devclient.mycase.tax Open in urlscan Pro
2620:0:890::100  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response devclient.mycase.tax/	2 KB 953 B	201ms 33ms	Document text/html	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://devclient.mycase.tax/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 0bc8d2cf19b61da35d5eab2b14a8d323704a3ace39b5134f11c28e14c66e5d98 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 cache-control max-age=3600 content-encoding br content-length 609 content-type text/html; charset=utf-8 date Fri, 20 Dec 2024 13:07:26 GMT etag "aea4c82c7465aa01c22d29981a403f4f1d893669e831cb21c1826498b1e71d76-br" last-modified Thu, 19 Dec 2024 11:39:51 GMT strict-transport-security max-age=31556926 vary x-fh-requested-host, accept-encoding x-cache HIT x-cache-hits 0 x-served-by cache-mad2200128-MAD x-timer S1734700046.139211,VS0,VE1
GET H3	200	html2pdf.bundle.min.js Show response cdnjs.cloudflare.com/ajax/libs/html2pdf.js/0.9.2/	469 KB 111 KB	46ms 15ms	Script application/javascript	104.17.24.14 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/html2pdf.js/0.9.2/html2pdf.bundle.min.js Requested by Host: devclient.mycase.tax URL: https://devclient.mycase.tax/ Protocol H3 Security QUIC, , AES_128_GCM Server 104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5460fd37426f0da49b5542377a393c13f438df82c62b35af30d6ccd1c417aa4 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://devclient.mycase.tax/ Response headers cf-cdnjs-via cfworker/kv content-encoding br cf-cache-status HIT etag "5eb03e9d-7555a" age 1765421 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6OiudmyxmHqPdavj4zrmW2t%2BFtg4AmtLrpYvWuTZL%2B6SoiMnYVHl8SQUglMKPHdWYcAIUWK8NHmQKvrNH1kN3ZWCsCBURSqOFNcW0XYxeAxF8i9j1fASGDxVcHHlu50wzgP1HwMm"}],"group":"cf-nel","max_age":604800} x-content-type-options nosniff expires Wed, 10 Dec 2025 13:07:26 GMT alt-svc h3=":443"; ma=86400 server-timing cfExtPri date Fri, 20 Dec 2024 13:07:26 GMT content-type application/javascript; charset=utf-8 last-modified Mon, 04 May 2020 16:11:09 GMT vary Accept-Encoding priority u=1,i=?0 strict-transport-security max-age=15780000 cache-control public, max-age=30672000 timing-allow-origin * nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} cross-origin-resource-policy cross-origin cf-ray 8f4fdaf92ad5d26e-FRA accept-ranges bytes access-control-allow-origin * content-length 112878 server cloudflare
GET H2	200	index-CbT4vKKQ.js Show response devclient.mycase.tax/assets/	2 MB 395 KB	37ms 36ms	Script text/javascript	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://devclient.mycase.tax/assets/index-CbT4vKKQ.js Requested by Host: devclient.mycase.tax URL: https://devclient.mycase.tax/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 97e14572ac263e42434bd0719a7a6574584e472dbe362f771df1adbf4b1b3854 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://devclient.mycase.tax Referer https://devclient.mycase.tax/ Response headers strict-transport-security max-age=31556926 cache-control max-age=3600 content-encoding br etag "2fdc8f860b589507745e932a72fc17d60e6c4ad59c0e662e056b8a35cd168b98-br" x-timer S1734700046.246595,VS0,VE1 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT content-length 403632 date Fri, 20 Dec 2024 13:07:26 GMT content-type text/javascript; charset=utf-8 last-modified Thu, 19 Dec 2024 11:39:51 GMT x-served-by cache-mad2200128-MAD x-cache-hits 0 vary x-fh-requested-host, accept-encoding
GET H2	200	index-BgviAFSw.css devclient.mycase.tax/assets/	100 KB 15 KB	37ms 37ms	Stylesheet text/css	2620:0:890::100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://devclient.mycase.tax/assets/index-BgviAFSw.css Requested by Host: devclient.mycase.tax URL: https://devclient.mycase.tax/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2620:0:890::100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 5f4d22080260a3b40a6aae2590e522e76680a5c227d4929779f77c1655347353 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://devclient.mycase.tax Referer https://devclient.mycase.tax/ Response headers strict-transport-security max-age=31556926 cache-control max-age=3600 content-encoding br etag "c3cfd8b1487a13fc440ae9d2adaa0e8b7ccfb149904ab3b68f465d8dd92ad01e-br" x-timer S1734700046.246612,VS0,VE1 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT content-length 15409 date Fri, 20 Dec 2024 13:07:26 GMT content-type text/css; charset=utf-8 last-modified Thu, 19 Dec 2024 11:39:51 GMT x-served-by cache-mad2200128-MAD x-cache-hits 0 vary x-fh-requested-host, accept-encoding
GET H2	200	css2 fonts.googleapis.com/	4 KB 1 KB	64ms 28ms	Stylesheet text/css	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500&display=swap Requested by Host: devclient.mycase.tax URL: https://devclient.mycase.tax/assets/index-BgviAFSw.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f5deaa08385f12421f8f1bc7f60104fb8f84674b40d54f3fd7672a0f67bf708f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://devclient.mycase.tax/ Response headers content-encoding gzip x-content-type-options nosniff expires Fri, 20 Dec 2024 13:07:26 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 20 Dec 2024 13:07:26 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Fri, 20 Dec 2024 12:21:34 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	css2 fonts.googleapis.com/	23 KB 2 KB	66ms 31ms	Stylesheet text/css	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;500;600;700&display=swap Requested by Host: devclient.mycase.tax URL: https://devclient.mycase.tax/assets/index-BgviAFSw.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash f41df713969f37c69d521da6b2fecb5a39dda4adf6b1fdf52079556e81eef4fa Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://devclient.mycase.tax/ Response headers content-encoding gzip x-content-type-options nosniff expires Fri, 20 Dec 2024 13:07:26 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 20 Dec 2024 13:07:26 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Fri, 20 Dec 2024 12:07:12 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	css2 fonts.googleapis.com/	10 KB 844 B	64ms 29ms	Stylesheet text/css	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap Requested by Host: devclient.mycase.tax URL: https://devclient.mycase.tax/assets/index-BgviAFSw.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash dae65e43ce0ffcb9722f0ac5dc5a774548f0134883a1e046b981aed48b69dfa4 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://devclient.mycase.tax/ Response headers content-encoding gzip x-content-type-options nosniff expires Fri, 20 Dec 2024 13:07:26 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 20 Dec 2024 13:07:26 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Fri, 20 Dec 2024 13:01:01 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	client Show response accounts.google.com/gsi/	227 KB 86 KB	86ms 31ms	Script application/javascript	2a00:1450:400c:c00::54 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/gsi/client Requested by Host: devclient.mycase.tax URL: https://devclient.mycase.tax/assets/index-CbT4vKKQ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::54 Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 92bbc149c46452921a27e0fd6f9af07561f50ba32a0725332d3f1a4d1cab661f Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-tpukAXw9hdqFqyYN-Wx4kQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://devclient.mycase.tax/ Response headers content-security-policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-tpukAXw9hdqFqyYN-Wx4kQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http cache-control private, max-age=1800 content-encoding gzip cross-origin-resource-policy cross-origin report-to {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]} x-content-type-options nosniff expires Fri, 20 Dec 2024 13:07:26 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cross-origin-opener-policy-report-only same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1" date Fri, 20 Dec 2024 13:07:26 GMT x-xss-protection 0 content-type application/javascript; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site server ESF x-frame-options SAMEORIGIN
GET H3	200	UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 fonts.gstatic.com/s/inter/v18/	47 KB 47 KB	47ms 18ms	Font font/woff2	142.250.185.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;500;600;700&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f3.1e100.net Software sffe / Resource Hash f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://devclient.mycase.tax Referer https://fonts.googleapis.com/ Response headers age 94368 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Fri, 19 Dec 2025 10:54:38 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Thu, 19 Dec 2024 10:54:38 GMT last-modified Mon, 29 Jul 2024 22:51:01 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 48444 x-xss-protection 0 server sffe
GET H2	200	icon fonts.googleapis.com/	569 B 417 B	29ms 27ms	Stylesheet text/css	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/icon?family=Material+Icons Requested by Host: devclient.mycase.tax URL: https://devclient.mycase.tax/assets/index-CbT4vKKQ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://devclient.mycase.tax/ Response headers content-encoding gzip x-content-type-options nosniff expires Fri, 20 Dec 2024 13:07:26 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 20 Dec 2024 13:07:26 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Fri, 20 Dec 2024 13:07:26 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	css2 fonts.sandbox.google.com/	704 B 915 B	585ms 507ms	Stylesheet text/css	2a00:1450:400c:c0c::451 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.sandbox.google.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@48,400,0,0 Requested by Host: devclient.mycase.tax URL: https://devclient.mycase.tax/assets/index-CbT4vKKQ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c0c::451 Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash fb1bdcc6489c068c411a5968a7b82f5dddda8e272ca81a0f7027c0345a0da544 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://devclient.mycase.tax/ Response headers content-encoding gzip x-content-type-options nosniff expires Fri, 20 Dec 2024 13:07:27 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 20 Dec 2024 13:07:27 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Fri, 20 Dec 2024 13:07:27 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	css2 fonts.googleapis.com/	696 B 538 B	28ms 26ms	Stylesheet text/css	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@48,400,0,0 Requested by Host: devclient.mycase.tax URL: https://devclient.mycase.tax/assets/index-CbT4vKKQ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash dade0cb2438796c022edd04afbeb35d51b7616909c1ba37e42a2b9fd6935052c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://devclient.mycase.tax/ Response headers content-encoding gzip x-content-type-options nosniff expires Fri, 20 Dec 2024 13:07:26 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 20 Dec 2024 13:07:26 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Fri, 20 Dec 2024 13:07:26 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	css2 fonts.googleapis.com/	691 B 511 B	38ms 36ms	Stylesheet text/css	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Material+Symbols+Rounded:opsz,wght,FILL,GRAD@48,400,1,0 Requested by Host: devclient.mycase.tax URL: https://devclient.mycase.tax/assets/index-CbT4vKKQ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 78b70246a5bf7739aed335d683b57c996a74129e90c7f47fb779b59b1091ee87 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://devclient.mycase.tax/ Response headers content-encoding gzip x-content-type-options nosniff expires Fri, 20 Dec 2024 13:07:26 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 20 Dec 2024 13:07:26 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Fri, 20 Dec 2024 13:07:26 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	css2 fonts.googleapis.com/	691 B 620 B	38ms 36ms	Stylesheet text/css	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Material+Symbols+Rounded:opsz,wght,FILL,GRAD@48,400,0,0 Requested by Host: devclient.mycase.tax URL: https://devclient.mycase.tax/assets/index-CbT4vKKQ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c486761ac118bd445fd92126848d8f2e95de17ead0420abc9ae2137c6e0471bf Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://devclient.mycase.tax/ Response headers content-encoding gzip x-content-type-options nosniff expires Fri, 20 Dec 2024 13:07:26 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 20 Dec 2024 13:07:26 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Fri, 20 Dec 2024 13:07:26 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	css2 fonts.googleapis.com/	696 B 514 B	38ms 37ms	Stylesheet text/css	2a00:1450:4001:801::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@24,400,0,0 Requested by Host: devclient.mycase.tax URL: https://devclient.mycase.tax/assets/index-CbT4vKKQ.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 4db2b7b738792bf0c7e6a6928e21d510b2389447a2cfeeee70e98fb988ef795a Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://devclient.mycase.tax/ Response headers content-encoding gzip x-content-type-options nosniff expires Fri, 20 Dec 2024 13:07:26 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 20 Dec 2024 13:07:26 GMT content-type text/css; charset=utf-8 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site last-modified Fri, 20 Dec 2024 13:07:26 GMT x-frame-options SAMEORIGIN strict-transport-security max-age=31536000 link <https://fonts.gstatic.com>; rel=preconnect; crossorigin cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups cross-origin-resource-policy cross-origin access-control-allow-origin * x-xss-protection 0 server ESF
GET H2	200	gtm.js Show response www.googletagmanager.com/	206 KB 73 KB	81ms 34ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-P44P9W2 Requested by Host: devclient.mycase.tax URL: https://devclient.mycase.tax/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 91ddea91afdbe969c7c1b04363353a8bb86fa6a85930c2c262c04dd07a7b0e82 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://devclient.mycase.tax/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],} expires Fri, 20 Dec 2024 13:07:26 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 20 Dec 2024 13:07:26 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding last-modified Fri, 20 Dec 2024 12:00:00 GMT access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 74456 x-xss-protection 0 server Google Tag Manager
GET H3	200	base_v2-COz7G6M4.png devclient.mycase.tax/assets/	14 KB 15 KB	43ms 42ms	Image image/png	199.36.158.100 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://devclient.mycase.tax/assets/base_v2-COz7G6M4.png Protocol H3 Security QUIC, , AES_256_GCM Server 199.36.158.100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 8b6adb50d47c763951200833c00eea9efea55f05cbfa668ac12313685db79c2e Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://devclient.mycase.tax/login Response headers strict-transport-security max-age=31556926 cache-control max-age=3600 etag "88fef63c9482f37faac492c44c4dba44f6d283df8b07d3ab7bb3edefcca2ccef" x-timer S1734700047.769048,VS0,VE1 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT content-length 14779 date Fri, 20 Dec 2024 13:07:26 GMT content-type image/png last-modified Thu, 19 Dec 2024 11:39:51 GMT x-served-by cache-mad2200137-MAD x-cache-hits 0 vary x-fh-requested-host, accept-encoding
GET H3	200	login_hero-BI_iplDf.png devclient.mycase.tax/assets/	975 KB 975 KB	44ms 43ms	Image image/png	199.36.158.100 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://devclient.mycase.tax/assets/login_hero-BI_iplDf.png Protocol H3 Security QUIC, , AES_256_GCM Server 199.36.158.100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 11dc212207b7b9b979fd13414c5b656053a55ee9f1932a4fc259cabbde163598 Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://devclient.mycase.tax/login Response headers strict-transport-security max-age=31556926 cache-control max-age=3600 etag "542ddd9a756178128beb28dc9a8b492f10ffe47d502d054dc5b83f956b4d0d73" x-timer S1734700047.769662,VS0,VE1 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT content-length 998274 date Fri, 20 Dec 2024 13:07:26 GMT content-type image/png last-modified Thu, 19 Dec 2024 11:39:51 GMT x-served-by cache-mad2200137-MAD x-cache-hits 0 vary x-fh-requested-host, accept-encoding
GET H3	200	favicon.ico devclient.mycase.tax/	15 KB 3 KB	40ms 40ms	Other image/x-icon	199.36.158.100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://devclient.mycase.tax/favicon.ico Protocol H3 Security QUIC, , AES_256_GCM Server 199.36.158.100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 77a2a526f0aa61de6894b8e5d903dc8d473883474bf561e021f54c653d72445b Security Headers Name Value Strict-Transport-Security max-age=31556926 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://devclient.mycase.tax/login Response headers strict-transport-security max-age=31556926 cache-control max-age=3600 content-encoding br etag "528cdaea1124cfb216bd584e9cfab3071d47af6137d3e7c90310a77170736d14-br" x-timer S1734700047.769415,VS0,VE1 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT content-length 2417 date Fri, 20 Dec 2024 13:07:26 GMT content-type image/x-icon last-modified Thu, 19 Dec 2024 11:39:51 GMT x-served-by cache-mad2200137-MAD x-cache-hits 0 vary x-fh-requested-host, accept-encoding
GET H3	200	favicon.ico devclient.mycase.tax/	15 KB 0	45ms 45ms	Other image/x-icon	199.36.158.100 FASTLY
General Check archive.org Show headers Download Go to Full URL https://devclient.mycase.tax/favicon.ico Protocol H3 Security QUIC, , AES_256_GCM Server 199.36.158.100 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 77a2a526f0aa61de6894b8e5d903dc8d473883474bf561e021f54c653d72445b Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://devclient.mycase.tax/login Response headers cache-control max-age=3600 content-encoding br etag "528cdaea1124cfb216bd584e9cfab3071d47af6137d3e7c90310a77170736d14-br" x-timer S1734700047.769415,VS0,VE1 accept-ranges bytes alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT content-length 2417 date Fri, 20 Dec 2024 13:07:26 GMT content-type image/x-icon last-modified Thu, 19 Dec 2024 11:39:51 GMT x-served-by cache-mad2200137-MAD x-cache-hits 0 vary x-fh-requested-host, accept-encoding
GET H3	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v29/	37 KB 37 KB	57ms 37ms	Font font/woff2	142.250.185.163 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500&display=swap Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.163 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f3.1e100.net Software sffe / Resource Hash fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Origin https://devclient.mycase.tax Referer https://fonts.googleapis.com/ Response headers age 194580 report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} x-content-type-options nosniff expires Thu, 18 Dec 2025 07:04:26 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 18 Dec 2024 07:04:26 GMT last-modified Wed, 06 Nov 2024 17:30:37 GMT content-type font/woff2 cache-control public, max-age=31536000 timing-allow-origin * cross-origin-opener-policy same-origin; report-to="apps-themes" cross-origin-resource-policy cross-origin content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes accept-ranges bytes access-control-allow-origin * content-length 37828 x-xss-protection 0 server sffe
GET H2	200	js Show response www.googletagmanager.com/gtag/	317 KB 106 KB	42ms 41ms	Script application/javascript	2a00:1450:4001:830::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-PC8M7JJX30&l=dataLayer&cx=c&gtm=45He4cc1v896213038za200 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-P44P9W2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 16707e4f07f1f4bf0ca907b7acf535c16fa8065881b252da180cb0ff0dd5febb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://devclient.mycase.tax/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Fri, 20 Dec 2024 13:07:26 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 20 Dec 2024 13:07:26 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 108400 x-xss-protection 0 server Google Tag Manager
POST H2	204	collect region1.google-analytics.com/g/	0 0	52ms 21ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-PC8M7JJX30&gtm=45je4cc1v896222354z8896213038za200zb896213038&_p=1734700046744&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102081485~102198178&cid=664311569.1734700047&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1734700046&sct=1&seg=0&dl=https%3A%2F%2Fdevclient.mycase.tax%2Flogin&dt=MyCase&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1014 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-PC8M7JJX30&l=dataLayer&cx=c&gtm=45He4cc1v896213038za200 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://devclient.mycase.tax/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://devclient.mycase.tax cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Fri, 20 Dec 2024 13:07:27 GMT content-type text/plain server Golfe2

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| ChoiceField function| ListBox function| ComboBox function| EditBox function| Button function| PushButton function| RadioButton function| CheckBox function| TextField function| PasswordField object| AcroForm function| _jzlib_Deflater function| Deflater function| RGBColor function| PNG function| html2pdf string| __reactRouterVersion object| dataLayer object| google_tag_manager object| google_tag_data object| default_gsi object| _F_toggles object| google function| onYouTubeIframeAPIReady object| gaGlobal

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.mycase.tax/	1970-01-21 11:27:40	Name: _ga Value: GA1.1.664311569.1734700047
			.mycase.tax/	1970-01-21 11:27:40	Name: _ga_PC8M7JJX30 Value: GS1.1.1734700046.1.0.1734700046.0.0.0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://devclient.mycase.tax/login Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
cdnjs.cloudflare.com
devclient.mycase.tax
fonts.googleapis.com
fonts.gstatic.com
fonts.sandbox.google.com
region1.google-analytics.com
www.googletagmanager.com
104.17.24.14
142.250.185.163
199.36.158.100
2001:4860:4802:34::36
2620:0:890::100
2a00:1450:4001:801::200a
2a00:1450:4001:830::2008
2a00:1450:400c:c00::54
2a00:1450:400c:c0c::451
0bc8d2cf19b61da35d5eab2b14a8d323704a3ace39b5134f11c28e14c66e5d98
11dc212207b7b9b979fd13414c5b656053a55ee9f1932a4fc259cabbde163598
16707e4f07f1f4bf0ca907b7acf535c16fa8065881b252da180cb0ff0dd5febb
36b2057eb5eef261a2cbb8c149dcf3a11edaa15ccd8e3d462eb34999f5ff8f2a
4db2b7b738792bf0c7e6a6928e21d510b2389447a2cfeeee70e98fb988ef795a
5f4d22080260a3b40a6aae2590e522e76680a5c227d4929779f77c1655347353
77a2a526f0aa61de6894b8e5d903dc8d473883474bf561e021f54c653d72445b
78b70246a5bf7739aed335d683b57c996a74129e90c7f47fb779b59b1091ee87
8b6adb50d47c763951200833c00eea9efea55f05cbfa668ac12313685db79c2e
91ddea91afdbe969c7c1b04363353a8bb86fa6a85930c2c262c04dd07a7b0e82
92bbc149c46452921a27e0fd6f9af07561f50ba32a0725332d3f1a4d1cab661f
97e14572ac263e42434bd0719a7a6574584e472dbe362f771df1adbf4b1b3854
c486761ac118bd445fd92126848d8f2e95de17ead0420abc9ae2137c6e0471bf
d5460fd37426f0da49b5542377a393c13f438df82c62b35af30d6ccd1c417aa4
dade0cb2438796c022edd04afbeb35d51b7616909c1ba37e42a2b9fd6935052c
dae65e43ce0ffcb9722f0ac5dc5a774548f0134883a1e046b981aed48b69dfa4
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f41df713969f37c69d521da6b2fecb5a39dda4adf6b1fdf52079556e81eef4fa
f5deaa08385f12421f8f1bc7f60104fb8f84674b40d54f3fd7672a0f67bf708f
fb1bdcc6489c068c411a5968a7b82f5dddda8e272ca81a0f7027c0345a0da544
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1