Submitted URL: http://986329828437975.karbalakh.uk.com/rd/c17455QUPpi194642QnJd30452Wzr14899oIvD12
Effective URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Submission: On July 12 via manual from US — Scanned from US

Summary

This website contacted 19 IPs in 2 countries across 18 domains to perform 64 HTTP transactions. The main IP is 205.186.142.74, located in Ashburn, United States and belongs to GO-DADDY-COM-LLC, US. The main domain is www.1800freshtax.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 17th 2022. Valid for: a year.
This is the only time www.1800freshtax.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
26 cloudfront.net
d2o7mpkastex00.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
282 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63
21 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
428 KB
5 leadid.com
create.leadid.com
3 KB
5 1800freshtax.com
www.1800freshtax.com
102 KB
2 visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 4532
2 KB
2 callerready.com
widget.callerready.com
click.callerready.com
12 KB
2 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1032
31 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 88
ajax.googleapis.com — Cisco Umbrella Rank: 433
31 KB
2 uk.com
986329828437975.karbalakh.uk.com
638 B
1 trueleadid.com
deviceid.trueleadid.com
2 KB
1 lidstatic.com
create.lidstatic.com
39 KB
1 gstatic.com
fonts.gstatic.com
48 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 274
7 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 749
8 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 1191
48 KB
1 mlf-1800-trk.com
mlf-1800-trk.com
762 B
1 catophelm.com
www.catophelm.com
346 B
64 18
Domain Requested by
25 d2o7mpkastex00.cloudfront.net www.1800freshtax.com
d2o7mpkastex00.cloudfront.net
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
6 www.googletagmanager.com www.1800freshtax.com
www.googleoptimize.com
www.googletagmanager.com
www.google-analytics.com
5 create.leadid.com create.lidstatic.com
deviceid.trueleadid.com
5 www.1800freshtax.com 986329828437975.karbalakh.uk.com
www.1800freshtax.com
2 dev.visualwebsiteoptimizer.com www.1800freshtax.com
2 maxcdn.bootstrapcdn.com www.1800freshtax.com
2 986329828437975.karbalakh.uk.com 1 redirects
1 deviceid.trueleadid.com d2m2wsoho8qq12.cloudfront.net
1 d2m2wsoho8qq12.cloudfront.net create.lidstatic.com
1 create.lidstatic.com www.1800freshtax.com
1 click.callerready.com ajax.googleapis.com
1 fonts.gstatic.com fonts.googleapis.com
1 widget.callerready.com www.1800freshtax.com
1 cdnjs.cloudflare.com www.1800freshtax.com
1 ajax.googleapis.com www.1800freshtax.com
1 code.jquery.com www.1800freshtax.com
1 fonts.googleapis.com www.1800freshtax.com
1 www.googleoptimize.com www.1800freshtax.com
1 mlf-1800-trk.com 1 redirects
1 www.catophelm.com 1 redirects
64 21

This site contains links to these domains. Also see Links.

Domain
www.optout-trk.info
Subject Issuer Validity Valid
1800freshtax.com
Go Daddy Secure Certificate Authority - G2
2022-08-17 -
2023-09-18
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-12-30 -
2023-12-30
a year crt.sh
*.callerready.com
Go Daddy Secure Certificate Authority - G2
2023-03-07 -
2024-04-07
a year crt.sh
*.visualwebsiteoptimizer.com
Starfield Secure Certificate Authority - G2
2023-07-06 -
2024-07-06
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-06-19 -
2023-09-11
3 months crt.sh
lidstatic.com
Cloudflare Inc ECC CA-3
2023-02-28 -
2024-02-28
a year crt.sh
create.leadid.com
Amazon RSA 2048 M02
2023-02-23 -
2023-10-19
8 months crt.sh
deviceid.trueleadid.com
Amazon RSA 2048 M02
2023-02-24 -
2024-01-06
10 months crt.sh

This page contains 3 frames:

Primary Page: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Frame ID: 6F5A780EB8D6359F90798C916338758E
Requests: 61 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=EA69C459-8B80-E7BC-BC7D-C85C82F453C2&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=655AD47E-C37D-3C67-256D-00FBE29443A2&lac=581E5A37-7A2C-A742-C313-6F515B2D3222
Frame ID: 7B4A744F044CE61E103B80E553897319
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=EA69C459-8B80-E7BC-BC7D-C85C82F453C2&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=655AD47E-C37D-3C67-256D-00FBE29443A2&lac=581E5A37-7A2C-A742-C313-6F515B2D3222
Frame ID: 9D89A1D4CCDC840567A146DB170C4DCC
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

1800freshtax

Page URL History Show full URLs

  1. http://986329828437975.karbalakh.uk.com/rd/c17455QUPpi194642QnJd30452Wzr14899oIvD12 Page URL
  2. http://986329828437975.karbalakh.uk.com/track/c17455QUPpi194642QnJd30452Wzr14899oIvD12 HTTP 302
    https://www.catophelm.com/xDfN8QtV2_GhBE8fWQ8zNiNSi9NwJUP7LZzH0QqkKhcfsjF8GtBWFlk25pyDNf8xgrNNARJByQ_K... HTTP 302
    https://mlf-1800-trk.com/?a=44&oc=706&c=617&s1=822737&s2=732606229 HTTP 302
    https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]+foundation[^>"]+css

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

64
Requests

98 %
HTTPS

52 %
IPv6

18
Domains

21
Subdomains

19
IPs

2
Countries

1065 kB
Transfer

2636 kB
Size

17
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://986329828437975.karbalakh.uk.com/rd/c17455QUPpi194642QnJd30452Wzr14899oIvD12 Page URL
  2. http://986329828437975.karbalakh.uk.com/track/c17455QUPpi194642QnJd30452Wzr14899oIvD12 HTTP 302
    https://www.catophelm.com/xDfN8QtV2_GhBE8fWQ8zNiNSi9NwJUP7LZzH0QqkKhcfsjF8GtBWFlk25pyDNf8xgrNNARJByQ_Kc08IhjEBLQ~~/14/128-17455/194642-30452-14899 HTTP 302
    https://mlf-1800-trk.com/?a=44&oc=706&c=617&s1=822737&s2=732606229 HTTP 302
    https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

64 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
c17455QUPpi194642QnJd30452Wzr14899oIvD12
986329828437975.karbalakh.uk.com/rd/
243 B
360 B
Document
General
Full URL
http://986329828437975.karbalakh.uk.com/rd/c17455QUPpi194642QnJd30452Wzr14899oIvD12
Protocol
HTTP/1.1
Server
66.85.79.85 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
lfokfirikgo.com
Software
/
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-language
en-US,en;q=0.9

Response headers

Content-Length
243
Content-Type
text/html; charset=utf-8
Date
Wed, 12 Jul 2023 18:36:29 GMT
Primary Request /
www.1800freshtax.com/v6/
Redirect Chain
  • http://986329828437975.karbalakh.uk.com/track/c17455QUPpi194642QnJd30452Wzr14899oIvD12
  • https://www.catophelm.com/xDfN8QtV2_GhBE8fWQ8zNiNSi9NwJUP7LZzH0QqkKhcfsjF8GtBWFlk25pyDNf8xgrNNARJByQ_Kc08IhjEBLQ~~/14/128-17455/194642-30452-14899
  • https://mlf-1800-trk.com/?a=44&oc=706&c=617&s1=822737&s2=732606229
  • https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
84 KB
21 KB
Document
General
Full URL
https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Requested by
Host: 986329828437975.karbalakh.uk.com
URL: http://986329828437975.karbalakh.uk.com/rd/c17455QUPpi194642QnJd30452Wzr14899oIvD12
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.186.142.74 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
s828-5scj.accessdomain.com
Software
nginx / PleskLin PleskLin
Resource Hash
dd773dd7d0a2c943d04219651c766ff07c0aec629c29d453f53e590ea5e73912

Request headers

Referer
http://986329828437975.karbalakh.uk.com/rd/c17455QUPpi194642QnJd30452Wzr14899oIvD12
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 12 Jul 2023 18:36:32 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx
Transfer-Encoding
chunked
Vary
User-Agent,Accept-Encoding
X-Powered-By
PleskLin PleskLin

Redirect headers

cache-control
private
content-length
252
content-type
text/html; charset=utf-8
date
Wed, 12 Jul 2023 18:36:31 GMT
location
https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
optimize.js
www.googleoptimize.com/
121 KB
48 KB
Script
General
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-ND5LCJM
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3f5f2608b2da67bef1399540829e32eca250a31c6369f3b13deba9ef380b472e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 12 Jul 2023 18:36:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48285
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 12 Jul 2023 18:36:33 GMT
js
www.googletagmanager.com/gtag/
231 KB
81 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9SYN31N4S3
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b5f16bc6572e28b7d815ce6eff2ced8f05c92f0f305c57c25911ed39360be3a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 12 Jul 2023 18:36:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82753
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 12 Jul 2023 18:36:33 GMT
css
fonts.googleapis.com/
11 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::200a Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1ba6e02aa649aea52d79959ec42d68b9275396417950a5034ff5ea51b18fc2c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security
max-age=31536000
date
Wed, 12 Jul 2023 18:36:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 18:36:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 12 Jul 2023 18:36:33 GMT
jquery-ui.css
code.jquery.com/ui/1.12.1/themes/base/
35 KB
8 KB
Stylesheet
General
Full URL
https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 12 Jul 2023 18:36:33 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-8c85"
surrogate-control
max-age=315360000;hw-h2proxy
vary
Accept-Encoding
x-hw
1689186993.cdn4-pxy203-mia02.mi1.evs,1689186993.cds206.mi1.c
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000,public
accept-ranges
bytes
content-length
8323
style-min.css
d2o7mpkastex00.cloudfront.net/ft/css/
20 KB
4 KB
Stylesheet
General
Full URL
https://d2o7mpkastex00.cloudfront.net/ft/css/style-min.css
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:8e00:10:241a:e400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
eb656dbc55f69560deaf933a05f6169651c8e9e5d8930b402d4b95cc0a85850f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Thu, 06 Jul 2023 06:49:37 GMT
content-encoding
br
via
1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
last-modified
Thu, 06 Jul 2023 06:22:03 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
560816
etag
W/"64a65d8b-5129"
x-powered-by
PleskLin
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=2592000
x-amz-cf-id
olBhwea9nw0Bu_XU4vSMLfDEfj0bqwLcK_0XNH4tAtGHrCc0JF5qfA==
expires
Sat, 05 Aug 2023 06:49:37 GMT
app-min.css
d2o7mpkastex00.cloudfront.net/ft/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://d2o7mpkastex00.cloudfront.net/ft/css/app-min.css
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:8e00:10:241a:e400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
460bd1bfc965a4c336dca9377e97ee62b82e2d0da052c69a0d7b50de2a68b894

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Fri, 30 Jun 2023 11:21:59 GMT
content-encoding
br
via
1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
last-modified
Mon, 09 Dec 2019 12:26:20 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
1062874
etag
W/"5dee3d6c-150b"
x-powered-by
PleskLin
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=2592000
x-amz-cf-id
TQM798wNcid6yLtXG-TsKpWmZqGiuBbcecO_aSdXTmmhE2MMlRFxGQ==
expires
Sun, 30 Jul 2023 11:21:59 GMT
mainstyles-min.css
d2o7mpkastex00.cloudfront.net/ft/css/
8 KB
2 KB
Stylesheet
General
Full URL
https://d2o7mpkastex00.cloudfront.net/ft/css/mainstyles-min.css
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:8e00:10:241a:e400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
c92bd0e61b5a9a387d6dcdac17a8e8fbf2944fe8775ef6ed6b021c0f21355dfc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 05 Jul 2023 17:55:26 GMT
content-encoding
br
via
1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jul 2021 06:58:04 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
607267
etag
W/"60ee8afc-2016"
x-powered-by
PleskLin
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=2592000
x-amz-cf-id
dz8weQ3CmcrP3BFdpjUppNik8-NxYlbeItvC14llxZYTBN10H8u9Ag==
expires
Fri, 04 Aug 2023 17:55:26 GMT
foundation-min.css
d2o7mpkastex00.cloudfront.net/ft/css/
61 KB
11 KB
Stylesheet
General
Full URL
https://d2o7mpkastex00.cloudfront.net/ft/css/foundation-min.css
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:8e00:10:241a:e400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
67598d00b974bf1e6f6dab4debb0fc561999dc3ebb99c5fa910ab09a7dc427e4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 05 Jul 2023 22:09:19 GMT
content-encoding
br
via
1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
last-modified
Mon, 09 Dec 2019 12:26:24 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
592034
etag
W/"5dee3d70-f59d"
x-powered-by
PleskLin
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=2592000
x-amz-cf-id
yJPlNnCzsPSXKN5ZxTp8GjzcQTJWwC6eBjOS3JhUXXZwW12XS-z8yg==
expires
Fri, 04 Aug 2023 22:09:19 GMT
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/
118 KB
20 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.1800freshtax.com/
Origin
https://www.1800freshtax.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 12 Jul 2023 18:36:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
625
age
2055971
cdn-cachedat
06/12/2023 20:15:01
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver
1.03
cdn-requestpullcode
200
server
cloudflare
etag
W/"2f624089c65f12185e79925bc5a7fc42"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
fa445456b88023d1ae9f1a3b1304de56
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
7e5b64738f9e6de0-MIA
cdn-requestpullsuccess
True
stylev6.css
www.1800freshtax.com/v6/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://www.1800freshtax.com/v6/css/stylev6.css
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.186.142.74 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
s828-5scj.accessdomain.com
Software
nginx / PleskLin
Resource Hash
2b5176c0fcfe66f98d81a6156eeb75b8ebcb68eb1048ced84e99d40042b448a7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date
Wed, 12 Jul 2023 18:36:33 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Dec 2022 05:57:12 GMT
Server
nginx
ETag
W/"63abdab8-a95"
X-Powered-By
PleskLin
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Fri, 11 Aug 2023 18:36:33 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80e::200a Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 12 Jul 2023 14:26:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
15025
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 11 Jul 2024 14:26:08 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/
36 KB
11 KB
Script
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 12 Jul 2023 18:36:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
878
age
8465811
cdn-cachedat
09/04/2022 07:20:46
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"5869c96cc8f19086aee625d670d741f9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
6780c988b4031198ae4080b6d417b742
timing-allow-origin
*
cdn-requestcountrycode
US
cdn-status
200
cf-ray
7e5b64738eddda6f-MIA
cdn-requestpullsuccess
True
jquery.validate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.15.0/
22 KB
7 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.15.0/jquery.validate.min.js
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa1d80cdf0990e97a21069ab16c048ef90a35df1165b87d19accabd7c4edc860
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 12 Jul 2023 18:36:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
418965
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6511
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-58a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2FTMjfpcBYcXZFiICWcMsZmN8wAZLWRxUk79ewHGJ%2FQoYdcT8ibriEpwiJrBl6V8DXtqF1C3V%2BuhLMLogkgxD%2BwX5aeVimS%2By7UUv%2Bgchn5go9y9vzdCaj0RRWozhePE35mS9Vt1ldJUbHzM8SdhBtpB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7e5b64738b5d6dc8-MIA
expires
Mon, 01 Jul 2024 18:36:33 GMT
main-min.js
d2o7mpkastex00.cloudfront.net/ft/js/
3 KB
2 KB
Script
General
Full URL
https://d2o7mpkastex00.cloudfront.net/ft/js/main-min.js
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:8e00:10:241a:e400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
6dabe34d520aa6431c126cf4665649b7c1a10dfce19ecf50821e3a82c8c4e633

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 19 Jun 2023 17:32:07 GMT
content-encoding
gzip
via
1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
last-modified
Fri, 01 Apr 2022 07:41:14 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
1991066
etag
W/"6246ac9a-bc6"
x-powered-by
PleskLin
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=2592000
x-amz-cf-id
QzGqepX5a-WGu5gK7t7_KKOIoCuJIXkKpkiBaC-06HgJarmA6rJBow==
expires
Wed, 19 Jul 2023 17:32:07 GMT
jquery-ui-min.js
d2o7mpkastex00.cloudfront.net/ft/js/
315 KB
71 KB
Script
General
Full URL
https://d2o7mpkastex00.cloudfront.net/ft/js/jquery-ui-min.js
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:8e00:10:241a:e400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
c7e11fff3a33e79475aff7b7b9380d35dc2c17f5b3c0b23bc691244375a26877

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 19 Jun 2023 03:13:09 GMT
content-encoding
br
via
1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
last-modified
Mon, 09 Dec 2019 12:27:22 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
2042604
etag
W/"5dee3daa-4ebf0"
x-powered-by
PleskLin
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=2592000
x-amz-cf-id
c69DFmm4SwxCNycU9t7tddqpQYPxGTSl-9vT_lO-18oCNprDzg3AYA==
expires
Wed, 19 Jul 2023 03:13:09 GMT
jquery.ui.touch-punch-min.js
d2o7mpkastex00.cloudfront.net/ft/js/
2 KB
893 B
Script
General
Full URL
https://d2o7mpkastex00.cloudfront.net/ft/js/jquery.ui.touch-punch-min.js
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:8e00:10:241a:e400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
c2655b7ffc132350f07c4fb90e03c3eb294967bd722c056a39a2ef898d162b9e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Sat, 08 Jul 2023 01:25:17 GMT
content-encoding
br
via
1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
last-modified
Mon, 09 Dec 2019 12:27:19 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
407476
etag
W/"5dee3da7-675"
x-powered-by
PleskLin
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=2592000
x-amz-cf-id
Y_66TEsWPnmopPjn9UdllfnB0SvkoAwe4FvS_ONP8ZMRqAGrxIwxOA==
expires
Mon, 07 Aug 2023 01:25:17 GMT
jquery.maskedinput.min.js
www.1800freshtax.com/js/
3 KB
2 KB
Script
General
Full URL
https://www.1800freshtax.com/js/jquery.maskedinput.min.js
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.186.142.74 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
s828-5scj.accessdomain.com
Software
nginx / PleskLin
Resource Hash
a116f3ff289161a2499ad11d24b555e4beaaf050d026ed438c77dc8787ad892c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date
Wed, 12 Jul 2023 18:36:33 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Oct 2018 07:53:47 GMT
Server
nginx
ETag
W/"5bcd820b-df1"
X-Powered-By
PleskLin
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=2592000
Connection
keep-alive
Expires
Fri, 11 Aug 2023 18:36:33 GMT
1800-FT-logo.png
d2o7mpkastex00.cloudfront.net/ft/images/
5 KB
5 KB
Image
General
Full URL
https://d2o7mpkastex00.cloudfront.net/ft/images/1800-FT-logo.png
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:8e00:10:241a:e400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
f77d85c897b2a0f3ac2e9104fa12e0a12b7c5250de67d99bb708ce950b26d72c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 10 Apr 2023 16:50:38 GMT
via
1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
last-modified
Mon, 09 Dec 2019 12:26:28 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
8041555
etag
"5dee3d74-130f"
x-powered-by
PleskLin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
4879
x-amz-cf-id
Hi8OjvuCZYj3vYm4d_7PUp-weWEw6dq3xJsD55lpQlb6ux3NQkeUpQ==
expires
Tue, 09 Apr 2024 16:50:38 GMT
btn-next-arrow.png
d2o7mpkastex00.cloudfront.net/ft/images/
270 B
686 B
Image
General
Full URL
https://d2o7mpkastex00.cloudfront.net/ft/images/btn-next-arrow.png
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:8e00:10:241a:e400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PleskLin, PleskLin
Resource Hash
b3d83eb4d675b242a10a39e82b5b0e3f11af3cc85472fc9cfb3d446db379ae41

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 10 Apr 2023 16:50:38 GMT
via
1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
8041555
x-powered-by
PleskLin, PleskLin
x-cache
Hit from cloudfront
content-length
270
last-modified
Mon, 09 Dec 2019 12:26:32 GMT
server
nginx
x-accel-version
0.01
etag
"850ff-10e-599448170cbc2"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
aYVPC5u00VDr-LciHFnSZVlJSHrekvkLa9PR276PxTrY2gMnXGqnvg==
expires
Tue, 09 Apr 2024 16:50:38 GMT
millin.png
www.1800freshtax.com/ft/images/
29 KB
29 KB
Image
General
Full URL
https://www.1800freshtax.com/ft/images/millin.png
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.186.142.74 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
s828-5scj.accessdomain.com
Software
nginx / PleskLin
Resource Hash
f94e8943168a5755374371f3781f0906b89673d1947c3296374af202681fd485

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date
Wed, 12 Jul 2023 18:36:33 GMT
Last-Modified
Fri, 07 May 2021 11:58:43 GMT
Server
nginx
ETag
"60952b73-7428"
X-Powered-By
PleskLin
Content-Type
image/png
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29736
Expires
Thu, 11 Jul 2024 18:36:33 GMT
progress-step-2.png
d2o7mpkastex00.cloudfront.net/v6/progress-step/
2 KB
3 KB
Image
General
Full URL
https://d2o7mpkastex00.cloudfront.net/v6/progress-step/progress-step-2.png
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:8e00:10:241a:e400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
40f5141182a2c5b97de2aa58de389489c5d100427b24001bcf844cd42dc150ee

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 10 Apr 2023 16:50:38 GMT
via
1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
last-modified
Thu, 08 Jul 2021 11:03:22 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
8041555
etag
"60e6db7a-981"
x-powered-by
PleskLin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2433
x-amz-cf-id
hIi0Ei2xlwnQDUeTpBCDDSMCe8LhR8-FXS0p7mcLhd-raqziW3PGcQ==
expires
Tue, 09 Apr 2024 16:50:38 GMT
progress-step-3.png
d2o7mpkastex00.cloudfront.net/v6/progress-step/
2 KB
3 KB
Image
General
Full URL
https://d2o7mpkastex00.cloudfront.net/v6/progress-step/progress-step-3.png
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:8e00:10:241a:e400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
fe7fd66363473caf7a8967182fb81433f10f9c116e0d866de5e37bc5fb275274

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 10 Apr 2023 16:50:38 GMT
via
1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
last-modified
Thu, 08 Jul 2021 11:03:23 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
8041555
etag
"60e6db7b-99a"
x-powered-by
PleskLin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2458
x-amz-cf-id
BBY3yiKu1PHcB7geQfTcuPGXj4DHWUW8FF_LmP0dVYwLMYtlCJ3prg==
expires
Tue, 09 Apr 2024 16:50:38 GMT
progress-step-4.png
d2o7mpkastex00.cloudfront.net/v6/progress-step/
2 KB
3 KB
Image
General
Full URL
https://d2o7mpkastex00.cloudfront.net/v6/progress-step/progress-step-4.png
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:8e00:10:241a:e400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
b79b3ef4e5f06427d7365084d24a053dd2083cdd715078714b22cab780d360a9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 10 Apr 2023 16:50:38 GMT
via
1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
last-modified
Thu, 08 Jul 2021 11:03:24 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
8041555
etag
"60e6db7c-954"
x-powered-by
PleskLin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2388
x-amz-cf-id
2ERZzu3TI1lzZw7ZSJsxpOzy9gXvju5OZX9sR9BlCn9WgBkqjg2GWg==
expires
Tue, 09 Apr 2024 16:50:38 GMT
progress-step-5.png
d2o7mpkastex00.cloudfront.net/v6/progress-step/
2 KB
3 KB
Image
General
Full URL
https://d2o7mpkastex00.cloudfront.net/v6/progress-step/progress-step-5.png
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:8e00:10:241a:e400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
e0dec67d7f6a5d7a5be384394823ccf068081b53fffc9a2f401c2854172aa3b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 10 Apr 2023 16:50:38 GMT
via
1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
last-modified
Thu, 08 Jul 2021 11:03:25 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
8041555
etag
"60e6db7d-984"
x-powered-by
PleskLin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2436
x-amz-cf-id
YQPoENPm0Ibq-thX6eLZ6CRGLcxckJn4dAK9VfnurMWcXE9Cxil3KQ==
expires
Tue, 09 Apr 2024 16:50:38 GMT
progress-step-6.png
d2o7mpkastex00.cloudfront.net/v6/progress-step/
2 KB
3 KB
Image
General
Full URL
https://d2o7mpkastex00.cloudfront.net/v6/progress-step/progress-step-6.png
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:8e00:10:241a:e400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
53c4b2ebaa07c863702b24fd86ca7b58ee1439df0542193d9e6dfb0ced22e931

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 10 Apr 2023 16:50:38 GMT
via
1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
last-modified
Thu, 08 Jul 2021 11:03:26 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
8041555
etag
"60e6db7e-987"
x-powered-by
PleskLin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2439
x-amz-cf-id
tcn-hGMwKsUZ6ptWpoMhLBRqFeXb2ZwQctN2FTjxHdiDMwTW_tashQ==
expires
Tue, 09 Apr 2024 16:50:38 GMT
progress-step-7.png
d2o7mpkastex00.cloudfront.net/v6/progress-step/
2 KB
3 KB
Image
General
Full URL
https://d2o7mpkastex00.cloudfront.net/v6/progress-step/progress-step-7.png
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:8e00:10:241a:e400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
00b163837bdffe843ba31ecd012abd91b9b7ab5cad1672e314bd1c8f54b923ed

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 10 Apr 2023 16:50:38 GMT
via
1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
last-modified
Thu, 08 Jul 2021 11:03:27 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
8041555
etag
"60e6db7f-948"
x-powered-by
PleskLin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2376
x-amz-cf-id
vlP1xbViBjKepyFYNvwPx4T68zdDpOMMKfkBzS-Zjlpsa08eMiax4Q==
expires
Tue, 09 Apr 2024 16:50:38 GMT
privacy-icon.png
d2o7mpkastex00.cloudfront.net/ft/images/
230 B
645 B
Image
General
Full URL
https://d2o7mpkastex00.cloudfront.net/ft/images/privacy-icon.png
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:8e00:10:241a:e400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PleskLin, PleskLin
Resource Hash
7faf18a15b51016a923fd3218a9a069bcec17bfb22f7324f1a7e7507e62755b2

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 10 Apr 2023 16:50:38 GMT
via
1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
8041555
x-powered-by
PleskLin, PleskLin
x-cache
Hit from cloudfront
content-length
230
last-modified
Mon, 09 Dec 2019 12:26:54 GMT
server
nginx
x-accel-version
0.01
etag
"850e2-e6-5994482c4115b"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
w7uQ1zc3rfhWC88tXOM_j3TQOUM1MOqu1kz84JB0oGEF5hi-0vCzFw==
expires
Tue, 09 Apr 2024 16:50:38 GMT
progress-step-8.png
d2o7mpkastex00.cloudfront.net/v6/progress-step/
2 KB
2 KB
Image
General
Full URL
https://d2o7mpkastex00.cloudfront.net/v6/progress-step/progress-step-8.png
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:8e00:10:241a:e400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
c0369ae3fd09bc4a3e314514d85107b05a821365270d28309f0b7289b1098e0c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 10 Apr 2023 16:50:38 GMT
via
1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
last-modified
Thu, 08 Jul 2021 11:03:28 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
8041555
etag
"60e6db80-863"
x-powered-by
PleskLin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2147
x-amz-cf-id
28cC97JEY9xH5T1uhYRXuAxO9OPbEq5PQJhbNregXjWsoaE9m5J8xA==
expires
Tue, 09 Apr 2024 16:50:38 GMT
interested2.png
d2o7mpkastex00.cloudfront.net/ft/images/
910 B
1 KB
Image
General
Full URL
https://d2o7mpkastex00.cloudfront.net/ft/images/interested2.png
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:8e00:10:241a:e400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PleskLin, PleskLin
Resource Hash
2d6ffecda38c9f0bfde9f782f479b14792fdd89547f81887924b3bd35a93012c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 10 Apr 2023 16:50:38 GMT
via
1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
8041555
x-powered-by
PleskLin, PleskLin
x-cache
Hit from cloudfront
content-length
910
last-modified
Mon, 09 Dec 2019 12:39:10 GMT
server
nginx
x-accel-version
0.01
etag
"850e1-38e-59944aea09a45"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
S9KJdR0FqVVaDSDptGtt3IMktcCvL8KHOQ-J5-9luB4zDXps1I-Okw==
expires
Tue, 09 Apr 2024 16:50:38 GMT
interested3.png
d2o7mpkastex00.cloudfront.net/ft/images/
2 KB
3 KB
Image
General
Full URL
https://d2o7mpkastex00.cloudfront.net/ft/images/interested3.png
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:8e00:10:241a:e400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
1046706d46cc32596cf432a0809fc503c3d1140956323e43315c7bd8d52a0013

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 10 Apr 2023 16:50:38 GMT
via
1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
last-modified
Mon, 09 Dec 2019 12:26:47 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
8041555
etag
"5dee3d87-935"
x-powered-by
PleskLin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2357
x-amz-cf-id
oo2FvbembTK0ewZTxtOun5IpG_gSp_VvPACwcV0-a7lJioNB7gS48Q==
expires
Tue, 09 Apr 2024 16:50:38 GMT
interested4.png
d2o7mpkastex00.cloudfront.net/ft/images/
693 B
1 KB
Image
General
Full URL
https://d2o7mpkastex00.cloudfront.net/ft/images/interested4.png
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:8e00:10:241a:e400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PleskLin, PleskLin
Resource Hash
bd112480aef812fa57aafa2870dcc41f584ce8f97244d76bd87ba280387948d9

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 10 Apr 2023 16:50:38 GMT
via
1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
8041555
x-powered-by
PleskLin, PleskLin
x-cache
Hit from cloudfront
content-length
693
last-modified
Mon, 09 Dec 2019 12:26:48 GMT
server
nginx
x-accel-version
0.01
etag
"850f0-2b5-599448271ce45"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
xBE2pbDw-8XYEFoPlCXyBQqbR2UjtP2p5L2Vg54bzovRrP-2AgQGFw==
expires
Tue, 09 Apr 2024 16:50:38 GMT
interested1.png
d2o7mpkastex00.cloudfront.net/ft/images/
852 B
1 KB
Image
General
Full URL
https://d2o7mpkastex00.cloudfront.net/ft/images/interested1.png
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:8e00:10:241a:e400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PleskLin, PleskLin
Resource Hash
4e2c2bc0af39b00af5c84730718dc0c35b9adcb5906bff94e5ab47de98db5d10

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 10 Apr 2023 16:50:38 GMT
via
1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
8041555
x-powered-by
PleskLin, PleskLin
x-cache
Hit from cloudfront
content-length
852
last-modified
Mon, 09 Dec 2019 12:26:46 GMT
server
nginx
x-accel-version
0.01
etag
"85100-354-59944825299cd"
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
3XsVVCDxSZDrZbV_n9lkfHHJtMk6CNBw_NI8nBqC2IwkRfSaS2hgOQ==
expires
Tue, 09 Apr 2024 16:50:38 GMT
tax.png
d2o7mpkastex00.cloudfront.net/ft/images/
12 KB
12 KB
Image
General
Full URL
https://d2o7mpkastex00.cloudfront.net/ft/images/tax.png
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:8e00:10:241a:e400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
3a41fc34b77adc60eb5e70ae86e0b48b7e19ec460b6fb1b04433b88bb402270b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 10 Apr 2023 16:50:38 GMT
via
1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
last-modified
Mon, 09 Dec 2019 12:26:59 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
8041555
etag
"5dee3d93-2f2c"
x-powered-by
PleskLin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
content-length
12076
x-amz-cf-id
XdR7FsAxx31RmsKyDkiPIFeNzA952Cc15--uyeDWhvPSh7rffbcIrQ==
expires
Tue, 09 Apr 2024 16:50:38 GMT
fresh_start.jpg
d2o7mpkastex00.cloudfront.net/ft/images/
61 KB
62 KB
Image
General
Full URL
https://d2o7mpkastex00.cloudfront.net/ft/images/fresh_start.jpg
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:8e00:10:241a:e400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
182b3c9279b94d2a1dcbf7d3ae88ee831c5f592578e9052aab99dc9f77d92b90

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 10 Apr 2023 16:50:38 GMT
via
1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
last-modified
Mon, 09 Dec 2019 12:26:37 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
8041555
etag
"5dee3d7d-f5e9"
x-powered-by
PleskLin
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
62953
x-amz-cf-id
qZHOpriVP6KMPhGHLy4u9lGaGU5cEnbfs1vk9L3u7bQJBzYYzed1vw==
expires
Tue, 09 Apr 2024 16:50:38 GMT
please_wait.gif
www.1800freshtax.com/ft/images/
48 KB
48 KB
Image
General
Full URL
https://www.1800freshtax.com/ft/images/please_wait.gif
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
205.186.142.74 Ashburn, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
s828-5scj.accessdomain.com
Software
nginx / PleskLin
Resource Hash
9090cdece60946d0d2a27020967d395d313fe21201060a1688903bc8c48ef511

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

Date
Wed, 12 Jul 2023 18:36:33 GMT
Last-Modified
Mon, 22 Oct 2018 07:54:45 GMT
Server
nginx
ETag
"5bcd8245-bece"
X-Powered-By
PleskLin
Content-Type
image/gif
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
48846
Expires
Thu, 11 Jul 2024 18:36:33 GMT
cr_ringpool_2_0.js
widget.callerready.com/include/scripts/
11 KB
11 KB
Script
General
Full URL
https://widget.callerready.com/include/scripts/cr_ringpool_2_0.js
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.67.78.181 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-67-78-181.us-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8b778960c97ef39c87b9d5f8d5dacb1bede0f343356a9037424777a314421256

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 12 Jul 2023 18:36:33 GMT
last-modified
Mon, 26 Oct 2020 12:46:12 GMT
server
Microsoft-IIS/10.0
etag
"0c2fafb95abd61:0"
x-powered-by
ASP.NET
content-type
application/javascript
accept-ranges
bytes
content-length
11006
js
www.googletagmanager.com/gtag/
228 KB
80 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9SYN31N4S3&l=dataLayer&cx=c
Requested by
Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-ND5LCJM
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
671991e49cc2e56abf7d76b81fdc238071dd52211226ccb6cc4e8e3da70c9edb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 12 Jul 2023 18:36:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81831
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 12 Jul 2023 18:36:33 GMT
js
www.googletagmanager.com/gtag/
177 KB
64 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-232346502-3&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9SYN31N4S3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e815dbccd59c3a5f13c9c7517a3aeaccc57822d0a712ee1ee293738716cc934d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 12 Jul 2023 18:36:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65716
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 12 Jul 2023 18:36:33 GMT
collect
www.google-analytics.com/g/
0
258 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-9SYN31N4S3&gtm=45je37a0&_p=1664234345&cid=1598218210.1689186994&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1689186993&sct=1&seg=0&dl=https%3A%2F%2Fwww.1800freshtax.com%2Fv6%2F%3Freqid%3D23327887%26affid%3D44%26a%3D44%26cpAFID%3D44%26cpSID%3D822737%26s1%3D822737%26cpSID2%3D732606229&dr=http%3A%2F%2F986329828437975.karbalakh.uk.com%2F&dt=1800freshtax&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9SYN31N4S3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma
no-cache
date
Wed, 12 Jul 2023 18:36:33 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.1800freshtax.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
j.php
dev.visualwebsiteoptimizer.com/
3 KB
2 KB
Script
General
Full URL
https://dev.visualwebsiteoptimizer.com/j.php?a=721277&u=https%3A%2F%2Fwww.1800freshtax.com%2Fv6%2F%3Freqid%3D23327887%26affid%3D44%26a%3D44%26cpAFID%3D44%26cpSID%3D822737%26s1%3D822737%26cpSID2%3D732606229&f=1&vn=1.5
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gsc1 /
Resource Hash
d6f6214b87900527d53d3d54b38e7ce935d97204f84d707ada1c1d697014c7e7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 12 Jul 2023 18:36:33 GMT
content-encoding
gzip
via
1.1 google
server
gsc1
etag
W/"1689158114_EA"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0, no-cache, must-revalidate
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
gtm.js
www.googletagmanager.com/
126 KB
48 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TX6634H
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e4e6ae6f597e7f2b461c64b47bfbd34c862f8f29ff1a27ecfe7615eb131ad8da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 12 Jul 2023 18:36:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49476
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 12 Jul 2023 18:36:33 GMT
full-inner-box-bg.jpg
d2o7mpkastex00.cloudfront.net/ft/images/
32 KB
32 KB
Image
General
Full URL
https://d2o7mpkastex00.cloudfront.net/ft/images/full-inner-box-bg.jpg
Requested by
Host: d2o7mpkastex00.cloudfront.net
URL: https://d2o7mpkastex00.cloudfront.net/ft/css/style-min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:8e00:10:241a:e400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
692754f24d20f154f45e6f1abcc5ede911f03018c0d9cca0bd967845456b82ab

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d2o7mpkastex00.cloudfront.net/ft/css/style-min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 10 Apr 2023 16:50:38 GMT
via
1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
last-modified
Mon, 09 Dec 2019 12:26:39 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
8041555
etag
"5dee3d7f-7ff2"
x-powered-by
PleskLin
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
32754
x-amz-cf-id
lJ0knl8WA6i9J3CZvW51em3HFdGyMm_2SS-_6vTX4wHmxn9oe13SCw==
expires
Tue, 09 Apr 2024 16:50:38 GMT
truth.jpg
d2o7mpkastex00.cloudfront.net/ft/images/
49 KB
50 KB
Image
General
Full URL
https://d2o7mpkastex00.cloudfront.net/ft/images/truth.jpg
Requested by
Host: d2o7mpkastex00.cloudfront.net
URL: https://d2o7mpkastex00.cloudfront.net/ft/css/app-min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2510:8e00:10:241a:e400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
6885319e8e161c170f0317832e749966b44dee85396ec5c9e8110f9dbee97b32

Request headers

accept-language
en-US,en;q=0.9
Referer
https://d2o7mpkastex00.cloudfront.net/ft/css/app-min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Mon, 10 Apr 2023 16:50:38 GMT
via
1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
last-modified
Mon, 09 Dec 2019 12:27:04 GMT
server
nginx
x-amz-cf-pop
JFK50-P5
age
8041555
etag
"5dee3d98-c550"
x-powered-by
PleskLin
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
content-length
50512
x-amz-cf-id
zCVw18D0P2UALFJl_gGr5Z_Y2qhN5eloJSf-zHFsUMN3Ln3AZUe75w==
expires
Tue, 09 Apr 2024 16:50:38 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/
47 KB
48 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.1800freshtax.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Tue, 11 Jul 2023 22:34:53 GMT
x-content-type-options
nosniff
age
72100
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 Jul 2024 22:34:53 GMT
v.gif
dev.visualwebsiteoptimizer.com/
35 B
348 B
Image
General
Full URL
https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=721277&d=1800freshtax.com&u=D5961B38CD046717B0BE26BB9C1970604&h=c5cba7e8ad9fdd9a1c1cb80fed6e81ad&t=false&r=0.3948592087046692
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.102.137 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
137.102.96.34.bc.googleusercontent.com
Software
gnv3c /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma
no-cache
date
Wed, 12 Jul 2023 18:36:33 GMT
via
1.1 google
x-content-type-options
nosniff
server
gnv3c
content-type
image/gif
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 10 Jan 2005 00:00:01 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TX6634H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 12 Jul 2023 17:56:36 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2398
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 12 Jul 2023 19:56:36 GMT
js
www.googletagmanager.com/gtag/
225 KB
78 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KM1R7H42HL&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-232346502-3&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d8630e99a70328846c533190299be293e245532cd2d0158149fcb5d0e64ad364
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 12 Jul 2023 18:36:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80152
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 12 Jul 2023 18:36:34 GMT
ringpoolclick.aspx
click.callerready.com/
20 B
313 B
XHR
General
Full URL
https://click.callerready.com/ringpoolclick.aspx?ClientGuid=8726B511-5E23-4DA7-9E46-13AB24116D1B&VendorGuid=8e8d1d8f-19e9-4dca-9ee9-77f3bf208861&LocationCode=CRSS2165-102&reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229&_=1689186993498
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.193.27.29 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-193-27-29.us-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ea61a346f487472d53174f20a46cb0cc7be5a72d7fcc46e7d82a72ffb4ba5d12

Request headers

Accept
*/*
Referer
https://www.1800freshtax.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 12 Jul 2023 18:36:34 GMT
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cache-control
private
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Authorization
collect
www.google-analytics.com/j/
15 B
35 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1664234345&t=pageview&_s=1&dl=https%3A%2F%2Fwww.1800freshtax.com%2Fv6%2F%3Freqid%3D23327887%26affid%3D44%26a%3D44%26cpAFID%3D44%26cpSID%3D822737%26s1%3D822737%26cpSID2%3D732606229&dr=http%3A%2F%2F986329828437975.karbalakh.uk.com%2F&ul=en-us&de=UTF-8&dt=1800freshtax&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=1722464411&gjid=1402636517&cid=1598218210.1689186994&tid=UA-137171621-1&_gid=1241089746.1689186994&_r=1&_slc=1&gtm=45He37a0n81TX6634H&z=2010016088
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
d3197c54f8ba266b2c582a3fc90164f8b6b57c64e19fb83cd740c60a0a34637a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.1800freshtax.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 12 Jul 2023 18:36:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.1800freshtax.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
21 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1664234345&t=pageview&_s=1&dl=https%3A%2F%2Fwww.1800freshtax.com%2Fv6%2F%3Freqid%3D23327887%26affid%3D44%26a%3D44%26cpAFID%3D44%26cpSID%3D822737%26s1%3D822737%26cpSID2%3D732606229&dr=http%3A%2F%2F986329828437975.karbalakh.uk.com%2F&ul=en-us&de=UTF-8&dt=1800freshtax&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1989496832&gjid=915446887&cid=1598218210.1689186994&tid=UA-232346502-3&_gid=1241089746.1689186994&_r=1&gtm=457e37a0&jsscut=1&z=1417305359
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.1800freshtax.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 12 Jul 2023 18:36:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.1800freshtax.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-KM1R7H42HL&gtm=45je37a0&_p=1664234345&cid=1598218210.1689186994&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1689186994&sct=1&seg=0&dl=https%3A%2F%2Fwww.1800freshtax.com%2Fv6%2F%3Freqid%3D23327887%26affid%3D44%26a%3D44%26cpAFID%3D44%26cpSID%3D822737%26s1%3D822737%26cpSID2%3D732606229&dr=http%3A%2F%2F986329828437975.karbalakh.uk.com%2F&dt=1800freshtax&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KM1R7H42HL&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma
no-cache
date
Wed, 12 Jul 2023 18:36:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.1800freshtax.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/
213 KB
76 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-MPN36LE6HW&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2008 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9a9fc15be2ac35ca89b2add87cbf44d9253dc2fe8d39e433e662c80d191a3b8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 12 Jul 2023 18:36:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77871
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 12 Jul 2023 18:36:34 GMT
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-MPN36LE6HW&gtm=45je37a0&_p=1664234345&ul=en-us&sr=1600x1200&cid=1598218210.1689186994&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABA&ngs=1&_s=1&dl=https%3A%2F%2Fwww.1800freshtax.com%2Fv6%2F%3Freqid%3D23327887%26affid%3D44%26a%3D44%26cpAFID%3D44%26cpSID%3D822737%26s1%3D822737%26cpSID2%3D732606229&dr=http%3A%2F%2F986329828437975.karbalakh.uk.com%2F&dt=1800freshtax&sid=1689186994&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-MPN36LE6HW&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma
no-cache
date
Wed, 12 Jul 2023 18:36:34 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.1800freshtax.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-9SYN31N4S3&gtm=45je37a0&_p=1664234345&cid=1598218210.1689186994&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&ngs=1&_s=2&sid=1689186993&sct=1&seg=0&dl=https%3A%2F%2Fwww.1800freshtax.com%2Fv6%2F%3Freqid%3D23327887%26affid%3D44%26a%3D44%26cpAFID%3D44%26cpSID%3D822737%26s1%3D822737%26cpSID2%3D732606229&dr=http%3A%2F%2F986329828437975.karbalakh.uk.com%2F&dt=1800freshtax&en=scroll&epn.percent_scrolled=90&_et=22
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9SYN31N4S3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:824::200e Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

pragma
no-cache
date
Wed, 12 Jul 2023 18:36:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.1800freshtax.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
655ad47e-c37d-3c67-256d-00fbe29443a2.js
create.lidstatic.com/campaign/
123 KB
39 KB
Script
General
Full URL
https://create.lidstatic.com/campaign/655ad47e-c37d-3c67-256d-00fbe29443a2.js?snippet_version=2
Requested by
Host: www.1800freshtax.com
URL: https://www.1800freshtax.com/v6/?reqid=23327887&affid=44&a=44&cpAFID=44&cpSID=822737&s1=822737&cpSID2=732606229
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:29e5 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
2db995c4f33566ab77e5a48b743561dc270eef39944177bd9c2df6e0a1758b94

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.1800freshtax.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 12 Jul 2023 18:36:40 GMT
x-amz-version-id
NyRQ.c.56IQXet6MgKVI0pnSIojh1b88
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 12 Nov 2021 00:56:17 GMT
server
cloudflare
x-amz-request-id
KKGFEFCDMC4MJ2VD
age
1291
etag
W/"816d13693824540674cf577d37f66980"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=1800
x-amz-replication-status
COMPLETED
cf-ray
7e5b64a3dd50db09-MIA
x-amz-id-2
6vNcGUlW1oFq4AtabhN2dVzyt7SQ/Tu9fEJDl1HzhZ+0TKvD/cUr9+h9yir19xXSfEKL2uwGp50=
GenerateToken
create.leadid.com/2.11.9/
36 B
660 B
XHR
General
Full URL
https://create.leadid.com/2.11.9/GenerateToken?msn=1&pid=f05c8147-cb4e-4e16-b9f5-56ec72a07ec3&_=205084556
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/655ad47e-c37d-3c67-256d-00fbe29443a2.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.26.203 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8a70b6342e545e83f10620bc9f6066ff11fcbfa48599747c8e5649fcf6efcc01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.1800freshtax.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 12 Jul 2023 18:36:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 7B4A
3 KB
2 KB
Document
General
Full URL
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=EA69C459-8B80-E7BC-BC7D-C85C82F453C2&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=655AD47E-C37D-3C67-256D-00FBE29443A2&lac=581E5A37-7A2C-A742-C313-6F515B2D3222
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/655ad47e-c37d-3c67-256d-00fbe29443a2.js?snippet_version=2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.164.115.179 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.1800freshtax.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-language
en-US,en;q=0.9

Response headers

Age
53431
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 12 Jul 2023 07:08:12 GMT
ETag
W/"6487351c-dbb"
Last-Modified
Mon, 12 Jun 2023 15:09:16 GMT
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Transfer-Encoding
chunked
Via
1.1 a0be26685e47d6d6220ccd40bc5f0a4e.cloudfront.net (CloudFront)
X-Amz-Cf-Id
Zb7SrhnMsnhBC2wN3RGdQpiHR7EQRI3BuruPi-ogNVF6OSnML06Z0A==
X-Amz-Cf-Pop
JFK50-P6
X-Cache
Hit from cloudfront
SaveDom
create.leadid.com/2.11.9/
0
623 B
XHR
General
Full URL
https://create.leadid.com/2.11.9/SaveDom?msn=2&pid=f05c8147-cb4e-4e16-b9f5-56ec72a07ec3&token=EA69C459-8B80-E7BC-BC7D-C85C82F453C2&_=205084557
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/655ad47e-c37d-3c67-256d-00fbe29443a2.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.26.203 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.1800freshtax.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 12 Jul 2023 18:36:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
InitFormData
create.leadid.com/2.11.9/
0
623 B
XHR
General
Full URL
https://create.leadid.com/2.11.9/InitFormData?msn=3&pid=f05c8147-cb4e-4e16-b9f5-56ec72a07ec3&token=EA69C459-8B80-E7BC-BC7D-C85C82F453C2&_=205084558
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/655ad47e-c37d-3c67-256d-00fbe29443a2.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.26.203 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.1800freshtax.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 12 Jul 2023 18:36:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
iframe.html
deviceid.trueleadid.com/ Frame 9D89
4 KB
2 KB
Document
General
Full URL
https://deviceid.trueleadid.com/iframe.html?token=EA69C459-8B80-E7BC-BC7D-C85C82F453C2&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=655AD47E-C37D-3C67-256D-00FBE29443A2&lac=581E5A37-7A2C-A742-C313-6F515B2D3222
Requested by
Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=EA69C459-8B80-E7BC-BC7D-C85C82F453C2&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=655AD47E-C37D-3C67-256D-00FBE29443A2&lac=581E5A37-7A2C-A742-C313-6F515B2D3222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.38.172 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

Referer
https://d2m2wsoho8qq12.cloudfront.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
accept-language
en-US,en;q=0.9

Response headers

cache-control
max-age=86400 public
content-encoding
gzip
content-type
text/html
date
Wed, 12 Jul 2023 18:36:42 GMT
etag
W/"649348e0-1049"
expires
Thu, 13 Jul 2023 18:36:42 GMT
last-modified
Wed, 21 Jun 2023 19:00:48 GMT
p3p
CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
server
nginx
SaveDeviceId.js
create.leadid.com/2.11.9/ Frame 9D89
0
627 B
Script
General
Full URL
https://create.leadid.com/2.11.9/SaveDeviceId.js?lac=581E5A37-7A2C-A742-C313-6F515B2D3222&lck=655AD47E-C37D-3C67-256D-00FBE29443A2&methods=48&token=EA69C459-8B80-E7BC-BC7D-C85C82F453C2&uuid=e734cbf4b00a4bc78259edeab0b3375b
Requested by
Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=EA69C459-8B80-E7BC-BC7D-C85C82F453C2&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=655AD47E-C37D-3C67-256D-00FBE29443A2&lac=581E5A37-7A2C-A742-C313-6F515B2D3222
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.26.203 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://deviceid.trueleadid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67

Response headers

date
Wed, 12 Jul 2023 18:36:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT
Snap
create.leadid.com/2.11.9/
0
623 B
XHR
General
Full URL
https://create.leadid.com/2.11.9/Snap?msn=4&pid=f05c8147-cb4e-4e16-b9f5-56ec72a07ec3&token=EA69C459-8B80-E7BC-BC7D-C85C82F453C2&_=205084559
Requested by
Host: create.lidstatic.com
URL: https://create.lidstatic.com/campaign/655ad47e-c37d-3c67-256d-00fbe29443a2.js?snippet_version=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.204.26.203 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://www.1800freshtax.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
Content-type
application/x-www-form-urlencoded

Response headers

date
Wed, 12 Jul 2023 18:36:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
server
nginx
access-control-max-age
1728000
content-type
text/plain;charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
access-control-allow-headers
X-Requested-With, Content-Type
expires
Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| google_tag_manager object| google_tag_data object| dataLayer object| google_optimize function| gtag function| $ function| jQuery function| onYouTubeIframeAPIReady object| gaGlobal function| setFormValidation function| isStepFormComplete function| changeFormWizardStep function| onNextClick function| setFormListeners function| initForm number| settings_timer number| _vwo_settings_timer object| _vwo_code function| timer object| taxVal object| amount function| loadLeadiD string| _crVendorGuid string| _crClientGuid string| _crRingpoolLocationCode string| _crPostingLocationCode string| _crDefaultRingpoolNumber boolean| _crStickyRingpoolNumber boolean| _crIgnoreGoogleClientId string| _crNumberReplacementClass string| _crNumberReplacementElementId string| _crRingpoolTelTagClass string| _crDelayedVariables number| _vwo_j_e string| _vwo_mt string| _vwo_tm string| _vwo_cookieDomain number| _vwo_acc_id string| g object| vwo_iehack_queue string| GoogleAnalyticsObject function| ga boolean| _clickUrlIsFinal undefined| _crAdditionalVariables undefined| _crNumberElementId number| _crDelayedAttributeAttempts number| _crDelayedIncrement undefined| _crGoogleClientId undefined| _crClickId undefined| _crTargetPhone undefined| _crTrackingGuid undefined| _crCallStarted undefined| _crCallBillable undefined| _crInterval boolean| _crDebug string| _crClickBaseUrl string| _crRingpoolBaseUrl string| _crProto object| _crAjaxOptions string| _crPixelClickId undefined| _crScript_tag undefined| _crRootNode string| _crAmp string| _crClickUrl string| _crFetchRingPoolNumberUrl object| _crUrlVars function| generateClickUrl function| generateUUID function| RingpoolReady object| _crSnufflerList function| delayedVariableSnuffler object| gaplugins object| gaData number| pos object| arrContentElements object| arrNodes object| arrTelTagClasses

17 Cookies

Domain/Path Name / Value
.catophelm.com/ Name: uid10406
Value: 732606229-20230712143630-0594b5a25204a96cbe99f4ed644d0bdb-
.mlf-1800-trk.com/ Name: st
Value: KG2swT3HoVjjaN4KIOCnCBFRCu9UYlkboojimcprTxYKzO2lWPS0+g==
.mlf-1800-trk.com/ Name: tym
Value: aeMv9EQEqT3jaN4KIOCnCBFRCu9UYlkboojimcprTxYKzO2lWPS0+g==
.mlf-1800-trk.com/ Name: c84
Value: KG2swT3HoVjFRzdFJLAiCcp0pPUO8xRuqiAOqdDrM44=
www.1800freshtax.com/ Name: PHPSESSID
Value: sno07m29mlarnaal0sh9vvvmc2
.1800freshtax.com/ Name: _ga_9SYN31N4S3
Value: GS1.1.1689186993.1.0.1689186993.0.0.0
dev.visualwebsiteoptimizer.com/ Name: uuid
Value: DA757BAA6C8B24AA817D6328DE2B3B0C5
.1800freshtax.com/ Name: _vwo_uuid_v2
Value: D5961B38CD046717B0BE26BB9C1970604|c5cba7e8ad9fdd9a1c1cb80fed6e81ad
dev.visualwebsiteoptimizer.com/ Name: _vwo_ssm
Value: 1
widget.callerready.com/ Name: AWSALBCORS
Value: 0IApQ2qUzLTw8m1431A5SzUfI2oCvXNA374PhS8u8ELsqHWV4e8FA6EY8l7TVam+YMIWOngkHeIGH+V13jIpUTap1dIFJqXicXaHN3jeddxG4Y62DMYDBYG9Vi3s
.1800freshtax.com/ Name: _gid
Value: GA1.2.1241089746.1689186994
.1800freshtax.com/ Name: _gat_UA-137171621-1
Value: 1
.1800freshtax.com/ Name: _gat_gtag_UA_232346502_3
Value: 1
.1800freshtax.com/ Name: _ga_KM1R7H42HL
Value: GS1.1.1689186994.1.0.1689186994.0.0.0
.1800freshtax.com/ Name: _ga
Value: GA1.1.1598218210.1689186994
www.1800freshtax.com/ Name: CRRingpoolNumber
Value: 8557057886
.1800freshtax.com/ Name: _ga_MPN36LE6HW
Value: GS1.2.1689186994.1.0.1689186994.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

986329828437975.karbalakh.uk.com
ajax.googleapis.com
cdnjs.cloudflare.com
click.callerready.com
code.jquery.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
d2o7mpkastex00.cloudfront.net
dev.visualwebsiteoptimizer.com
deviceid.trueleadid.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
mlf-1800-trk.com
widget.callerready.com
www.1800freshtax.com
www.catophelm.com
www.google-analytics.com
www.googleoptimize.com
www.googletagmanager.com
18.164.115.179
18.204.26.203
2001:4de0:ac18::1:a:1a
205.186.142.74
2600:9000:2510:8e00:10:241a:e400:21
2606:4700:10::ac43:29e5
2606:4700::6811:180e
2606:4700::6812:bcf
2607:f8b0:4006:80e::200a
2607:f8b0:4006:817::2008
2607:f8b0:4006:81d::2003
2607:f8b0:4006:821::200e
2607:f8b0:4006:823::200a
2607:f8b0:4006:824::200e
3.215.38.172
34.96.102.137
44.224.10.104
45.45.217.118
54.193.27.29
54.67.78.181
66.85.79.85
00b163837bdffe843ba31ecd012abd91b9b7ab5cad1672e314bd1c8f54b923ed
1046706d46cc32596cf432a0809fc503c3d1140956323e43315c7bd8d52a0013
182b3c9279b94d2a1dcbf7d3ae88ee831c5f592578e9052aab99dc9f77d92b90
1ba6e02aa649aea52d79959ec42d68b9275396417950a5034ff5ea51b18fc2c8
2b5176c0fcfe66f98d81a6156eeb75b8ebcb68eb1048ced84e99d40042b448a7
2d6ffecda38c9f0bfde9f782f479b14792fdd89547f81887924b3bd35a93012c
2db995c4f33566ab77e5a48b743561dc270eef39944177bd9c2df6e0a1758b94
3a41fc34b77adc60eb5e70ae86e0b48b7e19ec460b6fb1b04433b88bb402270b
3f5f2608b2da67bef1399540829e32eca250a31c6369f3b13deba9ef380b472e
40f5141182a2c5b97de2aa58de389489c5d100427b24001bcf844cd42dc150ee
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
460bd1bfc965a4c336dca9377e97ee62b82e2d0da052c69a0d7b50de2a68b894
4e2c2bc0af39b00af5c84730718dc0c35b9adcb5906bff94e5ab47de98db5d10
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53c4b2ebaa07c863702b24fd86ca7b58ee1439df0542193d9e6dfb0ced22e931
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
671991e49cc2e56abf7d76b81fdc238071dd52211226ccb6cc4e8e3da70c9edb
67598d00b974bf1e6f6dab4debb0fc561999dc3ebb99c5fa910ab09a7dc427e4
6885319e8e161c170f0317832e749966b44dee85396ec5c9e8110f9dbee97b32
692754f24d20f154f45e6f1abcc5ede911f03018c0d9cca0bd967845456b82ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dabe34d520aa6431c126cf4665649b7c1a10dfce19ecf50821e3a82c8c4e633
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
7faf18a15b51016a923fd3218a9a069bcec17bfb22f7324f1a7e7507e62755b2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
8a70b6342e545e83f10620bc9f6066ff11fcbfa48599747c8e5649fcf6efcc01
8b778960c97ef39c87b9d5f8d5dacb1bede0f343356a9037424777a314421256
9090cdece60946d0d2a27020967d395d313fe21201060a1688903bc8c48ef511
9a9fc15be2ac35ca89b2add87cbf44d9253dc2fe8d39e433e662c80d191a3b8a
a116f3ff289161a2499ad11d24b555e4beaaf050d026ed438c77dc8787ad892c
aa1d80cdf0990e97a21069ab16c048ef90a35df1165b87d19accabd7c4edc860
b3d83eb4d675b242a10a39e82b5b0e3f11af3cc85472fc9cfb3d446db379ae41
b5f16bc6572e28b7d815ce6eff2ced8f05c92f0f305c57c25911ed39360be3a4
b79b3ef4e5f06427d7365084d24a053dd2083cdd715078714b22cab780d360a9
bd112480aef812fa57aafa2870dcc41f584ce8f97244d76bd87ba280387948d9
c0369ae3fd09bc4a3e314514d85107b05a821365270d28309f0b7289b1098e0c
c2655b7ffc132350f07c4fb90e03c3eb294967bd722c056a39a2ef898d162b9e
c7e11fff3a33e79475aff7b7b9380d35dc2c17f5b3c0b23bc691244375a26877
c92bd0e61b5a9a387d6dcdac17a8e8fbf2944fe8775ef6ed6b021c0f21355dfc
d3197c54f8ba266b2c582a3fc90164f8b6b57c64e19fb83cd740c60a0a34637a
d6f6214b87900527d53d3d54b38e7ce935d97204f84d707ada1c1d697014c7e7
d8630e99a70328846c533190299be293e245532cd2d0158149fcb5d0e64ad364
dd773dd7d0a2c943d04219651c766ff07c0aec629c29d453f53e590ea5e73912
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0dec67d7f6a5d7a5be384394823ccf068081b53fffc9a2f401c2854172aa3b4
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4e6ae6f597e7f2b461c64b47bfbd34c862f8f29ff1a27ecfe7615eb131ad8da
e815dbccd59c3a5f13c9c7517a3aeaccc57822d0a712ee1ee293738716cc934d
ea61a346f487472d53174f20a46cb0cc7be5a72d7fcc46e7d82a72ffb4ba5d12
eb656dbc55f69560deaf933a05f6169651c8e9e5d8930b402d4b95cc0a85850f
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
f77d85c897b2a0f3ac2e9104fa12e0a12b7c5250de67d99bb708ce950b26d72c
f94e8943168a5755374371f3781f0906b89673d1947c3296374af202681fd485
fe7fd66363473caf7a8967182fb81433f10f9c116e0d866de5e37bc5fb275274