secure.taxbandits.com Open in urlscan Pro
129.213.142.160 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://expressextension.us3.list-manage.com/track/click?u=1cb3bb0ad25f5870309e075ae&id=db63847e41&e=526ed36cc0
Effective URL:
https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressEx...
Submission: On March 26 via manual (March 26th 2020, 8:45:29 pm UTC) from US

Summary HTTP 76 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 22 IPs in 7 countries across 20 domains to perform 76 HTTP transactions. The main IP is 129.213.142.160, located in United States and belongs to ORACLE-BMC-31898, US. The main domain is secure.taxbandits.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 11th 2019. Valid for: a year.

This is the only time secure.taxbandits.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2.19.114.64 2.19.114.64	16625 (AKAMAI-AS) (AKAMAI-AS)
26	129.213.142.160 129.213.142.160	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
6	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
3	13.227.157.152 13.227.157.152	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:4004	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
4	2606:4700:10:... 2606:4700:10::6816:1883	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	147.75.100.69 147.75.100.69	54825 (PACKET) (PACKET)
1	216.58.210.2 216.58.210.2	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	147.75.32.99 147.75.32.99	54825 (PACKET) (PACKET)
1	147.75.102.239 147.75.102.239	54825 (PACKET) (PACKET)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
3	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:10:... 2606:4700:10::6816:1983	13335 (CLOUDFLAR...) (CLOUDFLARENET)
76	22

1 2.19.114.64 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-114-64.deploy.static.akamaitechnologies.com

expressextension.us3.list-manage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 129.213.142.160 (United States)

ASN31898 (ORACLE-BMC-31898, US)

secure.taxbandits.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.227.157.152 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-157-152.muc51.r.cloudfront.net

d7i0gxyscl483.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-v.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.100.69 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress16

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.210.2 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.32.99 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress12

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.75.102.239 (Central, Hong Kong)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress2

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:1983 (United States)

ASN13335 (CLOUDFLARENET, US)

vsa15.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	taxbandits.com secure.taxbandits.com	683 KB
7	tawk.to embed.tawk.to va.tawk.to static-v.tawk.to vsa15.tawk.to	116 KB
6	googleapis.com fonts.googleapis.com	5 KB
4	facebook.com www.facebook.com	723 B
4	google.de www.google.de	439 B
4	google.com 1 redirects www.google.com	852 B
4	doubleclick.net 1 redirects stats.g.doubleclick.net googleads.g.doubleclick.net	4 KB
3	jsdelivr.net cdn.jsdelivr.net	37 KB
3	facebook.net connect.facebook.net	255 KB
3	bing.com bat.bing.com	8 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	74 KB
3	google-analytics.com 1 redirects www.google-analytics.com	42 KB
3	cloudfront.net d7i0gxyscl483.cloudfront.net	8 KB
1	twitter.com analytics.twitter.com	651 B
1	t.co t.co	449 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	googleadservices.com www.googleadservices.com	10 KB
1	googletagmanager.com www.googletagmanager.com	44 KB
1	cloudflare.com cdnjs.cloudflare.com	5 KB
1	list-manage.com 1 redirects expressextension.us3.list-manage.com	1 KB
76	20

	Domain	Requested by
26	secure.taxbandits.com	secure.taxbandits.com
6	fonts.googleapis.com	secure.taxbandits.com embed.tawk.to
4	www.facebook.com	secure.taxbandits.com
4	www.google.de	secure.taxbandits.com
4	www.google.com	1 redirects secure.taxbandits.com
3	vsa15.tawk.to	embed.tawk.to
3	cdn.jsdelivr.net	embed.tawk.to
3	googleads.g.doubleclick.net	www.googleadservices.com
3	connect.facebook.net	secure.taxbandits.com connect.facebook.net
3	bat.bing.com	www.googletagmanager.com secure.taxbandits.com
3	www.google-analytics.com	1 redirects www.googletagmanager.com www.google-analytics.com
3	d7i0gxyscl483.cloudfront.net	secure.taxbandits.com
2	va.tawk.to	embed.tawk.to
1	static-v.tawk.to	embed.tawk.to
1	analytics.twitter.com	static.ads-twitter.com
1	vars.hotjar.com	static.hotjar.com
1	script.hotjar.com	static.hotjar.com
1	t.co	secure.taxbandits.com
1	stats.g.doubleclick.net	1 redirects
1	static.ads-twitter.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	static.hotjar.com	www.googletagmanager.com
1	embed.tawk.to	secure.taxbandits.com
1	www.googletagmanager.com	secure.taxbandits.com
1	cdnjs.cloudflare.com	secure.taxbandits.com
1	expressextension.us3.list-manage.com	1 redirects
76	26

This site contains links to these domains. Also see Links.

Domain
graph.facebook.com
accounts.google.com

Subject Issuer	Validity	Valid
*.taxbandits.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-11` - `2020-09-10`	a year	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2020-03-25` - `2020-10-09`	7 months	crt.sh
static.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2019-08-14` - `2020-08-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-03-01` - `2020-05-30`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-03-03` - `2020-05-26`	3 months	crt.sh
script.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
vars.hotjar.com Let's Encrypt Authority X3	`2020-02-03` - `2020-05-03`	3 months	crt.sh
*.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
ssl363648.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-02-22` - `2020-08-30`	6 months	crt.sh

This page contains 6 frames:

Primary Page: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
Frame ID: EF6D2620AF0D6D60968EB165E1D05AAD
Requests: 67 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: D6CB82F3DB6580A11F61E4DEF4D466B9
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: C3EBFA9AFF6317A2515E02088BAB35D9
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 61A907B009F6237BE296418B2B5C85B6
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 43303B76D58DADF4A118D8EBCD0F8CEC
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: E71B3F48DAACC08EBE56A926B7B7701A
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://expressextension.us3.list-manage.com/track/click?u=1cb3bb0ad25f5870309e075ae&id=db63847e41&e=526ed36cc0 HTTP 302
https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&... Page URL

Detected technologies

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

script /\/\/embed\.tawk\.to/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

76
Requests

100 %
HTTPS

58 %
IPv6

20
Domains

26
Subdomains

22
IPs

7
Countries

1295 kB
Transfer

4164 kB
Size

8
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://graph.facebook.com/oauth/authorize?client_id=707859769572845&redirect_uri=https://secure.taxbandits.com/User/FBCallBack&scope=email&auth_type=reauthenticate
Title: Sign In using Facebook

Search URL Search Domain Scan URL

URL: https://accounts.google.com/o/oauth2/auth?scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile&state=%2Fprofile&redirect_uri=https://secure.taxbandits.com/User/GoogleCallback&response_type=code&client_id=958910909715-lvbp78dvcpugfct31jc4aq9ik5dapctt.apps.googleusercontent.com&approval_prompt=force
Title: Sign In using Google

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://expressextension.us3.list-manage.com/track/click?u=1cb3bb0ad25f5870309e075ae&id=db63847e41&e=526ed36cc0 HTTP 302
https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1237622031&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.taxbandits.com%2F%3Fref%3Detf_signin%26_ga%3D2.178756068.1157792362.1585056175-2129591745.1572897951%26utm_source%3DExpressExtension%2BUsers%26utm_campaign%3D769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30%26utm_medium%3Demail%26utm_term%3D0_4a0a0695d8-769d53049d-216718681&ul=en-us&de=UTF-8&dt=Sign%20In%20%7C%20TaxBandits&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABg~&jid=1478116030&gjid=613157738&cid=178362723.1585255512&tid=UA-10955269-38&_gid=1149852228.1585255512&_r=1&gtm=2wg3i05Q3TRLB&z=1262684767 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10955269-38&cid=178362723.1585255512&jid=1478116030&_gid=1149852228.1585255512&gjid=613157738&_v=j81&z=1262684767 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10955269-38&cid=178362723.1585255512&jid=1478116030&_v=j81&z=1262684767 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10955269-38&cid=178362723.1585255512&jid=1478116030&_v=j81&z=1262684767&slf_rd=1&random=4161493675

76 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
secure.taxbandits.com/
Redirect Chain

https://expressextension.us3.list-manage.com/track/click?u=1cb3bb0ad25f5870309e075ae&id=db63847e41&e=526ed36cc0
https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&u...

61 KB
16 KB

344ms
107ms

Document
text/html

129.213.142.160
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

129.213.142.160 , United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

TBSWS /

Resource Hash

579282b595e33fc9be10b005e5330ed5979cfb2aa12e4a17fd43ee51d508a231

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: secure.taxbandits.com
:scheme: https
:path: /?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: document
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

status: 200
cache-control: private
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
server: TBSWS
strict-transport-security: max-age=31536000
set-cookie: ASP.NET_SessionId=boix2wmr0iwhny02z0wowcjh; path=/; secure; HttpOnly
x-aspnetmvc-version: 5.2
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
date: Thu, 26 Mar 2020 20:45:10 GMT
content-length: 16223

Redirect headers

status: 302
server: openresty
content-type: text/html; charset=UTF-8
content-length: 20
x-ua-compatible: IE=edge,chrome=1
location: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
referrer-policy: same-origin
content-encoding: gzip
vary: Accept-Encoding
date: Thu, 26 Mar 2020 20:45:10 GMT
set-cookie: _AVESTA_ENVIRONMENT=prod; path=/ _mcid=1.fb64564ce3a525f9f4cd8038771666d1.a700052f32881c179adf694d88a5689ff65dd40a8159d743fdbb49cc33ecf7cf; expires=Fri, 26-Mar-2021 20:45:10 GMT; Max-Age=31536000; path=/; domain=.mailchimp.com ak_bmsc=0487685ADB235F045E0FB1725278E5645C7B9B81BF65000056147D5E42800372~plda3hI+NBs/YPHF/xmrLtvQfMuOazBgvpi3JvqqjChZzqPQ+Qj5nxen1nwBt/zo0dWrrjPGf+j4rWNgrmgZpDZ6tFgO+OH0vV0nS1PxXUD1gxmFqOPupWkLVfCRlXXFNj7sRDsjtLXni50zrgdkc4m08oBPMkR6pUg4SXp1/h4HReZSxSjTf3P6TzkYg9iz4DtuJDgcibp20YZ19AN5Q2/HrcWN4VgGefXKMZ+PPXqpY=; expires=Thu, 26 Mar 2020 22:45:10 GMT; max-age=7200; path=/; domain=.us3.list-manage.com; HttpOnly bm_sz=233A31F0398B733BB194C36374A9D996~YAAQgZt7XMwAahhxAQAAWnKXGAfpI5VCXxeqe94q4ZXonIazE2BenKnXPCSvIM9+PG10yluawrPrlxnOqhmfdHtg8nWYgfT+WIcPWvjmGLXdvphWpLRlRyY0pFWcVQUtdZkBhttvH06UnRqhMtSYGEY9f2DNUHb11sTKiOIEBlKhsM2TjpEgf5FidzoxbhCc0XLC85s=; Domain=.list-manage.com; Path=/; Expires=Fri, 27 Mar 2020 00:45:10 GMT; Max-Age=14400; HttpOnly _abck=61A51A2DB73D8EE7D7E3690EB4D79A31~-1~YAAQgZt7XM0AahhxAQAAWnKXGAP6GNzq7abe5vfaJefG3nlPNvmiBciy4KtIc9luz1gXhFJ9t0dnCzHogoudf/k9FqG/GjkNOrSw1o1CQ3Npy3NkgirhM2MuLuhsGMPYWtKNEtlyXZ/MP8UpFTFBSBqTxtKJ62JWze4xQoQ0JT81jrba4mP/2MqY73dq6bMtGKoOlTumWg/ER17eh0PpN7vRtG4eMTDioXC4qotWRVjuyC6lJHx3HQFBSmasJcEYpL51izvj9TnHETyKzo90J4ITmXIuiCmbW5EjnrQRhchGJI0aBDycJWf2UuRVJjU=~-1~-1~-1; Domain=.list-manage.com; Path=/; Expires=Fri, 26 Mar 2021 20:45:10 GMT; Max-Age=31536000; Secure

GET
H2 200 css
fonts.googleapis.com/ 25 KB
1 KB 21ms
18ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,800italic,800,700italic

Requested by

Host: secure.taxbandits.com
URL: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d3fb385aad2757e720c0e49ca0b807172ff255ad2dc2bf4b1998e632297800a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 26 Mar 2020 20:45:11 GMT
server: ESF
date: Thu, 26 Mar 2020 20:45:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 26 Mar 2020 20:45:11 GMT

GET
H2 200 passwordRulesHelper.css
secure.taxbandits.com/Content/ 2 KB
959 B 102ms
99ms Stylesheet
text/css 129.213.142.160
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.taxbandits.com/Content/passwordRulesHelper.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

129.213.142.160 , United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

TBSWS /

Resource Hash

cc785971257177efefe0400ae53a928b2d34a4302f05c37b0e05d802838157e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 09 Dec 2019 17:00:36 GMT
server: TBSWS
etag: "0d242db2aed51:0"
x-frame-options: SAMEORIGIN
content-type: text/css
status: 200
date: Thu, 26 Mar 2020 20:45:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-length: 865
x-xss-protection: 1; mode=block

GET
H2 200 jquery Show response
secure.taxbandits.com/bundles/ 85 KB
38 KB 197ms
194ms Script
text/javascript 129.213.142.160
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.taxbandits.com/bundles/jquery?v=DilzeZuJxdbQsfc_JOwsWB4VFDhTPM73urYeggaKdL81

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

129.213.142.160 , United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

TBSWS /

Resource Hash

17b1fec86f2799119ad9051477be641fcc40e0c86a09f7c49c4d1b93ac556869

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Mar 2020 20:45:11 GMT
server: TBSWS
date: Thu, 26 Mar 2020 20:45:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public
vary: User-Agent,Accept-Encoding
content-length: 39217
x-xss-protection: 1; mode=block
expires: Fri, 26 Mar 2021 20:45:11 GMT

GET
H2 200 bootstrap Show response
secure.taxbandits.com/bundles/ 44 KB
16 KB 195ms
192ms Script
text/javascript 129.213.142.160
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.taxbandits.com/bundles/bootstrap?v=enDNRv_fbc_C04MWi6SHz7ALr3lGishXiOaDEWLq1hI1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

129.213.142.160 , United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

TBSWS /

Resource Hash

5061f7e6a48733d2f2a04a97215563e2aa56bd305ce6af732fa2a68febceda84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Mar 2020 20:45:11 GMT
server: TBSWS
date: Thu, 26 Mar 2020 20:45:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public
vary: User-Agent,Accept-Encoding
content-length: 15858
x-xss-protection: 1; mode=block
expires: Fri, 26 Mar 2021 20:45:11 GMT

GET
H2 200 jqueryui Show response
secure.taxbandits.com/bundles/ 247 KB
89 KB 292ms
289ms Script
text/javascript 129.213.142.160
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.taxbandits.com/bundles/jqueryui?v=4wk3vpAM5e15eFhIIiHHawwKes2icINLp9J-NBqewGU1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

129.213.142.160 , United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

TBSWS /

Resource Hash

9f6e599ee759753214a54335ee603154c43ae0240d791211695ca29bd317a05b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Mar 2020 20:45:11 GMT
server: TBSWS
date: Thu, 26 Mar 2020 20:45:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public
vary: User-Agent,Accept-Encoding
x-xss-protection: 1; mode=block
expires: Fri, 26 Mar 2021 20:45:11 GMT

GET
H2 200 jqueryval Show response
secure.taxbandits.com/bundles/ 30 KB
12 KB 106ms
103ms Script
text/javascript 129.213.142.160
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.taxbandits.com/bundles/jqueryval?v=EPsGA8WCKdSTAUqh-muLJVW2F3NuSYS0-k1Gy3A7sS81

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

129.213.142.160 , United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

TBSWS /

Resource Hash

951250ebde16d7ac4f75e7c870cfaeed33fb6ba9fa910976c37e154e9710eaff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Mar 2020 20:45:11 GMT
server: TBSWS
date: Thu, 26 Mar 2020 20:45:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public
vary: User-Agent,Accept-Encoding
content-length: 12550
x-xss-protection: 1; mode=block
expires: Fri, 26 Mar 2021 20:45:11 GMT

GET
H2 200 modernizr Show response
secure.taxbandits.com/bundles/ 11 KB
5 KB 105ms
102ms Script
text/javascript 129.213.142.160
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.taxbandits.com/bundles/modernizr?v=inCVuEFe6J4Q07A0AcRsbJic_UE5MwpRMNGcOtk94TE1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

129.213.142.160 , United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

TBSWS /

Resource Hash

9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Mar 2020 20:45:11 GMT
server: TBSWS
date: Thu, 26 Mar 2020 20:45:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public
vary: User-Agent,Accept-Encoding
content-length: 5292
x-xss-protection: 1; mode=block
expires: Fri, 26 Mar 2021 20:45:11 GMT

GET
H2 200 dataTables Show response
secure.taxbandits.com/bundles/ 112 KB
45 KB 379ms
377ms Script
text/javascript 129.213.142.160
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.taxbandits.com/bundles/dataTables?v=tnMFR_S_RIsy-B3y_4GO_Dtc04cyzm6TSQLSL0_F2_M1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

129.213.142.160 , United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

TBSWS /

Resource Hash

7028fb3c3436dafbf5db8a57dccba8398de00eb51f993eb10b8753202cb77d74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Mar 2020 20:45:11 GMT
server: TBSWS
date: Thu, 26 Mar 2020 20:45:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public
vary: User-Agent,Accept-Encoding
content-length: 45597
x-xss-protection: 1; mode=block
expires: Fri, 26 Mar 2021 20:45:11 GMT

GET
H2 200 ETF Show response
secure.taxbandits.com/bundles/ 335 KB
105 KB 380ms
378ms Script
text/javascript 129.213.142.160
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.taxbandits.com/bundles/ETF?v=uDOuyfkW9lySmWyL7sDpmfKvzWzudCtuQUN7zLx77KA1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

129.213.142.160 , United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

TBSWS /

Resource Hash

2685392030e3caa7ae5bb791d701581b44e635be559ad1e88a5a5edbb4f98bc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Mar 2020 20:45:11 GMT
server: TBSWS
date: Thu, 26 Mar 2020 20:45:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
status: 200
cache-control: public
vary: User-Agent,Accept-Encoding
x-xss-protection: 1; mode=block
expires: Fri, 26 Mar 2021 20:45:11 GMT

GET
H2 200 logincss
secure.taxbandits.com/Content/ 313 KB
71 KB 288ms
285ms Stylesheet
text/css 129.213.142.160
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.taxbandits.com/Content/logincss?v=i6DS2LkqcAHKC0RW1Yheh_5JQzXqdLzLyurmSGA7XKw1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

129.213.142.160 , United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

TBSWS /

Resource Hash

f0ef18844057c484349306adbb61de588430d4d858c9e5f44330faa66f45389d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 26 Mar 2020 20:45:11 GMT
server: TBSWS
date: Thu, 26 Mar 2020 20:45:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
cache-control: public
vary: User-Agent,Accept-Encoding
x-xss-protection: 1; mode=block
expires: Fri, 26 Mar 2021 20:45:11 GMT

GET
H2 200 jquery-migrate-3.1.0.min.js Show response
secure.taxbandits.com/Scripts/ 9 KB
4 KB 382ms
380ms Script
application/javascript 129.213.142.160
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.taxbandits.com/Scripts/jquery-migrate-3.1.0.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

129.213.142.160 , United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

TBSWS /

Resource Hash

3e408d8ee7292025667852fd6b0712cf66513d759a0ad505e217beb81f4492ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 09 Dec 2019 17:00:36 GMT
server: TBSWS
etag: "0d242db2aed51:0"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
date: Thu, 26 Mar 2020 20:45:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-length: 3941
x-xss-protection: 1; mode=block

GET
H2 200 jquery.resourcebundle.js Show response
secure.taxbandits.com/Scripts/ 760 B
630 B 104ms
102ms Script
application/javascript 129.213.142.160
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.taxbandits.com/Scripts/jquery.resourcebundle.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

129.213.142.160 , United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

TBSWS /

Resource Hash

69a567327a2b986766ce4907452afeb57f69a067686d66e3197706bafe016b2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 04 Nov 2019 21:04:54 GMT
server: TBSWS
etag: "0df68815393d51:0"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
date: Thu, 26 Mar 2020 20:45:10 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-length: 529
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK spantestingsite.js Show response
d7i0gxyscl483.cloudfront.net/testsite/ 4 KB
2 KB 600ms
533ms Script
application/javascript 13.227.157.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d7i0gxyscl483.cloudfront.net/testsite/spantestingsite.js
Requested by: Host: secure.taxbandits.com
URL: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.227.157.152 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-157-152.muc51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7ea54b2b0edad18bb15cf91a2b0a959c30dec9b21d050114cf6ff1da2fba9849

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 26 Mar 2020 20:45:12 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Mar 2019 06:00:54 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC51-C1
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Content-Type: application/javascript
Via: 1.1 68bd6f488cd5f9867287f467b777d12a.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: k1IGO22X9gP4e7ZQSPcf-frAFiwITH0x9_hUpPkj72YTA_7eROQzDA==

GET
H/1.1 200
OK spantestingsite.css
d7i0gxyscl483.cloudfront.net/testsite/ 5 KB
2 KB 516ms
449ms Stylesheet
text/css 13.227.157.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d7i0gxyscl483.cloudfront.net/testsite/spantestingsite.css
Requested by: Host: secure.taxbandits.com
URL: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.227.157.152 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-157-152.muc51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5ed1cd8a361e17a0ac2050126dd9125260343597effeccba62a6e84eeb13c79e

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Thu, 26 Mar 2020 20:45:12 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Dec 2019 09:39:57 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC51-C1
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Content-Type: text/css
Via: 1.1 48d48000b22cc0a73550fdae51ee2662.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: Dor4sE6fYI0qZFQhk2u4fJwtSwtb4DzA6zHrq8DuAMq1r__JVrEanA==

GET
H2 200 jquery.mask.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/ 20 KB
5 KB 102ms
100ms Script
application/javascript 2606:4700::6811:4004
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 20:45:11 GMT
content-encoding: br
cf-cache-status: HIT
age: 12836850
cf-ray: 57a3b6c038f71752-FRA
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified: Thu, 17 May 2018 09:20:59 GMT
server: cloudflare
etag: W/"5afd497b-4e98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 16 Mar 2021 20:45:11 GMT
cache-control: public, max-age=30672000
timing-allow-origin: *
served-in-seconds: 0.001

GET
H/1.1 200
OK jQuery.noBrowserSupport.js Show response
d7i0gxyscl483.cloudfront.net/Scripts/ 11 KB
5 KB 519ms
450ms Script
application/x-javascript 13.227.157.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d7i0gxyscl483.cloudfront.net/Scripts/jQuery.noBrowserSupport.js
Requested by: Host: secure.taxbandits.com
URL: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.227.157.152 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-157-152.muc51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 655d22f1e57a210e92020f519df7648ed54b9ec2624b14a34912fa567f84c215

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Thu, 26 Mar 2020 20:45:12 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 May 2016 09:49:31 GMT
Server: AmazonS3
X-Amz-Cf-Pop: MUC51-C1
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
Content-Type: application/x-javascript
Via: 1.1 80f506314db20ab597e236137f18accc.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: EXMve0pKT_lHrnxMCQtiGPRP_8elpckNLsUvijYNDniw5ryKjI9CQA==

GET
H2 200 new-irs-efile.png
secure.taxbandits.com/Content/Images/ 63 KB
63 KB 198ms
197ms Image
image/png 129.213.142.160
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.taxbandits.com/Content/Images/new-irs-efile.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

129.213.142.160 , United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

TBSWS /

Resource Hash

83e365984650e7bcbdf3bd8a386854726be573b275e852e48c1227b43bb42dac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 25 Jan 2020 00:06:42 GMT
server: TBSWS
etag: "0558b5213d3d51:0"
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
date: Thu, 26 Mar 2020 20:45:10 GMT
accept-ranges: bytes
content-length: 64142
x-xss-protection: 1; mode=block

GET
H2 200 irs-provider.png
secure.taxbandits.com/Content/Images/ 10 KB
10 KB 100ms
99ms Image
image/png 129.213.142.160
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.taxbandits.com/Content/Images/irs-provider.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

129.213.142.160 , United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

TBSWS /

Resource Hash

b44ffd171a2d61f9b9cc9c0025a83ca3f9499a80df1aa18cd0b700da3501ad34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 25 Jan 2020 00:06:42 GMT
server: TBSWS
etag: "0558b5213d3d51:0"
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
date: Thu, 26 Mar 2020 20:45:10 GMT
accept-ranges: bytes
content-length: 9815
x-xss-protection: 1; mode=block

GET
H2 200 logo.png
secure.taxbandits.com/Content/Images/ 12 KB
12 KB 100ms
99ms Image
image/png 129.213.142.160
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.taxbandits.com/Content/Images/logo.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

129.213.142.160 , United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

TBSWS /

Resource Hash

f1677a7e16a9aad753b579d590ccf3f18f83704170ee74446b3008af9f5cc834

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 25 Jan 2020 00:06:42 GMT
server: TBSWS
etag: "0558b5213d3d51:0"
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
date: Thu, 26 Mar 2020 20:45:10 GMT
accept-ranges: bytes
content-length: 12048
x-xss-protection: 1; mode=block

GET
H2 200 callIcon.png
secure.taxbandits.com/Content/Images/ 16 KB
16 KB 99ms
99ms Image
image/png 129.213.142.160
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.taxbandits.com/Content/Images/callIcon.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

129.213.142.160 , United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

TBSWS /

Resource Hash

ac8af7cdaafe06cf4c0b23814cc7f50c3e48dfd964367c9a805f635b0c28ab5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 09 Dec 2019 17:00:36 GMT
server: TBSWS
etag: "0d242db2aed51:0"
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
date: Thu, 26 Mar 2020 20:45:10 GMT
accept-ranges: bytes
content-length: 15915
x-xss-protection: 1; mode=block

GET
H2 200 mail_xs.png
secure.taxbandits.com/Content/Images/ 17 KB
17 KB 110ms
110ms Image
image/png 129.213.142.160
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.taxbandits.com/Content/Images/mail_xs.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

129.213.142.160 , United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

TBSWS /

Resource Hash

83e98c5fe8e293fccfd7cbd803d93296706e84ccbf77550137062b14579ecfd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 09 Dec 2019 17:00:36 GMT
server: TBSWS
etag: "0d242db2aed51:0"
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
date: Thu, 26 Mar 2020 20:45:10 GMT
accept-ranges: bytes
content-length: 17594
x-xss-protection: 1; mode=block

GET
H2 200 fb_icon.png
secure.taxbandits.com/Content/Images/ 1 KB
1 KB 98ms
98ms Image
image/png 129.213.142.160
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.taxbandits.com/Content/Images/fb_icon.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

129.213.142.160 , United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

TBSWS /

Resource Hash

0233f3347037a4ccead26dd9ee13c9635db56111b286e825188b279988ba7de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 04 Nov 2019 21:04:52 GMT
server: TBSWS
etag: "0b237805393d51:0"
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
date: Thu, 26 Mar 2020 20:45:10 GMT
accept-ranges: bytes
content-length: 1196
x-xss-protection: 1; mode=block

GET
H2 200 google_icon.png
secure.taxbandits.com/Content/Images/ 3 KB
3 KB 99ms
98ms Image
image/png 129.213.142.160
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.taxbandits.com/Content/Images/google_icon.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

129.213.142.160 , United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

TBSWS /

Resource Hash

11fc360b607a4b85665762cb8c38a07807908e9e415cd55b964e7be841f7c91f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 04 Nov 2019 21:04:52 GMT
server: TBSWS
etag: "0b237805393d51:0"
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
date: Thu, 26 Mar 2020 20:45:10 GMT
accept-ranges: bytes
content-length: 2840
x-xss-protection: 1; mode=block

GET
H2 200 css
fonts.googleapis.com/ 2 KB
607 B 20ms
19ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Crimson+Text:400,600,700|Julius+Sans+One

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0e7854393ea62ff094c06e6600d985d98a35d1e34ee60a368e585b8cb29d2d12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 26 Mar 2020 20:45:11 GMT
server: ESF
date: Thu, 26 Mar 2020 20:45:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 26 Mar 2020 20:45:11 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 146 KB
44 KB 51ms
51ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5Q3TRLB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

97b593b02b8bdf7f6d056f722ed3d0ef612534417b995c313a5f5f81304db4ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 20:45:11 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 44852
x-xss-protection: 0
last-modified: Thu, 26 Mar 2020 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 26 Mar 2020 20:45:11 GMT

GET
H2 200 new-circle-orange.png
secure.taxbandits.com/Content/Images/ 453 B
496 B 103ms
102ms Image
image/png 129.213.142.160
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.taxbandits.com/Content/Images/new-circle-orange.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

129.213.142.160 , United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

TBSWS /

Resource Hash

af9e9d779b4a7c5a3b055353c754479c00419a366c86534609740dd8385861c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.taxbandits.com/Content/logincss?v=i6DS2LkqcAHKC0RW1Yheh_5JQzXqdLzLyurmSGA7XKw1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 25 Jan 2020 00:06:42 GMT
server: TBSWS
etag: "0558b5213d3d51:0"
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
date: Thu, 26 Mar 2020 20:45:10 GMT
accept-ranges: bytes
content-length: 453
x-xss-protection: 1; mode=block

GET
H2 200 new-tick-green.png
secure.taxbandits.com/Content/Images/ 283 B
326 B 103ms
102ms Image
image/png 129.213.142.160
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.taxbandits.com/Content/Images/new-tick-green.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

129.213.142.160 , United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

TBSWS /

Resource Hash

129f6edb23e179d932742ab237a653217bcf747da133f42d7879fe20a91fc0f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.taxbandits.com/Content/logincss?v=i6DS2LkqcAHKC0RW1Yheh_5JQzXqdLzLyurmSGA7XKw1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 25 Jan 2020 00:06:42 GMT
server: TBSWS
etag: "0558b5213d3d51:0"
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
date: Thu, 26 Mar 2020 20:45:10 GMT
accept-ranges: bytes
content-length: 283
x-xss-protection: 1; mode=block

GET
H2 200 emailIcon.png
secure.taxbandits.com/Content/CommonImages/ 1 KB
1 KB 102ms
102ms Image
image/png 129.213.142.160
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.taxbandits.com/Content/CommonImages/emailIcon.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

129.213.142.160 , United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

TBSWS /

Resource Hash

d82e4a5526fe1bf9fb16cc1bb09113702cb36c208c76176eb95531eb842be4a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.taxbandits.com/Content/logincss?v=i6DS2LkqcAHKC0RW1Yheh_5JQzXqdLzLyurmSGA7XKw1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 04 Nov 2019 21:04:52 GMT
server: TBSWS
etag: "0b237805393d51:0"
x-frame-options: SAMEORIGIN
content-type: image/png
status: 200
date: Thu, 26 Mar 2020 20:45:10 GMT
accept-ranges: bytes
content-length: 1227
x-xss-protection: 1; mode=block

GET
H2 200 AvenirLTStd-Book.otf
secure.taxbandits.com/Content/fonts/avenir_ff/ 27 KB
27 KB 101ms
101ms Font
font/otf 129.213.142.160
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.taxbandits.com/Content/fonts/avenir_ff/AvenirLTStd-Book.otf

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

129.213.142.160 , United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

TBSWS /

Resource Hash

4fb98e778ecf8c15d92e6877f6acfff6dac74cded293cece1cca3e24193e0f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.taxbandits.com/Content/logincss?v=i6DS2LkqcAHKC0RW1Yheh_5JQzXqdLzLyurmSGA7XKw1
Origin: https://secure.taxbandits.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 09 Dec 2019 17:00:36 GMT
server: TBSWS
etag: "0d242db2aed51:0"
x-frame-options: SAMEORIGIN
content-type: font/otf
status: 200
date: Thu, 26 Mar 2020 20:45:10 GMT
accept-ranges: bytes
content-length: 27444
x-xss-protection: 1; mode=block

GET
H2 200 AvenirLTStd-Medium.otf
secure.taxbandits.com/Content/fonts/avenir_ff/ 27 KB
27 KB 101ms
100ms Font
font/otf 129.213.142.160
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.taxbandits.com/Content/fonts/avenir_ff/AvenirLTStd-Medium.otf

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

129.213.142.160 , United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

TBSWS /

Resource Hash

c41fea1fc26f2a0111d2076e47813102050dba2120bc1e3d945f50c5a1d96980

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.taxbandits.com/Content/logincss?v=i6DS2LkqcAHKC0RW1Yheh_5JQzXqdLzLyurmSGA7XKw1
Origin: https://secure.taxbandits.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 25 Jan 2020 00:06:42 GMT
server: TBSWS
etag: "0558b5213d3d51:0"
x-frame-options: SAMEORIGIN
content-type: font/otf
status: 200
date: Thu, 26 Mar 2020 20:45:10 GMT
accept-ranges: bytes
content-length: 27264
x-xss-protection: 1; mode=block

GET
H2 200 AvenirLTStd-Heavy.otf
secure.taxbandits.com/Content/fonts/avenir_ff/ 27 KB
27 KB 102ms
101ms Font
font/otf 129.213.142.160
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.taxbandits.com/Content/fonts/avenir_ff/AvenirLTStd-Heavy.otf

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

129.213.142.160 , United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

TBSWS /

Resource Hash

21bd20c236564b77d07d187b68a92281df7715acb8bdbe7241c0546d415d2abe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.taxbandits.com/Content/logincss?v=i6DS2LkqcAHKC0RW1Yheh_5JQzXqdLzLyurmSGA7XKw1
Origin: https://secure.taxbandits.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 25 Jan 2020 00:06:42 GMT
server: TBSWS
etag: "0558b5213d3d51:0"
x-frame-options: SAMEORIGIN
content-type: font/otf
status: 200
date: Thu, 26 Mar 2020 20:45:10 GMT
accept-ranges: bytes
content-length: 27640
x-xss-protection: 1; mode=block

GET
H2 200 fontawesome-webfont.woff2
secure.taxbandits.com/Content/fonts/ 75 KB
75 KB 104ms
103ms Font
application/font-woff2 129.213.142.160
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.taxbandits.com/Content/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

129.213.142.160 , United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

TBSWS /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.taxbandits.com/Content/logincss?v=i6DS2LkqcAHKC0RW1Yheh_5JQzXqdLzLyurmSGA7XKw1
Origin: https://secure.taxbandits.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 04 Nov 2019 21:04:52 GMT
server: TBSWS
etag: "0b237805393d51:0"
x-frame-options: SAMEORIGIN
content-type: application/font-woff2
status: 200
date: Thu, 26 Mar 2020 20:45:10 GMT
accept-ranges: bytes
content-length: 77160
x-xss-protection: 1; mode=block

GET
H2 200 default Show response
embed.tawk.to/5e307926daaca76c6fd0491b/ 502 KB
110 KB 540ms
540ms Script
application/x-javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/5e307926daaca76c6fd0491b/default

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36807c6834ae551f148d0a4aec3304fc59ba1200a8d2c123f327def2623e0dfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
Origin: https://secure.taxbandits.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 26 Mar 2020 20:45:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
server: cloudflare
access-control-allow-origin: *
etag: W/"fulls68211"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: public, max-age=14400, s-maxage=3600
strict-transport-security: max-age=0; includeSubDomains; preload
cf-ray: 57a3b6c43ab81f25-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Q3TRLB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 396
date: Thu, 26 Mar 2020 20:38:35 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 18174
expires: Thu, 26 Mar 2020 22:38:35 GMT

GET
H2 200 hotjar-412938.js Show response
static.hotjar.com/c/ 34 KB
5 KB 155ms
105ms Script
application/javascript 147.75.100.69
PACKET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-412938.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Q3TRLB

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

147.75.100.69 Central, Hong Kong, ASN54825 (PACKET, US),

Reverse DNS

pkt-ams-k2-shared-ingress16

Software

Resource Hash

757366647f78270ef21d5667b40231aefebd041c0a9267aa45bde406ef30fb63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 20:45:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript
section-io-tag: hotjar
age: 0
status: 200
access-control-max-age: 600
section-io-cache: Miss
x-cache-hit: 1
x-frame-options: SAMEORIGIN
etag: W/fb834f33c66ce4e48bb6be813e9216b8
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=60
section-io-origin-time-seconds: 0.081
accept-ranges: bytes
section-io-id: 2fcf02e397fc26553a6e04af0af19f73
section-origin-responded: true

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 26 KB
10 KB 17ms
16ms Script
text/javascript 216.58.210.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Q3TRLB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.210.2 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f2.1e100.net

Software

cafe /

Resource Hash

c5b1ef448841c8a0f34532d4be5f5656d9eb4eea66e04755c0b64f2662d35eed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 20:45:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 9982
x-xss-protection: 0
server: cafe
etag: 13837497077581106518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 26 Mar 2020 20:45:11 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 24 KB
8 KB 30ms
30ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Q3TRLB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 0d0cbd713d59b1214b24864c2d86699c88d951162983b8e20011a8738be20589

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 20:45:11 GMT
content-encoding: gzip
last-modified: Thu, 19 Mar 2020 02:21:04 GMT
x-msedge-ref: Ref A: 80E59608DFA9455CB0B1B5B89D1CAB26 Ref B: FRAEDGE0907 Ref C: 2020-03-26T20:45:11Z
access-control-allow-origin: *
etag: "0682da95fdd51:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7461

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 28ms
13ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Q3TRLB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 20:45:11 GMT
content-encoding: gzip
age: 45042
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200
content-length: 1954
x-served-by: cache-fra19180-FRA
last-modified: Tue, 23 Jan 2018 20:09:00 GMT
x-timer: S1585255512.712809,VS0,VE0
etag: "b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary: Accept-Encoding,Host
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: no-cache
accept-ranges: bytes

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: l0wZfN+9iLHNpEzah2iU7BaKkPmL9Qp9+63NW2qpNU10EjVsVVm4+dSNi4OQ2HU4C6slR02P9hi7LYBJsnmz7g==
x-fb-trip-id: 1850256238
date: Thu, 26 Mar 2020 20:45:11 GMT, Thu, 26 Mar 2020 20:45:11 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1237622031&t=pageview&_s=1&dl=https%3A%2F%2Fsecure.taxbandits.com%2F%3Fref%3Detf_signin%26_ga%3D2.178756068.1157792362.1585056175-2129591745....
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-10955269-38&cid=178362723.1585255512&jid=1478116030&_gid=1149852228.1585255512&gjid=613157738&_v=j81&z=1262684767
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10955269-38&cid=178362723.1585255512&jid=1478116030&_v=j81&z=1262684767
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10955269-38&cid=178362723.1585255512&jid=1478116030&_v=j81&z=1262684767&slf_rd=1&random=4161493675

42 B
109 B

17ms
17ms

Image
image/gif

2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10955269-38&cid=178362723.1585255512&jid=1478116030&_v=j81&z=1262684767&slf_rd=1&random=4161493675

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Mar 2020 20:45:11 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 26 Mar 2020 20:45:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-10955269-38&cid=178362723.1585255512&jid=1478116030&_v=j81&z=1262684767&slf_rd=1&random=4161493675
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/829401936/ 3 KB
1 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/829401936/?random=1585255511716&cv=9&fst=1585255511716&num=1&label=ulycCMCdsXkQ0Na-iwM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3i0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsecure.taxbandits.com%2F%3Fref%3Detf_signin%26_ga%3D2.178756068.1157792362.1585056175-2129591745.1572897951%26utm_source%3DExpressExtension%2BUsers%26utm_campaign%3D769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30%26utm_medium%3Demail%26utm_term%3D0_4a0a0695d8-769d53049d-216718681&tiba=Sign%20In%20%7C%20TaxBandits&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

488ea2830586498499e012f281a62e8eb1501cc8546aac6e86a9248ae92d4154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Thu, 26 Mar 2020 20:45:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1219
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/775889866/ 3 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/775889866/?random=1585255511718&cv=9&fst=1585255511718&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3i0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsecure.taxbandits.com%2F%3Fref%3Detf_signin%26_ga%3D2.178756068.1157792362.1585056175-2129591745.1572897951%26utm_source%3DExpressExtension%2BUsers%26utm_campaign%3D769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30%26utm_medium%3Demail%26utm_term%3D0_4a0a0695d8-769d53049d-216718681&tiba=Sign%20In%20%7C%20TaxBandits&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbe413299bc1dd45fb3a994d0b247a86be4e0cf07f222a25b0efb0fe25a26d4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Thu, 26 Mar 2020 20:45:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1174
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/775889866/ 3 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/775889866/?random=1585255511719&cv=9&fst=1585255511719&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3i0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fsecure.taxbandits.com%2F%3Fref%3Detf_signin%26_ga%3D2.178756068.1157792362.1585056175-2129591745.1572897951%26utm_source%3DExpressExtension%2BUsers%26utm_campaign%3D769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30%26utm_medium%3Demail%26utm_term%3D0_4a0a0695d8-769d53049d-216718681&tiba=Sign%20In%20%7C%20TaxBandits&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f02dfbd958ef5f720faf4e703cec871f1d3c3875baa095da3a28c33461238d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

pragma: no-cache
date: Thu, 26 Mar 2020 20:45:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=UTF-8
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 1173
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 367926703659369 Show response
connect.facebook.net/signals/config/ 447 KB
113 KB 71ms
70ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/367926703659369?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d556b8c2737a33a32e0e1b0f0d0bffab4eae012cd85c3b1fdd5243b5aa3ee277

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: y1pxsPShF0C6F3L9Egt7mSOTWB8sOyWwgAORTNob5WUhMgiIsPIEk7lFsW4WEC6XKR33GBR8zlG21jnvFOKUYA==
x-fb-trip-id: 1850256238
date: Thu, 26 Mar 2020 20:45:11 GMT, Thu, 26 Mar 2020 20:45:11 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
94 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=26043161&Ver=2&mid=2e4c0351-6cae-38e4-2f55-ea6503157ec4&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sign%20In%20%7C%20TaxBandits&p=https%3A%2F%2Fsecure.taxbandits.com%2F%3Fref%3Detf_signin%26_ga%3D2.178756068.1157792362.1585056175-2129591745.1572897951%26utm_source%3DExpressExtension%2BUsers%26utm_campaign%3D769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30%26utm_medium%3Demail%26utm_term%3D0_4a0a0695d8-769d53049d-216718681&r=&lt=1685&evt=pageLoad&msclkid=N&rn=807140
Requested by: Host: secure.taxbandits.com
URL: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
pragma: no-cache
date: Thu, 26 Mar 2020 20:45:11 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 4C85AB4FED4546BDBCDD92C425E508BA Ref B: FRAEDGE0907 Ref C: 2020-03-26T20:45:11Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
93 B 29ms
28ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5857967&Ver=2&mid=f83394ff-26bb-4828-60fb-455637816740&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sign%20In%20%7C%20TaxBandits&p=https%3A%2F%2Fsecure.taxbandits.com%2F%3Fref%3Detf_signin%26_ga%3D2.178756068.1157792362.1585056175-2129591745.1572897951%26utm_source%3DExpressExtension%2BUsers%26utm_campaign%3D769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30%26utm_medium%3Demail%26utm_term%3D0_4a0a0695d8-769d53049d-216718681&r=&lt=1685&evt=pageLoad&msclkid=N&rn=169861
Requested by: Host: secure.taxbandits.com
URL: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

status: 204
pragma: no-cache
date: Thu, 26 Mar 2020 20:45:11 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: D409AB05BF8A4D35A39FF78C00B4FACF Ref B: FRAEDGE0907 Ref C: 2020-03-26T20:45:11Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
449 B 158ms
132ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o31it&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 20:45:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=0
content-length: 65
x-xss-protection: 0
x-response-time: 119
pragma: no-cache
last-modified: Thu, 26 Mar 2020 20:45:11 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 66b3de0acfa2f0aff0a19bde9da50473
x-transaction: 0037b0fa00e59fb7
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/775889866/ 42 B
115 B 25ms
25ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/775889866/?random=1585255511718&cv=9&fst=1585252800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3i0&sendb=1&frm=0&url=https%3A%2F%2Fsecure.taxbandits.com%2F%3Fref%3Detf_signin%26_ga%3D2.178756068.1157792362.1585056175-2129591745.1572897951%26utm_source%3DExpressExtension%2BUsers%26utm_campaign%3D769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30%26utm_medium%3Demail%26utm_term%3D0_4a0a0695d8-769d53049d-216718681&tiba=Sign%20In%20%7C%20TaxBandits&async=1&fmt=3&is_vtc=1&random=2827523418&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 26 Mar 2020 20:45:11 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/775889866/ 42 B
110 B 19ms
19ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/775889866/?random=1585255511718&cv=9&fst=1585252800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3i0&sendb=1&frm=0&url=https%3A%2F%2Fsecure.taxbandits.com%2F%3Fref%3Detf_signin%26_ga%3D2.178756068.1157792362.1585056175-2129591745.1572897951%26utm_source%3DExpressExtension%2BUsers%26utm_campaign%3D769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30%26utm_medium%3Demail%26utm_term%3D0_4a0a0695d8-769d53049d-216718681&tiba=Sign%20In%20%7C%20TaxBandits&async=1&fmt=3&is_vtc=1&random=2827523418&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 26 Mar 2020 20:45:11 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/775889866/ 42 B
270 B 22ms
21ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/775889866/?random=1585255511719&cv=9&fst=1585252800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3i0&sendb=1&frm=0&url=https%3A%2F%2Fsecure.taxbandits.com%2F%3Fref%3Detf_signin%26_ga%3D2.178756068.1157792362.1585056175-2129591745.1572897951%26utm_source%3DExpressExtension%2BUsers%26utm_campaign%3D769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30%26utm_medium%3Demail%26utm_term%3D0_4a0a0695d8-769d53049d-216718681&tiba=Sign%20In%20%7C%20TaxBandits&async=1&fmt=3&is_vtc=1&random=59674274&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 26 Mar 2020 20:45:11 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/775889866/ 42 B
110 B 31ms
30ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/775889866/?random=1585255511719&cv=9&fst=1585252800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3i0&sendb=1&frm=0&url=https%3A%2F%2Fsecure.taxbandits.com%2F%3Fref%3Detf_signin%26_ga%3D2.178756068.1157792362.1585056175-2129591745.1572897951%26utm_source%3DExpressExtension%2BUsers%26utm_campaign%3D769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30%26utm_medium%3Demail%26utm_term%3D0_4a0a0695d8-769d53049d-216718681&tiba=Sign%20In%20%7C%20TaxBandits&async=1&fmt=3&is_vtc=1&random=59674274&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 26 Mar 2020 20:45:11 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/829401936/ 42 B
115 B 26ms
26ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/829401936/?random=1585255511716&cv=9&fst=1585252800000&num=1&label=ulycCMCdsXkQ0Na-iwM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3i0&sendb=1&frm=0&url=https%3A%2F%2Fsecure.taxbandits.com%2F%3Fref%3Detf_signin%26_ga%3D2.178756068.1157792362.1585056175-2129591745.1572897951%26utm_source%3DExpressExtension%2BUsers%26utm_campaign%3D769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30%26utm_medium%3Demail%26utm_term%3D0_4a0a0695d8-769d53049d-216718681&tiba=Sign%20In%20%7C%20TaxBandits&async=1&fmt=3&is_vtc=1&random=2129340865&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 26 Mar 2020 20:45:11 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/829401936/ 42 B
110 B 20ms
20ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/829401936/?random=1585255511716&cv=9&fst=1585252800000&num=1&label=ulycCMCdsXkQ0Na-iwM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg3i0&sendb=1&frm=0&url=https%3A%2F%2Fsecure.taxbandits.com%2F%3Fref%3Detf_signin%26_ga%3D2.178756068.1157792362.1585056175-2129591745.1572897951%26utm_source%3DExpressExtension%2BUsers%26utm_campaign%3D769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30%26utm_medium%3Demail%26utm_term%3D0_4a0a0695d8-769d53049d-216718681&tiba=Sign%20In%20%7C%20TaxBandits&async=1&fmt=3&is_vtc=1&random=2129340865&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Thu, 26 Mar 2020 20:45:11 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.google-analytics.com/gtm/ 63 KB
24 KB 39ms
39ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-WG6D2G2&t=gtm3&cid=178362723.1585255512

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7d9b85386272e4814ffbe75902e98d8ff50012195bb7575a3e87eeecbee6eacd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 20:45:11 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length: 24232
x-xss-protection: 0
last-modified: Thu, 26 Mar 2020 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 26 Mar 2020 20:45:11 GMT

GET
H2 200 747381055671361 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 81ms
81ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/747381055671361?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

77d03d2b4017c2b74cf030cb5dd186322770ac0364e017d658b6487e20b7efed

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: BRdEhygt8tkhEN7rhugVlA77VNaI9CdHJEKCAyBydNd9jqvRzI+1qomourMwYcV58MPwMd5stX9dIOSkZFAhSA==
x-fb-trip-id: 1850256238
date: Thu, 26 Mar 2020 20:45:11 GMT, Thu, 26 Mar 2020 20:45:11 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
256 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=367926703659369&ev=PageView&dl=https%3A%2F%2Fsecure.taxbandits.com%2F%3Fref%3Detf_signin%26_ga%3D2.178756068.1157792362.1585056175-2129591745.1572897951%26utm_source%3DExpressExtension%2BUsers%26utm_campaign%3D769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30%26utm_medium%3Demail%26utm_term%3D0_4a0a0695d8-769d53049d-216718681&rl=&if=false&ts=1585255511832&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1585255511831.26908949&it=1585255511726&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 20:45:11 GMT, Thu, 26 Mar 2020 20:45:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 26 Mar 2020 20:45:11 GMT

GET
H2 200 modules.17c97750a9d093b794df.js Show response
script.hotjar.com/ 366 KB
69 KB 69ms
23ms Script
application/javascript 147.75.32.99
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.hotjar.com/modules.17c97750a9d093b794df.js
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-412938.js?sv=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.32.99 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress12
Software: /
Resource Hash: 0f9b6f33f064f378e7f390a41dd5f22adecbc56a8d40c6e219a086f5f4ef1f16

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 20:45:11 GMT
content-encoding: br
content-type: application/javascript
age: 34186
status: 200
section-io-cache: Hit
content-length: 70645
last-modified: Thu, 26 Mar 2020 11:12:31 GMT
etag: "3a5a4807e54283bcadc4388cb084ad93"
vary: Accept-Encoding
section-io-origin-status: 200
access-control-allow-origin: *
cache-control: max-age=31536000
section-io-origin-time-seconds: 0.024
accept-ranges: bytes
section-io-id: 2b2fd6e32f3ab3c91a30753dd39a479f
section-origin-responded: true

GET
H2 200 box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame D6CB 0
0 70ms
21ms Document
text/html 147.75.102.239
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-412938.js?sv=7
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 147.75.102.239 Central, Hong Kong, ASN54825 (PACKET, US),
Reverse DNS: pkt-ams-k2-shared-ingress2
Software: /
Resource Hash

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest: iframe
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: iframe
Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681

Response headers

status: 200
date: Thu, 26 Mar 2020 20:45:12 GMT
content-type: text/html
content-length: 851
last-modified: Wed, 25 Mar 2020 15:18:29 GMT
etag: "d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control: max-age=31536000
content-encoding: br
section-io-origin-status: 200
section-io-origin-time-seconds: 0.093
section-origin-responded: true
age: 53558
vary: Accept-Encoding
section-io-cache: Hit
accept-ranges: bytes
section-io-id: 784077ad328775bf6cf9b905f9315b47

GET
H2 200 /
www.facebook.com/tr/ 44 B
106 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=747381055671361&ev=PageView&dl=https%3A%2F%2Fsecure.taxbandits.com%2F%3Fref%3Detf_signin%26_ga%3D2.178756068.1157792362.1585056175-2129591745.1572897951%26utm_source%3DExpressExtension%2BUsers%26utm_campaign%3D769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30%26utm_medium%3Demail%26utm_term%3D0_4a0a0695d8-769d53049d-216718681&rl=&if=false&ts=1585255511934&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1585255511831.26908949&it=1585255511726&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 20:45:11 GMT, Thu, 26 Mar 2020 20:45:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 26 Mar 2020 20:45:11 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
651 B 172ms
139ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=o31it&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fsecure.taxbandits.com%2F%3Fref%3Detf_signin%26_ga%3D2.178756068.1157792362.1585056175-2129591745.1572897951%26utm_source%3DExpressExtension%2BUsers%26utm_campaign%3D769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30%26utm_medium%3Demail%26utm_term%3D0_4a0a0695d8-769d53049d-216718681

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 20:45:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
x-response-time: 123
pragma: no-cache
last-modified: Thu, 26 Mar 2020 20:45:12 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: fc652b264b415cdb77ff2e8df803588f
x-transaction: 007d01360086679b
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C3EB 8 KB
805 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5e307926daaca76c6fd0491b/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 26 Mar 2020 20:45:12 GMT
server: ESF
date: Thu, 26 Mar 2020 20:45:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 26 Mar 2020 20:45:12 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 61A9 8 KB
759 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5e307926daaca76c6fd0491b/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 26 Mar 2020 20:45:12 GMT
server: ESF
date: Thu, 26 Mar 2020 20:45:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 26 Mar 2020 20:45:12 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4330 8 KB
759 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5e307926daaca76c6fd0491b/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 26 Mar 2020 20:45:12 GMT
server: ESF
date: Thu, 26 Mar 2020 20:45:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 26 Mar 2020 20:45:12 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E71B 8 KB
759 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5e307926daaca76c6fd0491b/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 26 Mar 2020 20:45:12 GMT
server: ESF
date: Thu, 26 Mar 2020 20:45:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 26 Mar 2020 20:45:12 GMT

GET
H2 200 emojione.min.css
cdn.jsdelivr.net/emojione/2.2.7/assets/css/ Frame E71B 192 B
315 B 93ms
93ms Stylesheet
text/css 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/assets/css/emojione.min.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5e307926daaca76c6fd0491b/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

date: Thu, 26 Mar 2020 20:45:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12921438
cf-ray: 57a3b6c86be61772-FRA
x-cache: HIT, HIT
status: 200
vary: Accept-Encoding
x-served-by: cache-ams21037-AMS, cache-fra19142-FRA
server: cloudflare
etag: W/"c0-akPwBVON2fKdb1Kdc8vjvcdyWY0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ Frame E71B 295 KB
36 KB 97ms
96ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5e307926daaca76c6fd0491b/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Thu, 26 Mar 2020 20:45:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 12921439
cf-ray: 57a3b6c86bea1772-FRA
x-cache: HIT, HIT
status: 200
vary: Accept-Encoding
x-served-by: cache-ams21034-AMS, cache-hhn4075-HHN
server: cloudflare
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *

POST
H2 200 1585255512310 Show response
va.tawk.to/register/ 777 B
913 B 309ms
309ms XHR
application/json 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/register/1585255512310

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5e307926daaca76c6fd0491b/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dea32e3db21579cc45584d3a3fe6dd9bb3faa22224455d7a3147aa4b6fc79781

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
Origin: https://secure.taxbandits.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 26 Mar 2020 20:45:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
p3p: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
status: 200
vary: Accept-Encoding
x-served-by: visitor-application-preemptive-wwf1
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: https://secure.taxbandits.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 57a3b6c86f3797fc-FRA
access-control-allow-headers: origin, content-type

GET
H2 200 tawk-widget.woff2
static-v.tawk.to/a-v3/fonts/ Frame 4330 3 KB
3 KB 203ms
202ms Font
application/font-woff2 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static-v.tawk.to/a-v3/fonts/tawk-widget.woff2?yh9epr

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5e307926daaca76c6fd0491b/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c6c75617f26fef298699c4bc09793ce8dfc1ab9ee265cd6a5275d528c259e229

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
Origin: https://secure.taxbandits.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 26 Mar 2020 20:45:12 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
status: 200
strict-transport-security: max-age=0; includeSubDomains; preload
content-length: 2744
pragma: public
last-modified: Mon, 15 Jul 2019 17:37:05 GMT
server: cloudflare
etag: "5d2cb9c1-ab8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=315360000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 57a3b6ca6c471f25-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
vsa15.tawk.to/s/ 101 B
361 B 345ms
263ms XHR
application/octet-stream 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vsa15.tawk.to/s/?k=5e7d1458a51aac8a27fa5d28&u=fo1VTAkSWbf6%2FQ%2F3x4kOI8dJyQaolwNvive6gOo1l32ND91%2FPn1gznChExAkXqL%2B&uv=2&a=5e307926daaca76c6fd0491b&cver=0&pop=false&w=sz3k1s&jv=682&asver=2969&ust=false&p=Sign%20In%20%7C%20TaxBandits&r=&EIO=3&transport=polling&__t=N4Obter

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5e307926daaca76c6fd0491b/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53c0e5fea82460863fa7cd2650781eb755105c9e03edebb5cca15d160aa14b4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
Origin: https://secure.taxbandits.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 26 Mar 2020 20:45:12 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://secure.taxbandits.com
access-control-allow-credentials: true
cf-ray: 57a3b6caeaaf1f29-FRA
content-length: 101

GET
H2 200 26a1.png
cdn.jsdelivr.net/emojione/assets/png/ Frame E71B 413 B
569 B 84ms
84ms Image
image/png 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.jsdelivr.net/emojione/assets/png/26a1.png?v=2.2.7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 20:45:12 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4192036
cf-ray: 57a3b6ca68f41772-FRA
x-cache: HIT
status: 200
vary: Accept-Encoding
content-length: 413
x-served-by: cache-fra19182-FRA
server: cloudflare
etag: W/"19d-NgetWBBUGNU0Su9xItAjaREfnb0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 / Show response
vsa15.tawk.to/s/ 706 B
893 B 242ms
241ms XHR
application/octet-stream 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5e307926daaca76c6fd0491b/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

362937c24958c026388c4821a63a659304f01197b4fbfc8d49770f248e41f77f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
Origin: https://secure.taxbandits.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 26 Mar 2020 20:45:13 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://secure.taxbandits.com
access-control-allow-credentials: true
cf-ray: 57a3b6cc9f541f29-FRA
content-length: 706

POST
H2 200 v3 Show response
va.tawk.to/log-performance/ 5 B
222 B 215ms
215ms XHR
text/html 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5e307926daaca76c6fd0491b/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
Origin: https://secure.taxbandits.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Thu, 26 Mar 2020 20:45:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
status: 200
vary: Accept-Encoding
x-served-by: visitor-application-preemptive-h268
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
access-control-allow-methods: POST
content-type: text/html; charset=utf-8
access-control-allow-origin: https://secure.taxbandits.com
access-control-allow-credentials: true
cf-ray: 57a3b6ce1e7397fc-FRA
access-control-allow-headers: origin, content-type

GET
H2 200 / Show response
vsa15.tawk.to/s/ 4 B
86 B 968ms
967ms XHR
application/octet-stream 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/5e307926daaca76c6fd0491b/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
Origin: https://secure.taxbandits.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 26 Mar 2020 20:45:14 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0; includeSubDomains; preload
content-type: application/octet-stream
access-control-allow-origin: https://secure.taxbandits.com
access-control-allow-credentials: true
cf-ray: 57a3b6ce1bc71f29-FRA
content-length: 4

GET
H2 200 /
www.facebook.com/tr/ 44 B
255 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=367926703659369&ev=Microdata&dl=https%3A%2F%2Fsecure.taxbandits.com%2F%3Fref%3Detf_signin%26_ga%3D2.178756068.1157792362.1585056175-2129591745.1572897951%26utm_source%3DExpressExtension%2BUsers%26utm_campaign%3D769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30%26utm_medium%3Demail%26utm_term%3D0_4a0a0695d8-769d53049d-216718681&rl=&if=false&ts=1585255513335&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Sign%20In%20%7C%20TaxBandits%22%2C%22meta%3Adescription%22%3A%22E-file%20your%201099%20series%2C%20W-2%2C%20or%20ACA%20forms%201095%2C%20corrections%2C%20extension%20Form%208809%2C%20Form%20W-9%20with%20the%20IRS%20and%20your%20state.%20TaxBandits%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1585255513334.786577037&it=1585255511726&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 20:45:13 GMT, Thu, 26 Mar 2020 20:45:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 26 Mar 2020 20:45:13 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
106 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=747381055671361&ev=Microdata&dl=https%3A%2F%2Fsecure.taxbandits.com%2F%3Fref%3Detf_signin%26_ga%3D2.178756068.1157792362.1585056175-2129591745.1572897951%26utm_source%3DExpressExtension%2BUsers%26utm_campaign%3D769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30%26utm_medium%3Demail%26utm_term%3D0_4a0a0695d8-769d53049d-216718681&rl=&if=false&ts=1585255513436&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Sign%20In%20%7C%20TaxBandits%22%2C%22meta%3Adescription%22%3A%22E-file%20your%201099%20series%2C%20W-2%2C%20or%20ACA%20forms%201095%2C%20corrections%2C%20extension%20Form%208809%2C%20Form%20W-9%20with%20the%20IRS%20and%20your%20state.%20TaxBandits%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1585255513334.786577037&it=1585255511726&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://secure.taxbandits.com/?ref=etf_signin&_ga=2.178756068.1157792362.1585056175-2129591745.1572897951&utm_source=ExpressExtension+Users&utm_campaign=769d53049d-EMAIL_CAMPAIGN_2020_03_26_02_30&utm_medium=email&utm_term=0_4a0a0695d8-769d53049d-216718681
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Thu, 26 Mar 2020 20:45:13 GMT, Thu, 26 Mar 2020 20:45:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-27=":443"; ma=3600
content-length: 44
expires: Thu, 26 Mar 2020 20:45:13 GMT

Verdicts & Comments Add Verdict or Comment

165 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.taxbandits.com/	1970-01-19 16:53:33	Name: _hjid Value: a13be047-5280-4338-9310-fec2b2c71859
.taxbandits.com/	1970-01-19 10:30:31	Name: _fbp Value: fb.1.1585255511831.26908949
.secure.taxbandits.com/	1970-01-19 08:22:21	Name: _gid Value: GA1.3.1149852228.1585255512
secure.taxbandits.com/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 1585255512410
.secure.taxbandits.com/	1970-01-19 08:20:55	Name: _gat_UA-10955269-38 Value: 1
secure.taxbandits.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: boix2wmr0iwhny02z0wowcjh
.secure.taxbandits.com/	1970-01-20 01:52:07	Name: _ga Value: GA1.3.178362723.1585255512
.taxbandits.com/	1970-01-19 10:30:31	Name: _gcl_au Value: 1.1.1824762152.1585255512

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://secure.taxbandits.com/Scripts/jquery-migrate-3.1.0.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.1.0
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - Duplicate Pixel ID: 367926703659369.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
bat.bing.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
d7i0gxyscl483.cloudfront.net
embed.tawk.to
expressextension.us3.list-manage.com
fonts.googleapis.com
googleads.g.doubleclick.net
script.hotjar.com
secure.taxbandits.com
static-v.tawk.to
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
va.tawk.to
vars.hotjar.com
vsa15.tawk.to
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.244.42.3
104.244.42.69
129.213.142.160
13.227.157.152
147.75.100.69
147.75.102.239
147.75.32.99
151.101.12.157
2.19.114.64
216.58.210.2
2606:4700:10::6816:1883
2606:4700:10::6816:1983
2606:4700::6810:5814
2606:4700::6811:4004
2620:1ec:c11::200
2a00:1450:4001:800::2003
2a00:1450:4001:800::200e
2a00:1450:4001:806::2004
2a00:1450:4001:80b::200a
2a00:1450:4001:818::2002
2a00:1450:4001:81d::2008
2a00:1450:400c:c07::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
0233f3347037a4ccead26dd9ee13c9635db56111b286e825188b279988ba7de2
0d0cbd713d59b1214b24864c2d86699c88d951162983b8e20011a8738be20589
0e7854393ea62ff094c06e6600d985d98a35d1e34ee60a368e585b8cb29d2d12
0f9b6f33f064f378e7f390a41dd5f22adecbc56a8d40c6e219a086f5f4ef1f16
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11fc360b607a4b85665762cb8c38a07807908e9e415cd55b964e7be841f7c91f
129f6edb23e179d932742ab237a653217bcf747da133f42d7879fe20a91fc0f5
17b1fec86f2799119ad9051477be641fcc40e0c86a09f7c49c4d1b93ac556869
21bd20c236564b77d07d187b68a92281df7715acb8bdbe7241c0546d415d2abe
2685392030e3caa7ae5bb791d701581b44e635be559ad1e88a5a5edbb4f98bc7
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
362937c24958c026388c4821a63a659304f01197b4fbfc8d49770f248e41f77f
36807c6834ae551f148d0a4aec3304fc59ba1200a8d2c123f327def2623e0dfb
3e408d8ee7292025667852fd6b0712cf66513d759a0ad505e217beb81f4492ce
488ea2830586498499e012f281a62e8eb1501cc8546aac6e86a9248ae92d4154
4fb98e778ecf8c15d92e6877f6acfff6dac74cded293cece1cca3e24193e0f6a
5061f7e6a48733d2f2a04a97215563e2aa56bd305ce6af732fa2a68febceda84
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
53c0e5fea82460863fa7cd2650781eb755105c9e03edebb5cca15d160aa14b4f
579282b595e33fc9be10b005e5330ed5979cfb2aa12e4a17fd43ee51d508a231
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5ed1cd8a361e17a0ac2050126dd9125260343597effeccba62a6e84eeb13c79e
655d22f1e57a210e92020f519df7648ed54b9ec2624b14a34912fa567f84c215
69a567327a2b986766ce4907452afeb57f69a067686d66e3197706bafe016b2f
7028fb3c3436dafbf5db8a57dccba8398de00eb51f993eb10b8753202cb77d74
757366647f78270ef21d5667b40231aefebd041c0a9267aa45bde406ef30fb63
77d03d2b4017c2b74cf030cb5dd186322770ac0364e017d658b6487e20b7efed
7d9b85386272e4814ffbe75902e98d8ff50012195bb7575a3e87eeecbee6eacd
7ea54b2b0edad18bb15cf91a2b0a959c30dec9b21d050114cf6ff1da2fba9849
83e365984650e7bcbdf3bd8a386854726be573b275e852e48c1227b43bb42dac
83e98c5fe8e293fccfd7cbd803d93296706e84ccbf77550137062b14579ecfd2
8f02dfbd958ef5f720faf4e703cec871f1d3c3875baa095da3a28c33461238d0
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
951250ebde16d7ac4f75e7c870cfaeed33fb6ba9fa910976c37e154e9710eaff
97b593b02b8bdf7f6d056f722ed3d0ef612534417b995c313a5f5f81304db4ce
9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d
9f6e599ee759753214a54335ee603154c43ae0240d791211695ca29bd317a05b
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ac8af7cdaafe06cf4c0b23814cc7f50c3e48dfd964367c9a805f635b0c28ab5e
af9e9d779b4a7c5a3b055353c754479c00419a366c86534609740dd8385861c0
b44ffd171a2d61f9b9cc9c0025a83ca3f9499a80df1aa18cd0b700da3501ad34
bbe413299bc1dd45fb3a994d0b247a86be4e0cf07f222a25b0efb0fe25a26d4e
be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44
c41fea1fc26f2a0111d2076e47813102050dba2120bc1e3d945f50c5a1d96980
c5b1ef448841c8a0f34532d4be5f5656d9eb4eea66e04755c0b64f2662d35eed
c6c75617f26fef298699c4bc09793ce8dfc1ab9ee265cd6a5275d528c259e229
cc785971257177efefe0400ae53a928b2d34a4302f05c37b0e05d802838157e2
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
d3fb385aad2757e720c0e49ca0b807172ff255ad2dc2bf4b1998e632297800a9
d556b8c2737a33a32e0e1b0f0d0bffab4eae012cd85c3b1fdd5243b5aa3ee277
d82e4a5526fe1bf9fb16cc1bb09113702cb36c208c76176eb95531eb842be4a3
dea32e3db21579cc45584d3a3fe6dd9bb3faa22224455d7a3147aa4b6fc79781
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ef18844057c484349306adbb61de588430d4d858c9e5f44330faa66f45389d
f1677a7e16a9aad753b579d590ccf3f18f83704170ee74446b3008af9f5cc834
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

secure.taxbandits.com Open in urlscan Pro 129.213.142.160 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

76 Requests

100 %HTTPS

58 %IPv6

20 Domains

26 Subdomains

22 IPs

7 Countries

1295 kBTransfer

4164 kBSize

8 Cookies

2 Outgoing links

Page URL History

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

secure.taxbandits.com Open in urlscan Pro
129.213.142.160 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

100 %
HTTPS

58 %
IPv6

20
Domains

26
Subdomains

22
IPs

7
Countries

1295 kB
Transfer

4164 kB
Size

8
Cookies

76 HTTP transactions
0 data transactions