1647537480776(Line 18)
Message:
The source list for the Content Security Policy directive 'img-src' contains an invalid source: 'pendo-static-SUB_ID.storage.googleapis.com'. It will be ignored.
security error URL: https://static.olark.com/jsclient-bucket3/application2.js?v=1647537480776(Line 18)
Message:
The source list for the Content Security Policy directive 'connect-src' contains an invalid source: 'pendo-static-SUB_ID.storage.googleapis.com'. It will be ignored.
javascript error URL: about:srcdoc
Message:
Access to image at 'https://cdn.formstax.com/images/favicon.ico' from origin 'https://discountefile.efile1.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdn.formstax.com/images/favicon.ico
Message:
Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'none'; frame-src 'self' https: static.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com www.google-analytics.com static.olark.com js.recurly.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io pendo-io-static.storage.googleapis.com cdn.pendo.io pendo-static-SUB_ID.storage.googleapis.com data.pendo.io; script-src-elem data: 'unsafe-inline' 'self' https: www.googletagmanager.com www.google-analytics.com *.olark.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com; style-src 'self' 'unsafe-inline' fonts.gstatic.com fonts.googleapis.com *.olark.com www.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io cdn.pendo.io pendo-static-SUB_ID.storage.googleapis.com; font-src fonts.gstatic.com fonts.googleapis.com 'self' static.olark.com www.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com data:; img-src 'self' *.blob.core.windows.net cdn0.iconfinder.com cdn.formstaxqa.com cdn.formstax.com www.googletagmanager.com *.google-analytics.com *.olark.com rs.fullstory.com stats.g.doubleclick.net app.pendo.io pendo-static-SUB_ID.storage.googleapis.com data.pendo.io bat.bing.com data:; connect-src 'self' wss: devformstaxsignalr.service.signalr.net qaformstaxsignalr.service.signalr.net prodformstaxsignalr.service.signalr.net *.azurewebsites.net *.formstax.crdev.inet *.formstaxqa.com *.formstax.com api.recurly.com *.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com app.pendo.io data.pendo.io pendo-static-SUB_ID.storage.googleapis.com; object-src 'none'; media-src *.olark.com *.google-analytics.com rs.fullstory.com stats.g.doubleclick.net bat.bing.com; frame-ancestors app.pendo.io; child-src app.pendo.io;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adminapi.formstax.com
api.olark.com
app.pendo.io
cdn.formstax.com
cdn.pendo.io
cl.exct.net
discountefile.efile1.com
edge.fullstory.com
excaliburapi.formstax.com
fonts.googleapis.com
fonts.gstatic.com
js.recurly.com
log.olark.com
nrpc.olark.com
rs.fullstory.com
static.olark.com
www.google-analytics.com
www.googletagmanager.com
cdn.formstax.com
104.16.114.53
23.75.227.23
2600:9000:2156:d600:1f:aa31:7740:93a1
2620:1ec:46::44
2a00:1450:4001:80f::200a
2a00:1450:4001:813::2003
2a00:1450:4001:827::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82f::2013
2a02:26f0:3500:595::416d
34.96.127.16
35.186.194.58
35.201.112.186
40.79.154.192
93.184.220.42
0b125629b135235aea4609c07048a5a7671a9058910b632db5d69a0d09339ed4
0b22aa7bf70f3e06cad31b4e4dd7f170dc8c1f7162dbd6eda5b2707f727411c4
100f8c6cd76e4ac97f38db5e1d96ca6997b62be036185c19e23c449e5856bfa3
18e71eadd9c6f57625860c63699d554780def6ce05a646b482a2a1aa83cea5a0
2346617a3ef2e01bb1a05ca6f4c4bd330b7abee6fb9e7e0ffb1bbd1ed81a20bd
2b5450152283298c088b3565fab45d392c6439ed6df9aac48c70840a524d65b5
2bd22a358a35366ad405813426557d58d5fd0f83ccecdad15d7174dad724bc1e
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
4bf26bb470300bac6870aa338290c634d1978bfed3c35dea25b053418199ef89
4dd03ee66177999b5abb459f3ddb7c20ffe6e747a9834a930cb9377787584352
6942bd44b3391c6a121a9a692f3ab45013e619d36347b1fc6b3e196cb7234674
6c5acbb82a46a4971660f65131241dffcc28828f4dbd76b8ec7bab0b468250f8
81697f7625fa52653b0558194c7dec439f182247470a0d4171a3374f7f85bc77
81e491c1eaeddce07b633fd637b56bd24150ea377f4f3311f1935454f9cd8db5
89602c5b9eb48450360e8710fa8fdccce14683fc9158156b00a49e16e3884bea
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
989bb90fd51b49f2db648560a36ac7b01327e796872df241432fdb4993b54b80
98caa1c7107090ef1354b6b6099ef4ca94ccd5f8adea99f5122753df4262309f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a22662992fb807e0c84c85514bd032e04de946cbf6bd933448381f162e0a2a3d
a56fcdb8108b0a5e51dbaece4f8dcfe50ee4032fd5725d1d1f6e021f50fff091
a6192f0e27d41ad81b39b4da7fbe2d7bd2f5a380f72026bae4adafed594aeb96
a6a690239715806bc8e4a978ee678c07c24ec3627aed2b39bcc06d8f2a3b3e8d
a8ce2c5194e12befe6181273a440932158c39143d9732c9be1eee67325b3aea9
ab1da145fc820ea87160455377dbeddee4f125eebb4c52e661744bd0300540ce
abf55d853f3bbe3a244ea8f3b8ed9b4127f028a096fefc942020a3605433d99a
b1fa55944d393c97b9d9c938e639e532e95ccb046440b9adfffca4e1b0a2bcae
b913028cae336af75686538cf833779bac3d2e42701ac7800415dfe3d32a76d0
c47fabbb2020685b3fb5182c50ac1f5b253f5cae95ebd62122715e4ab9d66ece
c63f15faf154ba51aa194bdf814fa306301b2689d636d9e024d65905f9ab8f88
caa53054dc12f4194410b03956c943038cfc7963c54b95c2fcab47f2aecb6111
d5799c35c9cf7d1b576014e932e510053ff78adb26fe0453fbd341480786d857
d8aab579b0928b3175cc95a6cfa6fdf7f563ef97b3c7e4d1bd603ca3c7c6c7d8
d9641d66fab819871b989c5dc091bec8f187217c81d25334ca7c128f2b2d1d36
df583a5726521562945d365428c98e59e1e33c85a56f8a0703a0e7ef3bc719a4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e473207f4dffdb3f041a6b93433453bb2bbb117fa6a05dea648f5c1ddccd1b65
e4d08f877611f0c9211f3099d2bf66a57b97f4c8a03e4bc8f9dcc9299b4d09e7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef92827a8d38cee72d2a9e74a769a0e626a2f183ad9185208d2638b79a786460
f448e5b7c48267eda0c0a52811de97bd64ada25f53586bce49b15d3f41f7ea34
f85c30f1a0c5b895ba2dc75ce3474d287b0038cdf928d930a2370cac1b3461f4