urlscan.io logo urlscan.io
SecurityTrails logo

1040.file-tax.net Open in urlscan Pro
209.170.211.179  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.secureuserclk.com/c/s/In2/0sOB/s/7Xv/Nmc/6gwIgg/sfxywUoKMh/sFt/P/5c
Effective URL: https://1040.file-tax.net/?First+Name=ted&Last+Name=vicha&Email=theodorev%40cctexas.com&Unique+ID=TSR000
Submission: On September 17 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 51 HTTP transactions. The main IP is 209.170.211.179, located in United States and belongs to ASN-VINS, US. The main domain is 1040.file-tax.net.
TLS certificate: Issued by R3 on August 27th 2021. Valid for: 3 months.
This is the only time 1040.file-tax.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 209.170.211.187 13649 (ASN-VINS)
4 6 209.170.211.179 13649 (ASN-VINS)
14 104.16.21.19 13335 (CLOUDFLAR...)
6 142.250.184.234 15169 (GOOGLE)
1 104.18.22.52 13335 (CLOUDFLAR...)
14 160.1.97.239 8987 (AMAZON EX...)
10 142.250.185.99 15169 (GOOGLE)
3 104.16.19.94 ()
51 8
1    209.170.211.187 (United States)

ASN13649 (ASN-VINS, US)
t.secureuserclk.com
6    209.170.211.179 (United States)

ASN13649 (ASN-VINS, US)
PTR: mail9.ontramail.com
tracking.ontraport.com
1040.file-tax.net
14    104.16.21.19 (None, )

ASN13335 (CLOUDFLARENET, US)
optassets.ontraport.com
app.ontraport.com
i.ontraport.com
6    142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net
fonts.googleapis.com
1    104.18.22.52 (None, )

ASN13335 (CLOUDFLARENET, US)
pro.fontawesome.com
14    160.1.97.239 (Boardman, United States)

ASN8987 (AMAZON EXPANSION, IE)
PTR: ec2-160-1-97-239.us-gov-west-1.compute.amazonaws.com
helpdesk.file-tax.net
10    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
fonts.gstatic.com
3    104.16.19.94 (None, )

ASN- ()
cdnjs.cloudflare.com
Domain Requested by
14 helpdesk.file-tax.net 1040.file-tax.net
helpdesk.file-tax.net
10 fonts.gstatic.com fonts.googleapis.com
8 optassets.ontraport.com 1040.file-tax.net
optassets.ontraport.com
6 fonts.googleapis.com 1040.file-tax.net
optassets.ontraport.com
helpdesk.file-tax.net
5 i.ontraport.com 1040.file-tax.net
4 1040.file-tax.net 3 redirects
3 cdnjs.cloudflare.com helpdesk.file-tax.net
2 tracking.ontraport.com 1 redirects optassets.ontraport.com
1 app.ontraport.com 1040.file-tax.net
1 pro.fontawesome.com 1040.file-tax.net
1 t.secureuserclk.com 1 redirects
51 11

This site contains links to these domains. Also see Links.

Domain
blog.file-tax.net
e.file-tax.net
Subject Issuer Validity Valid
1040.file-tax.net
R3		 2021-08-27 -
2021-11-25		 3 months crt.sh
*.ontraport.com
Go Daddy Secure Certificate Authority - G2		 2020-10-26 -
2021-11-21		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-13 -
2021-12-14		 a year crt.sh
helpdesk.file-tax.net
R3		 2021-08-24 -
2021-11-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
tracking.ontraport.com
R3		 2021-09-10 -
2021-12-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-10-21 -
2021-10-20		 a year crt.sh

This page contains 4 frames:

Primary Page: https://1040.file-tax.net/?First+Name=ted&Last+Name=vicha&Email=theodorev%40cctexas.com&Unique+ID=TSR000
Frame ID: CB351996D2292EAEEF248B4BDA4C0E57
Requests: 34 HTTP requests in this frame

Frame: https://helpdesk.file-tax.net/assets/52221/pub/build/messenger/runtime~main.9e81b2de.js
Frame ID: 9A34623A9C09E2706D827A394C5A42C5
Requests: 8 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Rubik:400,400i,700,700i
Frame ID: CF0F2734437060717EC677834F6E643B
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Rubik:400,400i,700,700i
Frame ID: 897D1B6B58C00376F78DCFA269C15784
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://t.secureuserclk.com/c/s/In2/0sOB/s/7Xv/Nmc/6gwIgg/sfxywUoKMh/sFt/P/5c HTTP 302
    https://tracking.ontraport.com/cookify.php?mrs=0ymty8tmnj0bj7fphm&forward=http%3A%2F%2F1040.file-tax.net%2F... HTTP 302
    http://1040.file-tax.net/cir/?a=205191&f=http%3A%2F%2F1040.file-tax.net%2F&q=First%2BName%3Dted%26Las... HTTP 302
    https://1040.file-tax.net/cir/?a=205191&f=http%3A%2F%2F1040.file-tax.net%2F&q=First%2BName%3Dted%26Las... HTTP 302
    http://1040.file-tax.net/?First+Name=ted&Last+Name=vicha&Email=theodorev%40cctexas.com&Unique+ID=TSR000 HTTP 302
    https://1040.file-tax.net/?First+Name=ted&Last+Name=vicha&Email=theodorev%40cctexas.com&Unique+ID=TSR000 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

51
Requests

98 %
HTTPS

0 %
IPv6

7
Domains

11
Subdomains

8
IPs

2
Countries

959 kB
Transfer

3241 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.secureuserclk.com/c/s/In2/0sOB/s/7Xv/Nmc/6gwIgg/sfxywUoKMh/sFt/P/5c HTTP 302
    https://tracking.ontraport.com/cookify.php?mrs=0ymty8tmnj0bj7fphm&forward=http%3A%2F%2F1040.file-tax.net%2Fcir%2F%3Fa%3D205191%26f%3Dhttp%253A%252F%252F1040.file-tax.net%252F%26q%3DFirst%252BName%253Dted%2526Last%252BName%253Dvicha%2526Email%253Dtheodorev%252540cctexas.com%2526Unique%252BID%253DTSR000%26ci_uuid%3D5A4197777ABB5CC9ACAA8643 HTTP 302
    http://1040.file-tax.net/cir/?a=205191&f=http%3A%2F%2F1040.file-tax.net%2F&q=First%2BName%3Dted%26Last%2BName%3Dvicha%26Email%3Dtheodorev%2540cctexas.com%26Unique%2BID%3DTSR000&ci_uuid=5A4197777ABB5CC9ACAA8643 HTTP 302
    https://1040.file-tax.net/cir/?a=205191&f=http%3A%2F%2F1040.file-tax.net%2F&q=First%2BName%3Dted%26Last%2BName%3Dvicha%26Email%3Dtheodorev%2540cctexas.com%26Unique%2BID%3DTSR000&ci_uuid=5A4197777ABB5CC9ACAA8643 HTTP 302
    http://1040.file-tax.net/?First+Name=ted&Last+Name=vicha&Email=theodorev%40cctexas.com&Unique+ID=TSR000 HTTP 302
    https://1040.file-tax.net/?First+Name=ted&Last+Name=vicha&Email=theodorev%40cctexas.com&Unique+ID=TSR000 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

51 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
1040.file-tax.net/
Redirect Chain
  • https://t.secureuserclk.com/c/s/In2/0sOB/s/7Xv/Nmc/6gwIgg/sfxywUoKMh/sFt/P/5c
  • https://tracking.ontraport.com/cookify.php?mrs=0ymty8tmnj0bj7fphm&forward=http%3A%2F%2F1040.file-tax.net%2Fcir%2F%3Fa%3D205191%26f%3Dhttp%253A%252F%252F1040.file-tax.net%252F%26q%3DFirst%252BName%2...
  • http://1040.file-tax.net/cir/?a=205191&f=http%3A%2F%2F1040.file-tax.net%2F&q=First%2BName%3Dted%26Last%2BName%3Dvicha%26Email%3Dtheodorev%2540cctexas.com%26Unique%2BID%3DTSR000&ci_uuid=5A4197777ABB...
  • https://1040.file-tax.net/cir/?a=205191&f=http%3A%2F%2F1040.file-tax.net%2F&q=First%2BName%3Dted%26Last%2BName%3Dvicha%26Email%3Dtheodorev%2540cctexas.com%26Unique%2BID%3DTSR000&ci_uuid=5A4197777AB...
  • http://1040.file-tax.net/?First+Name=ted&Last+Name=vicha&Email=theodorev%40cctexas.com&Unique+ID=TSR000
  • https://1040.file-tax.net/?First+Name=ted&Last+Name=vicha&Email=theodorev%40cctexas.com&Unique+ID=TSR000
138 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1040.file-tax.net/?First+Name=ted&Last+Name=vicha&Email=theodorev%40cctexas.com&Unique+ID=TSR000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
209.170.211.179 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
mail9.ontramail.com
Software
ONTRAport /
Resource Hash
e1a54c68b4bae0002cefe67bb68516126bde39b5b0d4477134670cc26d161d75

Request headers

Host
1040.file-tax.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Cookie
op_loopCount=1; contact_identity_id=69119; secure_redirect=1; op_loopTrack=1040.file-tax.net/?First+Name=ted&Last+Name=vicha&Email=theodorev%40cctexas.com&Unique+ID=TSR000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Fri, 17 Sep 2021 04:12:35 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Set-Cookie
lpsplt_231=0; path=/; SameSite=Lax
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-op-class
default
X-op-release
2
X-op-ca
216.131.114.169
Server
ONTRAport
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Encoding
gzip

Redirect headers

Date
Fri, 17 Sep 2021 04:12:34 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
secure_redirect=1; expires=Fri, 17-Sep-2021 04:12:35 GMT; path=/; SameSite=Lax op_loopTrack=1040.file-tax.net/?First+Name=ted&Last+Name=vicha&Email=theodorev%40cctexas.com&Unique+ID=TSR000; Max-Age=1; Path=/
location
https://1040.file-tax.net?First+Name=ted&Last+Name=vicha&Email=theodorev%40cctexas.com&Unique+ID=TSR000
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-op-class
default
X-op-release
2
X-op-ca
216.131.114.169
Server
ONTRAport
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET, POST, OPTIONS
opt-styles.min.css
optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/ 		208 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css
Requested by
Host: 1040.file-tax.net
URL: https://1040.file-tax.net/?First+Name=ted&Last+Name=vicha&Email=theodorev%40cctexas.com&Unique+ID=TSR000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.21.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b2e71175b2bb8e673e1734f746a6c951188ab955e25d886aeda2b8c09569e5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1040.file-tax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 04:12:35 GMT
content-encoding
br
cf-cache-status
HIT
age
1621
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release
2
x-op-ca
10.2.80.206
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
x-op-class
optassets
cf-ray
68ff7f3fee3227a0-PRG
expires
Fri, 17 Sep 2021 08:12:35 GMT
icon
fonts.googleapis.com/ 		569 B
851 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: 1040.file-tax.net
URL: https://1040.file-tax.net/?First+Name=ted&Last+Name=vicha&Email=theodorev%40cctexas.com&Unique+ID=TSR000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
2c71745918d46e6af5586966f2f42d86f2941efd67fed12961b5d1cbb331d4bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1040.file-tax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 17 Sep 2021 04:12:35 GMT
server
ESF
date
Fri, 17 Sep 2021 04:12:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Sep 2021 04:12:35 GMT
css2
fonts.googleapis.com/ 		19 KB
980 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: 1040.file-tax.net
URL: https://1040.file-tax.net/?First+Name=ted&Last+Name=vicha&Email=theodorev%40cctexas.com&Unique+ID=TSR000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
05a55848815c20ac9e0c5df2732b2ce6b0c12018dec636956bd3f792c06c4aeb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1040.file-tax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 17 Sep 2021 03:00:24 GMT
server
ESF
date
Fri, 17 Sep 2021 04:12:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Sep 2021 04:12:35 GMT
all.css
pro.fontawesome.com/releases/v5.10.0/css/ 		153 KB
29 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pro.fontawesome.com/releases/v5.10.0/css/all.css
Requested by
Host: 1040.file-tax.net
URL: https://1040.file-tax.net/?First+Name=ted&Last+Name=vicha&Email=theodorev%40cctexas.com&Unique+ID=TSR000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.22.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1040.file-tax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 04:12:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 28 Jun 2021 16:54:32 GMT
server
cloudflare
age
6869617
etag
W/"aa1272633e7e552395d147a499bad186"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31556926
cf-ray
68ff7f402f8cf9da-PRG
x-amz-request-id
MTWESG2XRNTJRBCQ
x-amz-id-2
sjaF0esfkEDqjC1IboLVncAfCLYl1LQFrOem99s23Qv68X5gtxKO3PVohbSXRhpj1jW7Nw71sG4=
loader.js
helpdesk.file-tax.net/dyn-assets/pub/build/messenger/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://helpdesk.file-tax.net/dyn-assets/pub/build/messenger/loader.js?v=1625500919
Requested by
Host: 1040.file-tax.net
URL: https://1040.file-tax.net/?First+Name=ted&Last+Name=vicha&Email=theodorev%40cctexas.com&Unique+ID=TSR000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
160.1.97.239 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
ec2-160-1-97-239.us-gov-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
0d07858c87a850cf0090eaa6b9901093f5639c320d10a4cdbe76a5012cc91976
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1040.file-tax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 17 Sep 2021 04:12:35 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Tue, 06 Jul 2021 13:45:06 GMT
Server
nginx
ETag
W/"000dc17b2ab3490d1b048b81e5ea2c25ed5a13d8"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, s-maxage=300
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
opt_default_image.png
app.ontraport.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.ontraport.com/images/opt_default_image.png
Requested by
Host: 1040.file-tax.net
URL: https://1040.file-tax.net/?First+Name=ted&Last+Name=vicha&Email=theodorev%40cctexas.com&Unique+ID=TSR000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.21.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f697537edc72c0764b1ff7e9f1d3e21f601d82afb169ca435fc3e7f1a3af2415

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1040.file-tax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 04:12:36 GMT
x-op-benvironment
production
cf-cache-status
REVALIDATED
cf-polished
origSize=5891
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release
2
content-length
4968
x-op-ca
10.2.80.206
last-modified
Thu, 31 Jan 2019 20:36:34 GMT
server
cloudflare
etag
"5c535c52-1703"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Fri, 17 Sep 2021 04:32:36 GMT
cache-control
public, max-age=1200
x-op-class
app
accept-ranges
bytes
cf-ray
68ff7f409ebe27a0-PRG
cf-bgj
imgq:100,h2pri
anime.js
optassets.ontraport.com/opt_assets/static/js/ 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/static/js/anime.js
Requested by
Host: 1040.file-tax.net
URL: https://1040.file-tax.net/?First+Name=ted&Last+Name=vicha&Email=theodorev%40cctexas.com&Unique+ID=TSR000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.21.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c2348bbc056a14a9cd62dadb8d461800a192e8ba636f803d0ffddd753977976

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1040.file-tax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 04:12:35 GMT
content-encoding
br
cf-cache-status
HIT
age
1621
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release
2
x-op-ca
10.2.80.206
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=60
access-control-allow-credentials
true
x-op-class
optassets
cf-ray
68ff7f449a1f27a0-PRG
expires
Fri, 17 Sep 2021 04:13:35 GMT
jquery-3.2.1.min.js
optassets.ontraport.com/opt_assets/static/js/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/static/js/jquery-3.2.1.min.js
Requested by
Host: 1040.file-tax.net
URL: https://1040.file-tax.net/?First+Name=ted&Last+Name=vicha&Email=theodorev%40cctexas.com&Unique+ID=TSR000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.21.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1040.file-tax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 04:12:35 GMT
content-encoding
br
cf-cache-status
HIT
age
1621
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release
2
x-op-ca
10.2.80.206
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=60
access-control-allow-credentials
true
x-op-class
optassets
cf-ray
68ff7f44da5a27a0-PRG
expires
Fri, 17 Sep 2021 04:13:35 GMT
opt-assets.js
optassets.ontraport.com/opt_assets/static/js/ 		299 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/static/js/opt-assets.js?1631810410
Requested by
Host: 1040.file-tax.net
URL: https://1040.file-tax.net/?First+Name=ted&Last+Name=vicha&Email=theodorev%40cctexas.com&Unique+ID=TSR000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.21.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
49d52af7d62f3f8403d58c67ae1b90e4f23bdab8a4b1dc8b837e7a43e7207db2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1040.file-tax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 04:12:35 GMT
content-encoding
br
cf-cache-status
HIT
age
1621
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release
2
x-op-ca
10.2.80.206
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=60
access-control-allow-credentials
true
x-op-class
optassets
cf-ray
68ff7f44da5c27a0-PRG
expires
Fri, 17 Sep 2021 04:13:35 GMT
custom-elements.min.js
optassets.ontraport.com/opt_assets/static/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/static/js/custom-elements.min.js
Requested by
Host: 1040.file-tax.net
URL: https://1040.file-tax.net/?First+Name=ted&Last+Name=vicha&Email=theodorev%40cctexas.com&Unique+ID=TSR000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.21.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73a9c7944ce696c3622189e2f0706ccb9b9033b10f707414fe0ae14be6d68f08

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1040.file-tax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 04:12:35 GMT
content-encoding
br
cf-cache-status
HIT
age
1621
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release
2
x-op-ca
10.2.80.206
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=60
access-control-allow-credentials
true
x-op-class
optassets
cf-ray
68ff7f44da5d27a0-PRG
expires
Fri, 17 Sep 2021 04:13:35 GMT
tracking.js
optassets.ontraport.com/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/tracking.js
Requested by
Host: 1040.file-tax.net
URL: https://1040.file-tax.net/?First+Name=ted&Last+Name=vicha&Email=theodorev%40cctexas.com&Unique+ID=TSR000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.21.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e216637f4a7df41f3b559d1998bcb11854d5c05f6b7fed6327c428c33e2cb93

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1040.file-tax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 04:12:35 GMT
content-encoding
br
cf-cache-status
HIT
age
4419
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release
2
x-op-ca
10.2.80.206
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
x-op-class
optassets
cf-ray
68ff7f44da5e27a0-PRG
expires
Fri, 17 Sep 2021 08:12:35 GMT
css
fonts.googleapis.com/ 		280 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nixie+One|Source+Serif+Pro|Quicksand|Dancing+Script|Permanent+Marker|Architects+Daughter|Patrick+Hand+SC|Damion|Yeseva+One|Covered+By+Your+Grace|Oleo+Script|Neucha|Staatliches|Public+Sans|Source+Serif+Pro|Barlow|Barlow+Condensed|Barlow+Semi+Condensed|Archivo+Narrow|Archivo+Black|Archivo|Vollkorn|Vollkorn+SC|Mulish|Fahkwang|IBM+Plex+Serif|Poppins|Hepta+Slab|Taviraj|Nunito|Nunito+Sans|Dosis:400,200,300,500,600,800,700|Bubblegum+Sans|Parisienne|Lora:400,700i,700,400i|Fredericka+the+Great|Noto+Serif:400,400i,700,700i|La+Belle+Aurore|Lobster|Engagement|Shadows+Into+Light|Frijole|Alegreya+SC|Alegreya+Sans:400,100,100i,300,300i,400i,500,500i,700,700i,800,900,800i,900i|Monoton|Droid+Serif:400,400i,700,700i|Pacifico|Inconsolata:400,700|Oswald:400,700,300|Special+Elite|Montserrat:400,700|Open+Sans:400,300,300i,400i,600,600i,700,700i,800,800i|Open+Sans+Condensed:300,700,300i|Kranky|Crimson+Text:400,400i,600,700,600i,700i|Indie+Flower|Alegreya:400,400i,700,700i,900i,900|Raleway:100,200,300,500,400,600,700,800,900|Roboto+Condensed:400,300,300i,400i,700,700i|Slabo+27px|Roboto:400,100,100i,300,300i,400i,500,500i,700,700i,900,900i|Lato:400,100,100i,300,300i,400i,700,700i,900,900i|Bentham|Playfair+Display:400,400i,700,700i,900,900i|Paytone+One|Josefin+Slab:400,100,100i,300,300i,400i,600,600i,700,700i|Pinyon+Script|Abril+Fatface|Six+Caps|Londrina+Outline|League+Script|Sacramento|Fjalla+One|Vast+Shadow|Petit+Formal+Script|Libre+Baskerville:400,400i,700|Work+Sans:400,100,200,300,500,600,700,800,900|Economica:400,400i,700,700i|Yellowtail|Niconne|Pompiere|Maiden+Orange|Lateef|Source+Sans+Pro|Anonymous+Pro:400,400i,700,700i|Cormorant:300,300i,400,400i,500,500i,600,600i,700,700i|Karla:400,400i,700,700i|Permanent+Marker|Space+Mono:400,400i,700,700i|Ubuntu:300,300i,400,400i,500,500i,700,700i
Requested by
Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
1f4f7c256f63fd1bb8f0ccf26588cc395d6629b3eb35d4854e6ba6bc6342cf04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optassets.ontraport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 17 Sep 2021 04:12:35 GMT
server
ESF
date
Fri, 17 Sep 2021 04:12:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Sep 2021 04:12:35 GMT
css
fonts.googleapis.com/ 		272 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nixie+One|Source+Serif+Pro|Quicksand|Dancing+Script|Permanent+Marker|Architects+Daughter|Patrick+Hand+SC|Damion|Yeseva+One|Covered+By+Your+Grace|Oleo+Script|Neucha|Staatliches|Public+Sans|Source+Serif+Pro|Barlow|Barlow+Condensed|Barlow+Semi+Condensed|Archivo+Narrow|Archivo+Black|Archivo|Vollkorn|Vollkorn+SC|Mulish|Fahkwang|IBM+Plex+Serif|Poppins|Hepta+Slab|Taviraj|Nunito|Nunito+Sans|cBubblegum+Sans|Parisienne|Lora:400,700i,700,400i|Fredericka+the+Great|Noto+Serif:400,400i,700,700i|La+Belle+Aurore|Lobster|Engagement|Shadows+Into+Light|Frijole|Alegreya+SC|Alegreya+Sans:400,100,100i,300,300i,400i,500,500i,700,700i,800,900,800i,900i|Monoton|Droid+Serif:400,400i,700,700i|Pacifico|Inconsolata:400,700|Oswald:400,700,300|Special+Elite|Montserrat:400,700|Open+Sans:400,300,300i,400i,600,600i,700,700i,800,800i|Open+Sans+Condensed:300,700,300i|Kranky|Crimson+Text:400,400i,600,700,600i,700i|Indie+Flower|Alegreya:400,400i,700,700i,900i,900|Raleway:100,200,300,500,400,600,700,800,900|Roboto+Condensed:400,300,300i,400i,700,700i|Slabo+27px|Roboto:400,100,100i,300,300i,400i,500,500i,700,700i,900,900i|Lato:400,100,100i,300,300i,400i,700,700i,900,900i|Bentham|Playfair+Display:400,400i,700,700i,900,900i|Paytone+One|Josefin+Slab:400,100,100i,300,300i,400i,600,600i,700,700i|Pinyon+Script|Abril+Fatface|Six+Caps|Londrina+Outline|League+Script|Sacramento|Fjalla+One|Vast+Shadow|Petit+Formal+Script|Libre+Baskerville:400,400i,700|Work+Sans:400,100,200,300,500,600,700,800,900|Economica:400,400i,700,700i|Yellowtail|Niconne|Pompiere|Maiden+Orange|Lateef|Source+Sans+Pro|Anonymous+Pro:400,400i,700,700i|Cormorant:300,300i,400,400i,500,500i,600,600i,700,700i|Karla:400,400i,700,700i|Permanent+Marker|Space+Mono:400,400i,700,700i|Ubuntu:300,300i,400,400i,500,500i,700,700i
Requested by
Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/opt_assets/elements_v3/common/materialize/css/opt-styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
ef00ced2ae9ae7aa67e5990b48f9ccbd64fb1567a78843e1be2e0b9166014771
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://optassets.ontraport.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 17 Sep 2021 03:07:31 GMT
server
ESF
date
Fri, 17 Sep 2021 04:12:35 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Sep 2021 04:12:35 GMT
205191.3fb583e7c5ff6641b0989e1f2238921e.JPEG
i.ontraport.com/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ontraport.com/205191.3fb583e7c5ff6641b0989e1f2238921e.JPEG
Requested by
Host: 1040.file-tax.net
URL: https://1040.file-tax.net/?First+Name=ted&Last+Name=vicha&Email=theodorev%40cctexas.com&Unique+ID=TSR000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.21.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f99a9ff906f8f3e1831aa53bc5c02798b419c04fe05b915af37f28af38305432

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1040.file-tax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 04:12:36 GMT
via
1.1 f18b0bd4a5b62e5fb49428cc4789689f.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
217031
cf-polished
origSize=17486
x-cache
RefreshHit from cloudfront
x-amz-request-id
61MGQP951776CNTG
x-amz-id-2
kpEZ0dQTN30UznE1RtcLjfejcCxXr8oVynI+Iy+dDrGLVt9UQ+2YbnhurAC1WJf0zik2dFaVmHE=
accept-ranges
bytes
last-modified
Tue, 17 Aug 2021 12:11:42 GMT
server
cloudflare
etag
"8e9820c0fbbc5c805191cc02bcd7abbe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
expires
Sun, 19 Sep 2021 04:12:36 GMT
cache-control
public, max-age=172800
x-amz-cf-pop
PRG50-C1
content-length
12052
cf-ray
68ff7f456af327a0-PRG
x-amz-cf-id
V5ATtPkgz_gUPLB8tYGJ_NUU206jK-rBVPCoEOesYlt2O4h0XEOtqg==
cf-bgj
imgq:100,h2pri
205191.d89876fd6da61f160efd3dc7e2f0453e.JPEG
i.ontraport.com/ 		75 KB
76 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ontraport.com/205191.d89876fd6da61f160efd3dc7e2f0453e.JPEG
Requested by
Host: 1040.file-tax.net
URL: https://1040.file-tax.net/?First+Name=ted&Last+Name=vicha&Email=theodorev%40cctexas.com&Unique+ID=TSR000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.21.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d0e338e7f5a2525b7e8a023b45c7afa1e4c2f60527a8c78a7a658efada6ca20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1040.file-tax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 04:12:36 GMT
via
1.1 7bb80b5d9f75710222feac15033d6af0.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
30670
cf-polished
origSize=84221
x-cache
Miss from cloudfront
x-amz-request-id
CMZF9SEYBA6Z4HX9
x-amz-id-2
CYeYEowu2wcPzfVHkRhLX1B9F/o40aJt8UxgT0wA2MG8TlubmMBWuOJ0sVTGe0oWVSjRF8125G8=
accept-ranges
bytes
last-modified
Tue, 17 Aug 2021 13:47:36 GMT
server
cloudflare
etag
"d7dc84b6f4d4c457758c4936a0b2ba6e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
expires
Sun, 19 Sep 2021 04:12:36 GMT
cache-control
public, max-age=172800
x-amz-cf-pop
PRG50-C1
content-length
76909
cf-ray
68ff7f456af227a0-PRG
x-amz-cf-id
JILUaBTba-hZabaWCjhvXAVKD7iAKJhAJhzaBYbnX_2xTBOJ9k4ZyQ==
cf-bgj
imgq:100,h2pri
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1040.file-tax.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 04:13:09 GMT
x-content-type-options
nosniff
age
259167
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7900
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:02:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Sep 2022 04:13:09 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1040.file-tax.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 22:04:31 GMT
x-content-type-options
nosniff
age
108485
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7988
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:02:10 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 15 Sep 2022 22:04:31 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1040.file-tax.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 04:21:31 GMT
x-content-type-options
nosniff
age
345065
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7832
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:01:48 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 04:21:31 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nixie+One|Source+Serif+Pro|Quicksand|Dancing+Script|Permanent+Marker|Architects+Daughter|Patrick+Hand+SC|Damion|Yeseva+One|Covered+By+Your+Grace|Oleo+Script|Neucha|Staatliches|Public+Sans|Source+Serif+Pro|Barlow|Barlow+Condensed|Barlow+Semi+Condensed|Archivo+Narrow|Archivo+Black|Archivo|Vollkorn|Vollkorn+SC|Mulish|Fahkwang|IBM+Plex+Serif|Poppins|Hepta+Slab|Taviraj|Nunito|Nunito+Sans|Dosis:400,200,300,500,600,800,700|Bubblegum+Sans|Parisienne|Lora:400,700i,700,400i|Fredericka+the+Great|Noto+Serif:400,400i,700,700i|La+Belle+Aurore|Lobster|Engagement|Shadows+Into+Light|Frijole|Alegreya+SC|Alegreya+Sans:400,100,100i,300,300i,400i,500,500i,700,700i,800,900,800i,900i|Monoton|Droid+Serif:400,400i,700,700i|Pacifico|Inconsolata:400,700|Oswald:400,700,300|Special+Elite|Montserrat:400,700|Open+Sans:400,300,300i,400i,600,600i,700,700i,800,800i|Open+Sans+Condensed:300,700,300i|Kranky|Crimson+Text:400,400i,600,700,600i,700i|Indie+Flower|Alegreya:400,400i,700,700i,900i,900|Raleway:100,200,300,500,400,600,700,800,900|Roboto+Condensed:400,300,300i,400i,700,700i|Slabo+27px|Roboto:400,100,100i,300,300i,400i,500,500i,700,700i,900,900i|Lato:400,100,100i,300,300i,400i,700,700i,900,900i|Bentham|Playfair+Display:400,400i,700,700i,900,900i|Paytone+One|Josefin+Slab:400,100,100i,300,300i,400i,600,600i,700,700i|Pinyon+Script|Abril+Fatface|Six+Caps|Londrina+Outline|League+Script|Sacramento|Fjalla+One|Vast+Shadow|Petit+Formal+Script|Libre+Baskerville:400,400i,700|Work+Sans:400,100,200,300,500,600,700,800,900|Economica:400,400i,700,700i|Yellowtail|Niconne|Pompiere|Maiden+Orange|Lateef|Source+Sans+Pro|Anonymous+Pro:400,400i,700,700i|Cormorant:300,300i,400,400i,500,500i,600,600i,700,700i|Karla:400,400i,700,700i|Permanent+Marker|Space+Mono:400,400i,700,700i|Ubuntu:300,300i,400,400i,500,500i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1040.file-tax.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 06:55:08 GMT
x-content-type-options
nosniff
age
422248
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Sep 2022 06:55:08 GMT
KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v27/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nixie+One|Source+Serif+Pro|Quicksand|Dancing+Script|Permanent+Marker|Architects+Daughter|Patrick+Hand+SC|Damion|Yeseva+One|Covered+By+Your+Grace|Oleo+Script|Neucha|Staatliches|Public+Sans|Source+Serif+Pro|Barlow|Barlow+Condensed|Barlow+Semi+Condensed|Archivo+Narrow|Archivo+Black|Archivo|Vollkorn|Vollkorn+SC|Mulish|Fahkwang|IBM+Plex+Serif|Poppins|Hepta+Slab|Taviraj|Nunito|Nunito+Sans|Dosis:400,200,300,500,600,800,700|Bubblegum+Sans|Parisienne|Lora:400,700i,700,400i|Fredericka+the+Great|Noto+Serif:400,400i,700,700i|La+Belle+Aurore|Lobster|Engagement|Shadows+Into+Light|Frijole|Alegreya+SC|Alegreya+Sans:400,100,100i,300,300i,400i,500,500i,700,700i,800,900,800i,900i|Monoton|Droid+Serif:400,400i,700,700i|Pacifico|Inconsolata:400,700|Oswald:400,700,300|Special+Elite|Montserrat:400,700|Open+Sans:400,300,300i,400i,600,600i,700,700i,800,800i|Open+Sans+Condensed:300,700,300i|Kranky|Crimson+Text:400,400i,600,700,600i,700i|Indie+Flower|Alegreya:400,400i,700,700i,900i,900|Raleway:100,200,300,500,400,600,700,800,900|Roboto+Condensed:400,300,300i,400i,700,700i|Slabo+27px|Roboto:400,100,100i,300,300i,400i,500,500i,700,700i,900,900i|Lato:400,100,100i,300,300i,400i,700,700i,900,900i|Bentham|Playfair+Display:400,400i,700,700i,900,900i|Paytone+One|Josefin+Slab:400,100,100i,300,300i,400i,600,600i,700,700i|Pinyon+Script|Abril+Fatface|Six+Caps|Londrina+Outline|League+Script|Sacramento|Fjalla+One|Vast+Shadow|Petit+Formal+Script|Libre+Baskerville:400,400i,700|Work+Sans:400,100,200,300,500,600,700,800,900|Economica:400,400i,700,700i|Yellowtail|Niconne|Pompiere|Maiden+Orange|Lateef|Source+Sans+Pro|Anonymous+Pro:400,400i,700,700i|Cormorant:300,300i,400,400i,500,500i,600,600i,700,700i|Karla:400,400i,700,700i|Permanent+Marker|Space+Mono:400,400i,700,700i|Ubuntu:300,300i,400,400i,500,500i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
2a42cc82f30fbf25a268f6d5a10158e8312a838222da6847158ea4175fa289d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1040.file-tax.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 06:49:56 GMT
x-content-type-options
nosniff
age
422560
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17004
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:44 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Sep 2022 06:49:56 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nixie+One|Source+Serif+Pro|Quicksand|Dancing+Script|Permanent+Marker|Architects+Daughter|Patrick+Hand+SC|Damion|Yeseva+One|Covered+By+Your+Grace|Oleo+Script|Neucha|Staatliches|Public+Sans|Source+Serif+Pro|Barlow|Barlow+Condensed|Barlow+Semi+Condensed|Archivo+Narrow|Archivo+Black|Archivo|Vollkorn|Vollkorn+SC|Mulish|Fahkwang|IBM+Plex+Serif|Poppins|Hepta+Slab|Taviraj|Nunito|Nunito+Sans|Dosis:400,200,300,500,600,800,700|Bubblegum+Sans|Parisienne|Lora:400,700i,700,400i|Fredericka+the+Great|Noto+Serif:400,400i,700,700i|La+Belle+Aurore|Lobster|Engagement|Shadows+Into+Light|Frijole|Alegreya+SC|Alegreya+Sans:400,100,100i,300,300i,400i,500,500i,700,700i,800,900,800i,900i|Monoton|Droid+Serif:400,400i,700,700i|Pacifico|Inconsolata:400,700|Oswald:400,700,300|Special+Elite|Montserrat:400,700|Open+Sans:400,300,300i,400i,600,600i,700,700i,800,800i|Open+Sans+Condensed:300,700,300i|Kranky|Crimson+Text:400,400i,600,700,600i,700i|Indie+Flower|Alegreya:400,400i,700,700i,900i,900|Raleway:100,200,300,500,400,600,700,800,900|Roboto+Condensed:400,300,300i,400i,700,700i|Slabo+27px|Roboto:400,100,100i,300,300i,400i,500,500i,700,700i,900,900i|Lato:400,100,100i,300,300i,400i,700,700i,900,900i|Bentham|Playfair+Display:400,400i,700,700i,900,900i|Paytone+One|Josefin+Slab:400,100,100i,300,300i,400i,600,600i,700,700i|Pinyon+Script|Abril+Fatface|Six+Caps|Londrina+Outline|League+Script|Sacramento|Fjalla+One|Vast+Shadow|Petit+Formal+Script|Libre+Baskerville:400,400i,700|Work+Sans:400,100,200,300,500,600,700,800,900|Economica:400,400i,700,700i|Yellowtail|Niconne|Pompiere|Maiden+Orange|Lateef|Source+Sans+Pro|Anonymous+Pro:400,400i,700,700i|Cormorant:300,300i,400,400i,500,500i,600,600i,700,700i|Karla:400,400i,700,700i|Permanent+Marker|Space+Mono:400,400i,700,700i|Ubuntu:300,300i,400,400i,500,500i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1040.file-tax.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 17:49:36 GMT
x-content-type-options
nosniff
age
123780
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 15 Sep 2022 17:49:36 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nixie+One|Source+Serif+Pro|Quicksand|Dancing+Script|Permanent+Marker|Architects+Daughter|Patrick+Hand+SC|Damion|Yeseva+One|Covered+By+Your+Grace|Oleo+Script|Neucha|Staatliches|Public+Sans|Source+Serif+Pro|Barlow|Barlow+Condensed|Barlow+Semi+Condensed|Archivo+Narrow|Archivo+Black|Archivo|Vollkorn|Vollkorn+SC|Mulish|Fahkwang|IBM+Plex+Serif|Poppins|Hepta+Slab|Taviraj|Nunito|Nunito+Sans|Dosis:400,200,300,500,600,800,700|Bubblegum+Sans|Parisienne|Lora:400,700i,700,400i|Fredericka+the+Great|Noto+Serif:400,400i,700,700i|La+Belle+Aurore|Lobster|Engagement|Shadows+Into+Light|Frijole|Alegreya+SC|Alegreya+Sans:400,100,100i,300,300i,400i,500,500i,700,700i,800,900,800i,900i|Monoton|Droid+Serif:400,400i,700,700i|Pacifico|Inconsolata:400,700|Oswald:400,700,300|Special+Elite|Montserrat:400,700|Open+Sans:400,300,300i,400i,600,600i,700,700i,800,800i|Open+Sans+Condensed:300,700,300i|Kranky|Crimson+Text:400,400i,600,700,600i,700i|Indie+Flower|Alegreya:400,400i,700,700i,900i,900|Raleway:100,200,300,500,400,600,700,800,900|Roboto+Condensed:400,300,300i,400i,700,700i|Slabo+27px|Roboto:400,100,100i,300,300i,400i,500,500i,700,700i,900,900i|Lato:400,100,100i,300,300i,400i,700,700i,900,900i|Bentham|Playfair+Display:400,400i,700,700i,900,900i|Paytone+One|Josefin+Slab:400,100,100i,300,300i,400i,600,600i,700,700i|Pinyon+Script|Abril+Fatface|Six+Caps|Londrina+Outline|League+Script|Sacramento|Fjalla+One|Vast+Shadow|Petit+Formal+Script|Libre+Baskerville:400,400i,700|Work+Sans:400,100,200,300,500,600,700,800,900|Economica:400,400i,700,700i|Yellowtail|Niconne|Pompiere|Maiden+Orange|Lateef|Source+Sans+Pro|Anonymous+Pro:400,400i,700,700i|Cormorant:300,300i,400,400i,500,500i,600,600i,700,700i|Karla:400,400i,700,700i|Permanent+Marker|Space+Mono:400,400i,700,700i|Ubuntu:300,300i,400,400i,500,500i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1040.file-tax.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 04:03:18 GMT
x-content-type-options
nosniff
age
259758
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Sep 2022 04:03:18 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1040.file-tax.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 04:53:27 GMT
x-content-type-options
nosniff
age
602349
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7776
x-xss-protection
0
last-modified
Thu, 05 Nov 2020 22:01:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Sep 2022 04:53:27 GMT
KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
fonts.gstatic.com/s/roboto/v27/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOjCnqEu92Fr1Mu51S7ACc6CsQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nixie+One|Source+Serif+Pro|Quicksand|Dancing+Script|Permanent+Marker|Architects+Daughter|Patrick+Hand+SC|Damion|Yeseva+One|Covered+By+Your+Grace|Oleo+Script|Neucha|Staatliches|Public+Sans|Source+Serif+Pro|Barlow|Barlow+Condensed|Barlow+Semi+Condensed|Archivo+Narrow|Archivo+Black|Archivo|Vollkorn|Vollkorn+SC|Mulish|Fahkwang|IBM+Plex+Serif|Poppins|Hepta+Slab|Taviraj|Nunito|Nunito+Sans|Dosis:400,200,300,500,600,800,700|Bubblegum+Sans|Parisienne|Lora:400,700i,700,400i|Fredericka+the+Great|Noto+Serif:400,400i,700,700i|La+Belle+Aurore|Lobster|Engagement|Shadows+Into+Light|Frijole|Alegreya+SC|Alegreya+Sans:400,100,100i,300,300i,400i,500,500i,700,700i,800,900,800i,900i|Monoton|Droid+Serif:400,400i,700,700i|Pacifico|Inconsolata:400,700|Oswald:400,700,300|Special+Elite|Montserrat:400,700|Open+Sans:400,300,300i,400i,600,600i,700,700i,800,800i|Open+Sans+Condensed:300,700,300i|Kranky|Crimson+Text:400,400i,600,700,600i,700i|Indie+Flower|Alegreya:400,400i,700,700i,900i,900|Raleway:100,200,300,500,400,600,700,800,900|Roboto+Condensed:400,300,300i,400i,700,700i|Slabo+27px|Roboto:400,100,100i,300,300i,400i,500,500i,700,700i,900,900i|Lato:400,100,100i,300,300i,400i,700,700i,900,900i|Bentham|Playfair+Display:400,400i,700,700i,900,900i|Paytone+One|Josefin+Slab:400,100,100i,300,300i,400i,600,600i,700,700i|Pinyon+Script|Abril+Fatface|Six+Caps|Londrina+Outline|League+Script|Sacramento|Fjalla+One|Vast+Shadow|Petit+Formal+Script|Libre+Baskerville:400,400i,700|Work+Sans:400,100,200,300,500,600,700,800,900|Economica:400,400i,700,700i|Yellowtail|Niconne|Pompiere|Maiden+Orange|Lateef|Source+Sans+Pro|Anonymous+Pro:400,400i,700,700i|Cormorant:300,300i,400,400i,500,500i,600,600i,700,700i|Karla:400,400i,700,700i|Permanent+Marker|Space+Mono:400,400i,700,700i|Ubuntu:300,300i,400,400i,500,500i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
0a938256d2de59b044f8ca7c7aa0c788ed2ffa9a48bf0e3930a5830c4298f509
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1040.file-tax.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 17:34:46 GMT
x-content-type-options
nosniff
age
383870
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17380
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:45 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Sep 2022 17:34:46 GMT
KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v27/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nixie+One|Source+Serif+Pro|Quicksand|Dancing+Script|Permanent+Marker|Architects+Daughter|Patrick+Hand+SC|Damion|Yeseva+One|Covered+By+Your+Grace|Oleo+Script|Neucha|Staatliches|Public+Sans|Source+Serif+Pro|Barlow|Barlow+Condensed|Barlow+Semi+Condensed|Archivo+Narrow|Archivo+Black|Archivo|Vollkorn|Vollkorn+SC|Mulish|Fahkwang|IBM+Plex+Serif|Poppins|Hepta+Slab|Taviraj|Nunito|Nunito+Sans|Dosis:400,200,300,500,600,800,700|Bubblegum+Sans|Parisienne|Lora:400,700i,700,400i|Fredericka+the+Great|Noto+Serif:400,400i,700,700i|La+Belle+Aurore|Lobster|Engagement|Shadows+Into+Light|Frijole|Alegreya+SC|Alegreya+Sans:400,100,100i,300,300i,400i,500,500i,700,700i,800,900,800i,900i|Monoton|Droid+Serif:400,400i,700,700i|Pacifico|Inconsolata:400,700|Oswald:400,700,300|Special+Elite|Montserrat:400,700|Open+Sans:400,300,300i,400i,600,600i,700,700i,800,800i|Open+Sans+Condensed:300,700,300i|Kranky|Crimson+Text:400,400i,600,700,600i,700i|Indie+Flower|Alegreya:400,400i,700,700i,900i,900|Raleway:100,200,300,500,400,600,700,800,900|Roboto+Condensed:400,300,300i,400i,700,700i|Slabo+27px|Roboto:400,100,100i,300,300i,400i,500,500i,700,700i,900,900i|Lato:400,100,100i,300,300i,400i,700,700i,900,900i|Bentham|Playfair+Display:400,400i,700,700i,900,900i|Paytone+One|Josefin+Slab:400,100,100i,300,300i,400i,600,600i,700,700i|Pinyon+Script|Abril+Fatface|Six+Caps|Londrina+Outline|League+Script|Sacramento|Fjalla+One|Vast+Shadow|Petit+Formal+Script|Libre+Baskerville:400,400i,700|Work+Sans:400,100,200,300,500,600,700,800,900|Economica:400,400i,700,700i|Yellowtail|Niconne|Pompiere|Maiden+Orange|Lateef|Source+Sans+Pro|Anonymous+Pro:400,400i,700,700i|Cormorant:300,300i,400,400i,500,500i,600,600i,700,700i|Karla:400,400i,700,700i|Permanent+Marker|Space+Mono:400,400i,700,700i|Ubuntu:300,300i,400,400i,500,500i,700,700i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1040.file-tax.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 04:29:47 GMT
x-content-type-options
nosniff
age
344569
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17304
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:35 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 04:29:47 GMT
logging.js
optassets.ontraport.com/opt_assets/scripts/ 		1 KB
703 B 		Script
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/scripts/logging.js
Requested by
Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/opt_assets/static/js/opt-assets.js?1631810410
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.21.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
398aeee3c266005c4cb1ba93d1de89f6ac06f24e491df3b02486900d8a79b11f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1040.file-tax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 04:12:36 GMT
content-encoding
br
cf-cache-status
HIT
age
41140
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release
2
x-op-ca
10.2.80.206
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
true
x-op-class
optassets
cf-ray
68ff7f45eb6227a0-PRG
expires
Sat, 18 Sep 2021 04:12:36 GMT
countdown-v1.js
optassets.ontraport.com/opt_assets/templates/custom-elements/countdown/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://optassets.ontraport.com/opt_assets/templates/custom-elements/countdown/countdown-v1.js
Requested by
Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/opt_assets/static/js/opt-assets.js?1631810410
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.21.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08f45fad15e1e5112e34644b29db6ed4d26173282ee7c639f095ea1d0fef928e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1040.file-tax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 04:12:36 GMT
content-encoding
br
cf-cache-status
EXPIRED
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-op-release
2
x-op-ca
10.2.80.206
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
x-op-class
optassets
cf-ray
68ff7f45eb6427a0-PRG
expires
Fri, 17 Sep 2021 08:12:36 GMT
205191.1011b412f71e1a1fc706d3a390d65efa.PNG
i.ontraport.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ontraport.com/205191.1011b412f71e1a1fc706d3a390d65efa.PNG
Requested by
Host: 1040.file-tax.net
URL: https://1040.file-tax.net/?First+Name=ted&Last+Name=vicha&Email=theodorev%40cctexas.com&Unique+ID=TSR000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.21.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f29024e6533cf32851f1be8def1893a13224ea97d37bba6285890023a173bf8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1040.file-tax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 04:12:36 GMT
via
1.1 91afcef6d5c7e90d0a4bb2c3a456c691.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
30669
cf-polished
origSize=4069
x-cache
Miss from cloudfront
x-amz-request-id
CMZ9GPAVGN1N9K21
x-amz-id-2
cyUYdkCF8OFTLQfqYQCcGLHVPCDNiOY3IDZrXeJPOBUzoMCXR5l7sS86OgqjcnbvL31FR3RCCEE=
accept-ranges
bytes
last-modified
Tue, 25 May 2021 18:37:41 GMT
server
cloudflare
etag
"c619424706dc7f21227eca3b49dc530a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
expires
Sun, 19 Sep 2021 04:12:36 GMT
cache-control
public, max-age=172800
x-amz-cf-pop
PRG50-C1
content-length
3911
cf-ray
68ff7f460b7a27a0-PRG
x-amz-cf-id
TuLaiWhjLuTgaICzq73ECjDQoTgLICnWeI__S9UkOsNPZB6pPc4TnA==
cf-bgj
imgq:100,h2pri
205191.44d89b227195936984f4893970b5bec8.PNG
i.ontraport.com/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ontraport.com/205191.44d89b227195936984f4893970b5bec8.PNG
Requested by
Host: 1040.file-tax.net
URL: https://1040.file-tax.net/?First+Name=ted&Last+Name=vicha&Email=theodorev%40cctexas.com&Unique+ID=TSR000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.21.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2267303c44a9a4e6d4707315a7c7dcf5ed67eda0625a3c73887a0801b65563eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1040.file-tax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 04:12:36 GMT
via
1.1 0bb58964819755c192fe9c24c342bd1a.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
30669
cf-polished
origSize=19030
x-cache
Miss from cloudfront
x-amz-request-id
CMZ81F7HRA4S2XSH
x-amz-id-2
JK71PKo9JyJXR71V5Df6dAcVxy2QkQ6YJrXsKuuv1LSUz1cVRpq+5hWFfCbHOqh4i52YzHdRyg4=
accept-ranges
bytes
last-modified
Mon, 16 Aug 2021 15:54:16 GMT
server
cloudflare
etag
"2a861f0a9fc09d2aff2ff7117f967bfa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
expires
Sun, 19 Sep 2021 04:12:36 GMT
cache-control
public, max-age=172800
x-amz-cf-pop
PRG50-C1
content-length
18835
cf-ray
68ff7f460b7c27a0-PRG
x-amz-cf-id
7ucftj_sVnax6zZtNDmH-d1bcSUxL7JLXItcMcuAZFYBoptdEgh2Hw==
cf-bgj
imgq:100,h2pri
205191.201c6b27392cd3f607d3ebd463de8272.PNG
i.ontraport.com/ 		183 KB
183 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ontraport.com/205191.201c6b27392cd3f607d3ebd463de8272.PNG
Requested by
Host: 1040.file-tax.net
URL: https://1040.file-tax.net/?First+Name=ted&Last+Name=vicha&Email=theodorev%40cctexas.com&Unique+ID=TSR000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.21.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a636645b3737950781932ab5bb1bd17355b9b02e4557ecb2a4dcf2d52b2d1e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1040.file-tax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 04:12:36 GMT
via
1.1 f3303a5632dc925c26253530523fa328.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
30668
cf-polished
origSize=231948
x-cache
Miss from cloudfront
x-amz-request-id
W1Q284HQJ7XZHTQ3
x-amz-id-2
GTMwenMh0UukUaBlet9rq3xvcIhKIPeglse4KICC47iY6l3/GVlwTUkV6mjH1Wc6Y6JttRTaowk=
accept-ranges
bytes
last-modified
Tue, 17 Aug 2021 12:29:58 GMT
server
cloudflare
etag
"358c375fbec66d4cdb212256cab1b463"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/png
access-control-allow-origin
*
expires
Sun, 19 Sep 2021 04:12:36 GMT
cache-control
public, max-age=172800
x-amz-cf-pop
PRG50-C1
content-length
186989
cf-ray
68ff7f460b7d27a0-PRG
x-amz-cf-id
GiTEfrm8e811KRwimbHghh0DdIHhn-qexQKIhzhRwoU4ioqgBYbMrw==
cf-bgj
imgq:100,h2pri
setup
helpdesk.file-tax.net/api/messenger/service/ 		18 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://helpdesk.file-tax.net/api/messenger/service/setup
Requested by
Host: helpdesk.file-tax.net
URL: https://helpdesk.file-tax.net/dyn-assets/pub/build/messenger/loader.js?v=1625500919
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
160.1.97.239 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
ec2-160-1-97-239.us-gov-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9ae7a56b76eae764fdf507e097e3495e1f889c2894bab563f96c40bf6242557f
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval'; style-src * data: 'unsafe-inline'; img-src * data: blob:; font-src * data:; connect-src *; media-src * data: blob:; object-src *; worker-src * blob:; form-action *; frame-src *; frame-ancestors 'self'
X-Content-Type-Options nosniff, nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1040.file-tax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 17 Sep 2021 04:12:37 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-DP-LREF
25a9b4f1090f3dbef00b78315bf821ea
X-Request-ID
27197533-e44a7334159cff244016e0bef0a59bc39b40e58c1c12550421eac29120eb
Referrer-Policy
same-origin
Server
nginx
X-Cache-Debug
1
Allow
GET
Content-Type
application/json
Access-Control-Allow-Origin
https://1040.file-tax.net
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Content-Security-Policy
default-src 'self' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval'; style-src * data: 'unsafe-inline'; img-src * data: blob:; font-src * data:; connect-src *; media-src * data: blob:; object-src *; worker-src * blob:; form-action *; frame-src *; frame-ancestors 'self'
track.php
tracking.ontraport.com/ 		861 B
1007 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tracking.ontraport.com/track.php?mid=205191_lp231.0_2&llc=https://1040.file-tax.net/?First%252BName=ted&Last%252BName=vicha&Email=theodorev%252540cctexas.com&Unique%252BID=TSR000&first_visit=1&referral_page=&s=t3f0vvqf5b7ts3pxyqps&l=1040.file-tax.net/&ti=&is_unique=1
Requested by
Host: optassets.ontraport.com
URL: https://optassets.ontraport.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
209.170.211.179 , United States, ASN13649 (ASN-VINS, US),
Reverse DNS
mail9.ontramail.com
Software
ONTRAport /
Resource Hash
79045a9e8c80d21be608088784374d236603299783961f11f764307d440dd73c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1040.file-tax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 17 Sep 2021 04:12:36 GMT
Content-Encoding
gzip
X-op-class
hosted
Server
ONTRAport
X-op-release
2
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Content-Type
text/html
X-op-ca
216.131.114.169
asset-manifest.json
helpdesk.file-tax.net/assets/52221/pub/build/messenger/ 		535 B
758 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://helpdesk.file-tax.net/assets/52221/pub/build/messenger/asset-manifest.json?v=1625500919
Requested by
Host: helpdesk.file-tax.net
URL: https://helpdesk.file-tax.net/dyn-assets/pub/build/messenger/loader.js?v=1625500919
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
160.1.97.239 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
ec2-160-1-97-239.us-gov-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
50fb77285161508cca98cfb1f2e539e3dd3e671bf0e7ac4ed296917af26d10be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1040.file-tax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 17 Sep 2021 04:12:37 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jul 2021 13:45:06 GMT
Server
nginx
ETag
W/"60e45e62-217"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
runtime~main.9e81b2de.js
helpdesk.file-tax.net/assets/52221/pub/build/messenger/ Frame 9A34 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://helpdesk.file-tax.net/assets/52221/pub/build/messenger/runtime~main.9e81b2de.js
Requested by
Host: helpdesk.file-tax.net
URL: https://helpdesk.file-tax.net/dyn-assets/pub/build/messenger/loader.js?v=1625500919
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
160.1.97.239 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
ec2-160-1-97-239.us-gov-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e4ea52964733ab098307e338c6ea17db420e9c0e66909337f6686420f1d44f01

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1040.file-tax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 17 Sep 2021 04:12:37 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jul 2021 13:45:06 GMT
Server
nginx
ETag
W/"60e45e62-2bed"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
602.6fcb7fbe.chunk.js
helpdesk.file-tax.net/assets/52221/pub/build/messenger/ Frame 9A34 		617 KB
186 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://helpdesk.file-tax.net/assets/52221/pub/build/messenger/602.6fcb7fbe.chunk.js
Requested by
Host: helpdesk.file-tax.net
URL: https://helpdesk.file-tax.net/dyn-assets/pub/build/messenger/loader.js?v=1625500919
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
160.1.97.239 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
ec2-160-1-97-239.us-gov-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
610cc9772c400bcf133dd868304582a617c2a9f99ee28e68d55dd3bc0b1e7572

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1040.file-tax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 17 Sep 2021 04:12:37 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jul 2021 13:45:06 GMT
Server
nginx
ETag
W/"60e45e62-9a23c"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
main.8df0c711.chunk.js
helpdesk.file-tax.net/assets/52221/pub/build/messenger/ Frame 9A34 		94 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://helpdesk.file-tax.net/assets/52221/pub/build/messenger/main.8df0c711.chunk.js
Requested by
Host: helpdesk.file-tax.net
URL: https://helpdesk.file-tax.net/dyn-assets/pub/build/messenger/loader.js?v=1625500919
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
160.1.97.239 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
ec2-160-1-97-239.us-gov-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6627622a89eb22c7f3dfa006382b179a05e5b229486bb7fc8552154c446718b6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1040.file-tax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 17 Sep 2021 04:12:38 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jul 2021 13:45:06 GMT
Server
nginx
ETag
W/"60e45e62-1766b"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
translation
helpdesk.file-tax.net/api/messenger/service/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://helpdesk.file-tax.net/api/messenger/service/translation?language=1
Protocol
HTTP/1.1
Server
160.1.97.239 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
ec2-160-1-97-239.us-gov-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval'; style-src * data: 'unsafe-inline'; img-src * data: blob:; font-src * data:; connect-src *; media-src * data: blob:; object-src *; worker-src * blob:; form-action *; frame-src *; frame-ancestors 'self'
X-Content-Type-Options nosniff nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
cache-control
Origin
https://1040.file-tax.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Origin
Cache-Control
no-cache
Date
Fri, 17 Sep 2021 04:12:38 GMT
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST, PUT, GET, DELETE
Access-Control-Allow-Headers
cache-control
Access-Control-Max-Age
3600
Access-Control-Allow-Origin
https://1040.file-tax.net
X-Content-Type-Options
nosniff nosniff
Content-Security-Policy
default-src 'self' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval'; style-src * data: 'unsafe-inline'; img-src * data: blob:; font-src * data:; connect-src *; media-src * data: blob:; object-src *; worker-src * blob:; form-action *; frame-src *; frame-ancestors 'self'
X-Request-ID
27197533-18bc3336670cb3777e81626e608a31fcadb5446316c3ab544eead919c07d
X-DP-LREF
NOLIC
X-Cache-Debug
1
Referrer-Policy
same-origin
Content-Encoding
gzip
translation
helpdesk.file-tax.net/api/messenger/service/ Frame 9A34 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://helpdesk.file-tax.net/api/messenger/service/translation?language=1
Requested by
Host: helpdesk.file-tax.net
URL: https://helpdesk.file-tax.net/assets/52221/pub/build/messenger/602.6fcb7fbe.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
160.1.97.239 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
ec2-160-1-97-239.us-gov-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
84fcb2ef05a0370adeb57dbd653a8a7c8866461115578b3fb7acb49b59a2a747
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval'; style-src * data: 'unsafe-inline'; img-src * data: blob:; font-src * data:; connect-src *; media-src * data: blob:; object-src *; worker-src * blob:; form-action *; frame-src *; frame-ancestors 'self'
X-Content-Type-Options nosniff, nosniff

Request headers

Accept
application/json
Cache-Control
no-cache
Referer
https://1040.file-tax.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 17 Sep 2021 04:12:39 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-DP-LREF
25a9b4f1090f3dbef00b78315bf821ea
X-Request-ID
27197533-aef643e1570fefc826b210fbfd786f9b963ab9f2d5e271c401de85ee748c
Referrer-Policy
same-origin
Server
nginx
X-Cache-Debug
1
Allow
GET
Content-Type
application/json
Access-Control-Allow-Origin
https://1040.file-tax.net
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Content-Security-Policy
default-src 'self' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval'; style-src * data: 'unsafe-inline'; img-src * data: blob:; font-src * data:; connect-src *; media-src * data: blob:; object-src *; worker-src * blob:; form-action *; frame-src *; frame-ancestors 'self'
info
helpdesk.file-tax.net/api/messenger/user/ Frame 9A34 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://helpdesk.file-tax.net/api/messenger/user/info
Requested by
Host: helpdesk.file-tax.net
URL: https://helpdesk.file-tax.net/assets/52221/pub/build/messenger/602.6fcb7fbe.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
160.1.97.239 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
ec2-160-1-97-239.us-gov-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
09e0d55f1969cebd07d18dce41196551336fa10bef51ccd4879939d17f945da8
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval'; style-src * data: 'unsafe-inline'; img-src * data: blob:; font-src * data:; connect-src *; media-src * data: blob:; object-src *; worker-src * blob:; form-action *; frame-src *; frame-ancestors 'self'
X-Content-Type-Options nosniff, nosniff

Request headers

Accept
application/json
Cache-Control
no-cache
Referer
https://1040.file-tax.net/
Accept-Language
de-DE,de;q=0.9
X-DESKPRO-VISITORID
27197532-KXJW3KKF-3TTJ320I-PC8I9K-ZBL
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 17 Sep 2021 04:12:39 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff, nosniff
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-DP-LREF
25a9b4f1090f3dbef00b78315bf821ea
X-Request-ID
27197533-84bcef3325cd6355b48cc98dda031074bd0a0f790d876e81a5afb8ac9a47
Referrer-Policy
same-origin
Server
nginx
X-Cache-Debug
1
Allow
GET
Content-Type
application/json
Access-Control-Allow-Origin
https://1040.file-tax.net
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Content-Security-Policy
default-src 'self' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval'; style-src * data: 'unsafe-inline'; img-src * data: blob:; font-src * data:; connect-src *; media-src * data: blob:; object-src *; worker-src * blob:; form-action *; frame-src *; frame-ancestors 'self'
info
helpdesk.file-tax.net/api/messenger/user/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://helpdesk.file-tax.net/api/messenger/user/info
Protocol
HTTP/1.1
Server
160.1.97.239 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
ec2-160-1-97-239.us-gov-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval'; style-src * data: 'unsafe-inline'; img-src * data: blob:; font-src * data:; connect-src *; media-src * data: blob:; object-src *; worker-src * blob:; form-action *; frame-src *; frame-ancestors 'self'
X-Content-Type-Options nosniff nosniff

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
cache-control,x-deskpro-visitorid
Origin
https://1040.file-tax.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Origin
Cache-Control
no-cache
Date
Fri, 17 Sep 2021 04:12:39 GMT
Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
POST, PUT, GET, DELETE
Access-Control-Allow-Headers
cache-control,x-deskpro-visitorid
Access-Control-Max-Age
3600
Access-Control-Allow-Origin
https://1040.file-tax.net
X-Content-Type-Options
nosniff nosniff
Content-Security-Policy
default-src 'self' blob:; script-src * data: 'unsafe-inline' 'unsafe-eval'; style-src * data: 'unsafe-inline'; img-src * data: blob:; font-src * data:; connect-src *; media-src * data: blob:; object-src *; worker-src * blob:; form-action *; frame-src *; frame-ancestors 'self'
X-Request-ID
27197533-b053b5e03f9d45f08435ade0b37c0e9530173638c2278544413dd40eba92
X-DP-LREF
NOLIC
X-Cache-Debug
1
Referrer-Policy
same-origin
Content-Encoding
gzip
unconvinced.mp3
helpdesk.file-tax.net/assets/52221/pub/build/messenger/assets/audio/ Frame 9A34 		24 KB
24 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://helpdesk.file-tax.net/assets/52221/pub/build/messenger/assets/audio/unconvinced.mp3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
160.1.97.239 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
ec2-160-1-97-239.us-gov-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
89dd2a66511098829a42208010991f9c8bb499283bfa5a0b221b275a068a6560

Request headers

Referer
https://1040.file-tax.net/
Accept-Encoding
identity;q=1, *;q=0
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 17 Sep 2021 04:12:38 GMT
Last-Modified
Tue, 06 Jul 2021 13:45:06 GMT
Server
nginx
Access-Control-Allow-Origin
*
ETag
"60e45e62-5eb1"
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
audio/mpeg
Content-Range
bytes 0-24240/24241
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
24241
0.d8918b45.chunk.js
helpdesk.file-tax.net/assets/52221/pub/build/messenger/ Frame 9A34 		227 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://helpdesk.file-tax.net/assets/52221/pub/build/messenger/0.d8918b45.chunk.js
Requested by
Host: helpdesk.file-tax.net
URL: https://helpdesk.file-tax.net/assets/52221/pub/build/messenger/runtime~main.9e81b2de.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
160.1.97.239 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
ec2-160-1-97-239.us-gov-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1040.file-tax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 17 Sep 2021 04:12:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jul 2021 13:45:06 GMT
Server
nginx
ETag
W/"60e45e62-1b8b48"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
389.0f4825dd.chunk.js
helpdesk.file-tax.net/assets/52221/pub/build/messenger/ Frame 9A34 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://helpdesk.file-tax.net/assets/52221/pub/build/messenger/389.0f4825dd.chunk.js
Requested by
Host: helpdesk.file-tax.net
URL: https://helpdesk.file-tax.net/assets/52221/pub/build/messenger/runtime~main.9e81b2de.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
160.1.97.239 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
ec2-160-1-97-239.us-gov-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
01daba378883106007bc7f34e32f649b171502f17ee3fcc8e89aa36f78cacde8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1040.file-tax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 17 Sep 2021 04:12:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jul 2021 13:45:06 GMT
Server
nginx
ETag
W/"60e45e62-2d54"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
css
fonts.googleapis.com/ Frame CF0F 		6 KB
602 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rubik:400,400i,700,700i
Requested by
Host: helpdesk.file-tax.net
URL: https://helpdesk.file-tax.net/assets/52221/pub/build/messenger/602.6fcb7fbe.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
ead57087ba9ef5d0dda00049e0c89c40987dd3a38aef3906959bf031e340e20b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1040.file-tax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 17 Sep 2021 03:44:45 GMT
server
ESF
date
Fri, 17 Sep 2021 04:12:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Sep 2021 04:12:39 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/css/ Frame CF0F 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/css/font-awesome.min.css
Requested by
Host: helpdesk.file-tax.net
URL: https://helpdesk.file-tax.net/assets/52221/pub/build/messenger/602.6fcb7fbe.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1040.file-tax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 04:12:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
394603
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4839
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-6857"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4WwjHZ92khxNMrFqTjkTePHsJXcNZOXhmunCD0LOV%2FlYiQqH4Wz3XOxAxp2GKxF1eTqj7Umko3xE3wHSipCaR%2FEUARsgvc9mtMw3Su%2BLvL8PF%2Bap7dVlLv8WkOfbGSf0K4jJzV7Q"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
68ff7f5dca662780-PRG
expires
Wed, 07 Sep 2022 04:12:39 GMT
froala_editor.pkgd.min.css
cdnjs.cloudflare.com/ajax/libs/froala-editor/2.9.0/css/ Frame CF0F 		59 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/froala-editor/2.9.0/css/froala_editor.pkgd.min.css
Requested by
Host: helpdesk.file-tax.net
URL: https://helpdesk.file-tax.net/assets/52221/pub/build/messenger/602.6fcb7fbe.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
6779eea147dd9942589898e51b445ae781a89eca9c54f2deae2b83502359b6c4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1040.file-tax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 04:12:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1926112
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
6691
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:18 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e6a-edfc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cqnMTIUN%2BerBTR1iwAw9QORQOlug50VQdEFeFi7I9ioSZBAdxZXGQOGEA6CBV2XfBPIDUPI3SvjwG4VW7Ncrt0gU2gqVQ1gDUDm30Jn9sRHSmwb8a7TGMlmVpxQVYmojG8rLAgg4"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
68ff7f5dca672780-PRG
expires
Wed, 07 Sep 2022 04:12:39 GMT
froala_style.min.css
cdnjs.cloudflare.com/ajax/libs/froala-editor/2.9.0/css/ Frame CF0F 		8 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/froala-editor/2.9.0/css/froala_style.min.css
Requested by
Host: helpdesk.file-tax.net
URL: https://helpdesk.file-tax.net/assets/52221/pub/build/messenger/602.6fcb7fbe.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
40a0254f28dfd2cb290865e090319533fc71d45309c87cb1d14a8162bdc9687f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1040.file-tax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 04:12:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
458276
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
1512
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:18 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e6a-1e96"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQok3rhNd3dabtEqWJ9TZOe6FlIGaPbWAZG4I4%2B1N1cntcs464dPG%2F2RfA4V7IL%2FOka3WPo7Z6TP6Sk0koy2fR5GHo7Ab7ylGaddhfmrP80b0HisN6dUhmQgIFbrvobCXvkgPGxq"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
68ff7f5dca682780-PRG
expires
Wed, 07 Sep 2022 04:12:39 GMT
styles.css
helpdesk.file-tax.net/assets/52221/pub/build/messenger/assets/ Frame CF0F 		163 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://helpdesk.file-tax.net/assets/52221/pub/build/messenger/assets/styles.css
Requested by
Host: helpdesk.file-tax.net
URL: https://helpdesk.file-tax.net/assets/52221/pub/build/messenger/602.6fcb7fbe.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
160.1.97.239 Boardman, United States, ASN8987 (AMAZON EXPANSION, IE),
Reverse DNS
ec2-160-1-97-239.us-gov-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1040.file-tax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 17 Sep 2021 04:12:39 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jul 2021 13:45:06 GMT
Server
nginx
ETag
W/"60e45e62-3dca2"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/css
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
css
fonts.googleapis.com/ Frame 897D 		6 KB
602 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rubik:400,400i,700,700i
Requested by
Host: helpdesk.file-tax.net
URL: https://helpdesk.file-tax.net/assets/52221/pub/build/messenger/602.6fcb7fbe.chunk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
ESF /
Resource Hash
ead57087ba9ef5d0dda00049e0c89c40987dd3a38aef3906959bf031e340e20b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://1040.file-tax.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 17 Sep 2021 04:12:39 GMT
server
ESF
date
Fri, 17 Sep 2021 04:12:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Sep 2021 04:12:39 GMT
styles.css
helpdesk.file-tax.net/assets/52221/pub/build/messenger/assets/ Frame 897D 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
helpdesk.file-tax.net
URL
https://helpdesk.file-tax.net/assets/52221/pub/build/messenger/assets/styles.css

Verdicts & Comments Add Verdict or Comment

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster object| DESKPRO_MESSENGER_OPTIONS function| DESKPRO_MESSENGER_INIT object| op string| _opt_lpid boolean| isONTRApage object| $jscomp object| $jscomp$this function| anime function| $ function| jQuery function| cash object| M object| Materialize function| Hammer object| desExport function| des function| des_createKeys function| stringToHex function| hexToString object| XD number| ACCOUNT_SIGNUP_ERROR number| CC_VERIFY_POST number| CC_VERIFY_SHOW_IFRAME number| CC_VERIFY_HIDE_IFRAME number| CC_VERIFY_GET_CC_DATA number| LOG_LEVEL_ERROR number| LOG_LEVEL_WARNING number| LOG_LEVEL_DEBUG string| PROTOCOL string| COUPON_PROCESS_DOMAIN boolean| IN_DEBUG_MODE string| FORM_PROCESS_DOMAIN string| CC_VERIFY_DOMAIN function| OPCapcha_filled function| OPCapcha_expired function| Globalize function| OptDateTimePicker string| _mri string| _mrsess_ undefined| _mr_cid object| _mrd string| _mrl object| _mrct string| _mr_ex string| _linktrack string| _mr_title string| _mrl_internal_url string| _mrl_internal_domain function| mrSetupActual function| mrtracking function| gC function| parseGetVars function| genmrSess function| _escapeT function| _mrGetLinkTo function| _sanitizeMrLink function| _mrScanLinks function| _mrTrackLink function| _mrReturnXmlHttpObject string| _mr_domain string| session string| possible object| OntraportCountdown boolean| DESKPRO_MESSENGER_LOADED object| _mrTrackLinks object| DeskProMessenger

11 Cookies

Domain/Path Name / Value
t.secureuserclk.com/ Name: sess_
Value: 0ymty8tmnj0bj7fphm
t.secureuserclk.com/ Name: contact_identity_id
Value: 69119
t.secureuserclk.com/ Name: contact_id
Value: 69119
tracking.ontraport.com/ Name: sess_
Value: 0ymty8tmnj0bj7fphm
1040.file-tax.net/ Name: contact_identity_id
Value: 69119
1040.file-tax.net/ Name: lpsplt_231
Value: 0
1040.file-tax.net/ Name: referral_page
Value:
1040.file-tax.net/ Name: vid
Value:
1040.file-tax.net/ Name: lastvisit
Value: 1631851956
tracking.ontraport.com/ Name: mr_src
Value: lp231
1040.file-tax.net/ Name: sess_
Value: 0ymty8tmnj0bj7fphm

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1040.file-tax.net
app.ontraport.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
helpdesk.file-tax.net
i.ontraport.com
optassets.ontraport.com
pro.fontawesome.com
t.secureuserclk.com
tracking.ontraport.com
helpdesk.file-tax.net
104.16.19.94
104.16.21.19
104.18.22.52
142.250.184.234
142.250.185.99
160.1.97.239
209.170.211.179
209.170.211.187
01daba378883106007bc7f34e32f649b171502f17ee3fcc8e89aa36f78cacde8
05a55848815c20ac9e0c5df2732b2ce6b0c12018dec636956bd3f792c06c4aeb
08f45fad15e1e5112e34644b29db6ed4d26173282ee7c639f095ea1d0fef928e
09e0d55f1969cebd07d18dce41196551336fa10bef51ccd4879939d17f945da8
0a938256d2de59b044f8ca7c7aa0c788ed2ffa9a48bf0e3930a5830c4298f509
0d07858c87a850cf0090eaa6b9901093f5639c320d10a4cdbe76a5012cc91976
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f29024e6533cf32851f1be8def1893a13224ea97d37bba6285890023a173bf8
1f4f7c256f63fd1bb8f0ccf26588cc395d6629b3eb35d4854e6ba6bc6342cf04
2267303c44a9a4e6d4707315a7c7dcf5ed67eda0625a3c73887a0801b65563eb
2a42cc82f30fbf25a268f6d5a10158e8312a838222da6847158ea4175fa289d4
2af905d92cfd34b5413126a54f639da408166cbbcb54318e413ad5e10b5bf6ec
2c2348bbc056a14a9cd62dadb8d461800a192e8ba636f803d0ffddd753977976
2c71745918d46e6af5586966f2f42d86f2941efd67fed12961b5d1cbb331d4bc
2d0e338e7f5a2525b7e8a023b45c7afa1e4c2f60527a8c78a7a658efada6ca20
398aeee3c266005c4cb1ba93d1de89f6ac06f24e491df3b02486900d8a79b11f
40a0254f28dfd2cb290865e090319533fc71d45309c87cb1d14a8162bdc9687f
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
49d52af7d62f3f8403d58c67ae1b90e4f23bdab8a4b1dc8b837e7a43e7207db2
50fb77285161508cca98cfb1f2e539e3dd3e671bf0e7ac4ed296917af26d10be
5b2e71175b2bb8e673e1734f746a6c951188ab955e25d886aeda2b8c09569e5c
5e216637f4a7df41f3b559d1998bcb11854d5c05f6b7fed6327c428c33e2cb93
610cc9772c400bcf133dd868304582a617c2a9f99ee28e68d55dd3bc0b1e7572
6627622a89eb22c7f3dfa006382b179a05e5b229486bb7fc8552154c446718b6
6779eea147dd9942589898e51b445ae781a89eca9c54f2deae2b83502359b6c4
73a9c7944ce696c3622189e2f0706ccb9b9033b10f707414fe0ae14be6d68f08
79045a9e8c80d21be608088784374d236603299783961f11f764307d440dd73c
7a636645b3737950781932ab5bb1bd17355b9b02e4557ecb2a4dcf2d52b2d1e6
84fcb2ef05a0370adeb57dbd653a8a7c8866461115578b3fb7acb49b59a2a747
89dd2a66511098829a42208010991f9c8bb499283bfa5a0b221b275a068a6560
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
9ae7a56b76eae764fdf507e097e3495e1f889c2894bab563f96c40bf6242557f
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
b93b9165269362989e2855d0bf0ae232d7193a45c43627b2d03b26d7eb98263b
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d3a518dea876de39f9e5dc1ffcdeb6c661aee25d8a62474386b664ef3bf1b40f
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
e1a54c68b4bae0002cefe67bb68516126bde39b5b0d4477134670cc26d161d75
e4ea52964733ab098307e338c6ea17db420e9c0e66909337f6686420f1d44f01
ead57087ba9ef5d0dda00049e0c89c40987dd3a38aef3906959bf031e340e20b
ef00ced2ae9ae7aa67e5990b48f9ccbd64fb1567a78843e1be2e0b9166014771
f697537edc72c0764b1ff7e9f1d3e21f601d82afb169ca435fc3e7f1a3af2415
f99a9ff906f8f3e1831aa53bc5c02798b419c04fe05b915af37f28af38305432