urlscan.io logo urlscan.io
SecurityTrails logo

retirementtaxbill.com Open in urlscan Pro
3.142.201.129  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://email.mg.lirplan.com/c/eJwdjstqAjEUQL9mshwyuea1yKIoDrXQoqLSlWSSqxMm8zCTUtuvrxbO7sDhuHPwZmIbQbf2Y7XB5e17B8fb-yeJo3u6Zl...
Effective URL: https://retirementtaxbill.com/?u=WkR3dWV0d0FsS3lqdGdsQUhKVS96dz09
Submission: On October 28 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 9 domains to perform 24 HTTP transactions. The main IP is 3.142.201.129, located in Columbus, United States and belongs to AMAZON-02, US. The main domain is retirementtaxbill.com.
TLS certificate: Issued by R3 on September 24th 2022. Valid for: 3 months.
This is the only time retirementtaxbill.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.127.83.42 396982 (GOOGLE-CL...)
1 7 3.142.201.129 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 162.159.128.61 13335 (CLOUDFLAR...)
1 3.18.201.9 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
7 151.101.114.109 54113 (FASTLY)
2 52.217.142.176 16509 (AMAZON-02)
2 34.120.202.204 396982 (GOOGLE-CL...)
1 162.159.138.60 13335 (CLOUDFLAR...)
24 10
1    34.127.83.42 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 42.83.127.34.bc.googleusercontent.com
email.mg.lirplan.com
7    3.142.201.129 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-142-201-129.us-east-2.compute.amazonaws.com
retirementtaxbill.com
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    162.159.128.61 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
player.vimeo.com
1    3.18.201.9 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-18-201-9.us-east-2.compute.amazonaws.com
app.stonewoodfinancial.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    151.101.114.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
f.vimeocdn.com
i.vimeocdn.com
2    52.217.142.176 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
2    34.120.202.204 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.202.120.34.bc.googleusercontent.com
fresnel.vimeocdn.com
1    162.159.138.60 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
vimeo.com
Apex Domain
Subdomains		 Transfer
9 vimeocdn.com
f.vimeocdn.com — Cisco Umbrella Rank: 2952
i.vimeocdn.com — Cisco Umbrella Rank: 2868
fresnel.vimeocdn.com — Cisco Umbrella Rank: 2874
370 KB
7 retirementtaxbill.com
retirementtaxbill.com
2 MB
2 amazonaws.com
s3.amazonaws.com
32 KB
2 vimeo.com
player.vimeo.com — Cisco Umbrella Rank: 1736
vimeo.com — Cisco Umbrella Rank: 1620
11 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 387
362 KB
1 gstatic.com
fonts.gstatic.com
44 KB
1 stonewoodfinancial.com
app.stonewoodfinancial.com
1 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 36
1 KB
1 lirplan.com
email.mg.lirplan.com
334 B
24 9
Domain Requested by
7 retirementtaxbill.com 1 redirects retirementtaxbill.com
5 f.vimeocdn.com player.vimeo.com
2 fresnel.vimeocdn.com f.vimeocdn.com
2 s3.amazonaws.com
2 i.vimeocdn.com player.vimeo.com
2 cdn.jsdelivr.net retirementtaxbill.com
cdn.jsdelivr.net
1 vimeo.com f.vimeocdn.com
1 fonts.gstatic.com fonts.googleapis.com
1 app.stonewoodfinancial.com retirementtaxbill.com
1 player.vimeo.com retirementtaxbill.com
1 fonts.googleapis.com retirementtaxbill.com
1 email.mg.lirplan.com 1 redirects
24 12

This site contains no links.

Subject Issuer Validity Valid
retirementtaxbill.com
R3		 2022-09-24 -
2022-12-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-02 -
2023-06-01		 a year crt.sh
app.stonewoodfinancial.com
R3		 2022-09-08 -
2022-12-07		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.vimeocdn.com
GlobalSign Atlas R3 DV TLS CA 2022 Q2		 2022-05-17 -
2023-06-18		 a year crt.sh
s3.amazonaws.com
Amazon		 2022-04-01 -
2023-03-30		 a year crt.sh
fresnel.vimeocdn.com
GTS CA 1D4		 2022-09-30 -
2022-12-29		 3 months crt.sh
vimeo.com
Cloudflare Inc ECC CA-3		 2022-09-21 -
2023-09-20		 a year crt.sh

This page contains 2 frames:

Primary Page: https://retirementtaxbill.com/?u=WkR3dWV0d0FsS3lqdGdsQUhKVS96dz09
Frame ID: 78FFC6146968319C00135BD5D36039F9
Requests: 13 HTTP requests in this frame

Frame: https://player.vimeo.com/video/605875159?h=1e06f9d73c
Frame ID: 352834939732FB70BA9007F6F718ED46
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

retirementtaxbill

Page URL History Show full URLs

  1. http://email.mg.lirplan.com/c/eJwdjstqAjEUQL9mshwyuea1yKIoDrXQoqLSlWSSqxMm8zCTUtuvrxbO7sDhuHPwZmIbQbf2Y7... HTTP 302
    http://retirementtaxbill.com/?u=WkR3dWV0d0FsS3lqdGdsQUhKVS96dz09 HTTP 301
    https://retirementtaxbill.com/?u=WkR3dWV0d0FsS3lqdGdsQUhKVS96dz09 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

24
Requests

100 %
HTTPS

27 %
IPv6

9
Domains

12
Subdomains

10
IPs

3
Countries

2715 kB
Transfer

4197 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://email.mg.lirplan.com/c/eJwdjstqAjEUQL9mshwyuea1yKIoDrXQoqLSlWSSqxMm8zCTUtuvrxbO7sDhuHPwZmIbQbf2Y7XB5e17B8fb-yeJo3u6ZlV3cHB5UHD19e6149s7wd6GeM4_E5oxt5hIMIwyVlGmKg2yUqUUzl4sVVRfrNaVLxa0v5YxpCnaoXRjT1qjOCopgbuGStFobgEk041svHNWIyPRtDlPBbwUbP0gYQ4JexxytvcmxPjsPBWsvwpYnbod-NORerqe9xBvvvbz9tC-Hfda-F-qSTI5YEpYutZOE8bHUxrn_xk0lRBCK65AEW84XzAq_wD3bliK HTTP 302
    http://retirementtaxbill.com/?u=WkR3dWV0d0FsS3lqdGdsQUhKVS96dz09 HTTP 301
    https://retirementtaxbill.com/?u=WkR3dWV0d0FsS3lqdGdsQUhKVS96dz09 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
retirementtaxbill.com/
Redirect Chain
  • http://email.mg.lirplan.com/c/eJwdjstqAjEUQL9mshwyuea1yKIoDrXQoqLSlWSSqxMm8zCTUtuvrxbO7sDhuHPwZmIbQbf2Y7XB5e17B8fb-yeJo3u6ZlV3cHB5UHD19e6149s7wd6GeM4_E5oxt5hIMIwyVlGmKg2yUqUUzl4sVVRfrNaVLxa0v5YxpCn...
  • http://retirementtaxbill.com/?u=WkR3dWV0d0FsS3lqdGdsQUhKVS96dz09
  • https://retirementtaxbill.com/?u=WkR3dWV0d0FsS3lqdGdsQUhKVS96dz09
1 KB
861 B 		Document
General
Check archive.org
Download Go to
Full URL
https://retirementtaxbill.com/?u=WkR3dWV0d0FsS3lqdGdsQUhKVS96dz09
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.142.201.129 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-142-201-129.us-east-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
de8172e5c23434d2b711129265edcd09a184499f9437f2ce8823e88326b9b00c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Fri, 28 Oct 2022 21:24:22 GMT
ETag
W/"62d58d5e-4f1"
Last-Modified
Mon, 18 Jul 2022 16:42:06 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Fri, 28 Oct 2022 21:24:22 GMT
Location
https://retirementtaxbill.com/?u=WkR3dWV0d0FsS3lqdGdsQUhKVS96dz09
Server
nginx/1.18.0 (Ubuntu)
css2
fonts.googleapis.com/ 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700;800&display=swap
Requested by
Host: retirementtaxbill.com
URL: https://retirementtaxbill.com/?u=WkR3dWV0d0FsS3lqdGdsQUhKVS96dz09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
25038265e790e4ee17e16018c71e3a315baa5975b36afefe5249f8310f6aa749
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retirementtaxbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 28 Oct 2022 21:24:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 28 Oct 2022 21:11:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 28 Oct 2022 21:24:22 GMT
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@5.x/css/ 		268 KB
44 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@5.x/css/materialdesignicons.min.css
Requested by
Host: retirementtaxbill.com
URL: https://retirementtaxbill.com/?u=WkR3dWV0d0FsS3lqdGdsQUhKVS96dz09
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b9c9c2d93395ec8f6a7e8220ace8030af3cd8ce73ec9b67f57e4712b54432cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retirementtaxbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 21:24:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
34082
x-jsd-version
5.9.55
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19179-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"42ee2-CKTXny4oZWgGaKw+ActLLIvSXKE"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7616bceb6a7c9259-FRA
app.c24a21e6.css
retirementtaxbill.com/css/ 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://retirementtaxbill.com/css/app.c24a21e6.css
Requested by
Host: retirementtaxbill.com
URL: https://retirementtaxbill.com/?u=WkR3dWV0d0FsS3lqdGdsQUhKVS96dz09
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.142.201.129 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-142-201-129.us-east-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9db6c9be78eb6e21cc3c1e6669764a6e018d35be7f540ea525bee3144c0f8f31

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retirementtaxbill.com/?u=WkR3dWV0d0FsS3lqdGdsQUhKVS96dz09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Fri, 28 Oct 2022 21:24:22 GMT
Last-Modified
Mon, 18 Jul 2022 16:42:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62d58d58-9ac"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2476
chunk-vendors.525dbdc7.css
retirementtaxbill.com/css/ 		362 KB
362 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://retirementtaxbill.com/css/chunk-vendors.525dbdc7.css
Requested by
Host: retirementtaxbill.com
URL: https://retirementtaxbill.com/?u=WkR3dWV0d0FsS3lqdGdsQUhKVS96dz09
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.142.201.129 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-142-201-129.us-east-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c1b29262ce3a043874204e7b17b0537cb9b5d0b6ca57abb2a4e9a23f2591ecad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retirementtaxbill.com/?u=WkR3dWV0d0FsS3lqdGdsQUhKVS96dz09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Fri, 28 Oct 2022 21:24:23 GMT
Last-Modified
Mon, 18 Jul 2022 16:42:00 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62d58d58-5a8b0"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
370864
app.2b615a03.js
retirementtaxbill.com/js/ 		32 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retirementtaxbill.com/js/app.2b615a03.js
Requested by
Host: retirementtaxbill.com
URL: https://retirementtaxbill.com/?u=WkR3dWV0d0FsS3lqdGdsQUhKVS96dz09
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.142.201.129 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-142-201-129.us-east-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5bfa64d87243615141ec56f1b2b7ec1e14794b3b2d2602a41c9dd84aafe2c91f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retirementtaxbill.com/?u=WkR3dWV0d0FsS3lqdGdsQUhKVS96dz09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Fri, 28 Oct 2022 21:24:23 GMT
Last-Modified
Mon, 18 Jul 2022 16:42:03 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62d58d5b-7e0e"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32270
chunk-vendors.96ce5dcd.js
retirementtaxbill.com/js/ 		477 KB
478 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://retirementtaxbill.com/js/chunk-vendors.96ce5dcd.js
Requested by
Host: retirementtaxbill.com
URL: https://retirementtaxbill.com/?u=WkR3dWV0d0FsS3lqdGdsQUhKVS96dz09
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.142.201.129 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-142-201-129.us-east-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7a0cd3cd0eeafb8984f6844eee6a9ae2d2a5f37af46167e56d6be4267d9066a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retirementtaxbill.com/?u=WkR3dWV0d0FsS3lqdGdsQUhKVS96dz09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Fri, 28 Oct 2022 21:24:23 GMT
Last-Modified
Mon, 18 Jul 2022 16:42:03 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"62d58d5b-775fb"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
488955
605875159
player.vimeo.com/video/ Frame 3528 		19 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/605875159?h=1e06f9d73c
Requested by
Host: retirementtaxbill.com
URL: https://retirementtaxbill.com/js/chunk-vendors.96ce5dcd.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.128.61 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e66dff35c8b8d2f1b5814524159b73a4fe6e4934d4f55017eb0d29262188c95a
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*; report-uri /_csp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://retirementtaxbill.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
CF-Cache-Status
DYNAMIC
CF-RAY
7616bcf2d9fa9b9a-FRA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Fri, 28 Oct 2022 21:24:24 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Cache
MISS
X-Cache-Hits
0
X-Player-Backend
p
X-Served-By
cache-fra-eddf8230120-FRA
X-Timer
S1666992264.151370,VS0,VE116
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy
script-src 'self' 'unsafe-inline' 'unsafe-eval' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel-player-staging.vimeows.com https://fresnel-event-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app/ https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://devcaptions.cloud.vimeo.com/; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; font-src https://edge-assets.wirewax.com https://player.vimeo.com https://fonts.gstatic.com; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com https://f.vimeocdn.com; frame-src 'self' https://*; report-uri /_csp
expires
Fri, 28 Oct 2022 21:32:05 GMT
link
<https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
p3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 varnish, 1.1 varnish
x-backend-proxy
playproxy1
x-bapp-server
player-8755c65b6-rhwj5
x-content-type-options
nosniff
x-host
player-8755c65b6-rhwj5
x-varnish-cache
1
x-vserver
playproxy-rollout-prod-varnish-0
x-xss-protection
1; mode=block
get-client-branding.php
app.stonewoodfinancial.com/scripts/proposals/rmd/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.stonewoodfinancial.com/scripts/proposals/rmd/get-client-branding.php
Requested by
Host: retirementtaxbill.com
URL: https://retirementtaxbill.com/js/chunk-vendors.96ce5dcd.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.18.201.9 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-18-201-9.us-east-2.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
741c8914ba6a7f9e734f9d302d3791b7f421f076c693373b212df12ebb508ade

Request headers

Accept
application/json, text/plain, */*
Referer
https://retirementtaxbill.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 28 Oct 2022 21:24:24 GMT
Content-Encoding
gzip
Server
nginx/1.10.3 (Ubuntu)
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
herobg.dffb2ad5.png
retirementtaxbill.com/img/ 		1018 KB
1018 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://retirementtaxbill.com/img/herobg.dffb2ad5.png
Requested by
Host: retirementtaxbill.com
URL: https://retirementtaxbill.com/?u=WkR3dWV0d0FsS3lqdGdsQUhKVS96dz09
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
3.142.201.129 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-142-201-129.us-east-2.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
70488ef7f38058eb3bfcea7f96eb12183f864af75393c7d6d643a96122841832

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retirementtaxbill.com/?u=WkR3dWV0d0FsS3lqdGdsQUhKVS96dz09
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Fri, 28 Oct 2022 21:24:24 GMT
Last-Modified
Wed, 01 Dec 2021 19:01:55 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"61a7c6a3-fe895"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1042581
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700;800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://retirementtaxbill.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 18:50:34 GMT
x-content-type-options
nosniff
age
354830
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 18:50:34 GMT
materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@5.x/fonts/ 		318 KB
318 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@5.x/fonts/materialdesignicons-webfont.woff2?v=5.9.55
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@5.x/css/materialdesignicons.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da7fba3ca3e0b9cd42a9cd10c7c6ed16d2fdb938174116601cd3d51033c6f490
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@mdi/font@5.x/css/materialdesignicons.min.css
Origin
https://retirementtaxbill.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 21:24:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
38466
x-jsd-version
5.9.55
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
325244
x-served-by
cache-fra19129-FRA
x-jsd-version-type
version
server
cloudflare
etag
W/"4f67c-W8lIr//mYzY5FU4CS/BHzz74EyY"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7616bcf30d059a09-FRA
player.module.js
f.vimeocdn.com/p/4.11.11/js/ Frame 3528 		455 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/4.11.11/js/player.module.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/605875159?h=1e06f9d73c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ad704c627aa100e5ebaa79378897a5b2e4c7621ed68661128471fc1289e3ac39

Request headers

Referer
https://player.vimeo.com/
Origin
https://player.vimeo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-served-by
cache-iad-kiad7000126-IAD, cache-hhn4024-HHN
date
Fri, 28 Oct 2022 21:24:24 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
age
368219
x-timer
S1666992264.493573,VS0,VE0
vary
Accept-Encoding,x-http-method-override
x-cache
HIT, HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
content-length
108320
x-cache-hits
15, 75679
vendor.module.js
f.vimeocdn.com/p/4.11.11/js/ Frame 3528 		471 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/4.11.11/js/vendor.module.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/605875159?h=1e06f9d73c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fd0d282d40334b40d702f4ae6c2f98c3edc40c0be9eec78688aad6d06aea5082

Request headers

Referer
https://player.vimeo.com/
Origin
https://player.vimeo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-served-by
cache-iad-kcgs7200171-IAD, cache-hhn4024-HHN
date
Fri, 28 Oct 2022 21:24:24 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
age
368219
x-timer
S1666992264.493539,VS0,VE0
vary
Accept-Encoding,x-http-method-override
x-cache
HIT, HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
content-length
116484
x-cache-hits
19, 131899
player.css
f.vimeocdn.com/p/4.11.11/css/ Frame 3528 		205 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/4.11.11/css/player.css
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/605875159?h=1e06f9d73c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
96a380786ad6cbf73028a0bfc7ac24d210cb66c03a4d1dc5766868fbbd402e60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-served-by
cache-iad-kjyo7100084-IAD, cache-hhn4066-HHN
date
Fri, 28 Oct 2022 21:24:24 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
age
368224
x-timer
S1666992264.450665,VS0,VE0
vary
Accept-Encoding,x-http-method-override
x-cache
HIT, HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
content-length
20368
x-cache-hits
3, 166433
1267024218-2ac8e4c045d47e5c86ea88273781c347db659431c6fedfd25.jpg
i.vimeocdn.com/video/ Frame 3528 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/1267024218-2ac8e4c045d47e5c86ea88273781c347db659431c6fedfd25.jpg?mw=80&q=85
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/605875159?h=1e06f9d73c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d13fac40c4bb06da618de1f0f46b5b86021ba4d54460be27ca980704027df32b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 21:24:24 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
292969
x-viewmaster-lossless-format
lossy
x-cache
miss, HIT, HIT
x-backend-server
varnish
content-length
1779
viewmaster-server
viewmaster-us-central1-1tlg
x-served-by
cache-dfw-kdfw8210114-DFW, cache-hhn4063-HHN
x-timer
S1666992264.491560,VS0,VE7
etag
9f41e5ba9f344ec3ba0de81a255ec873
access-control-max-age
86400
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Viewmaster-Status
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
270, 1
player.de-DE.module.js
f.vimeocdn.com/p/4.11.11/js/ Frame 3528 		457 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/4.11.11/js/player.de-DE.module.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/605875159?h=1e06f9d73c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f0bd9fb2c05f860608c1547413c267f4092a3090ab4c7d1485c60ca3235c35d

Request headers

Referer
https://player.vimeo.com/
Origin
https://player.vimeo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-served-by
cache-iad-kiad7000164-IAD, cache-hhn4024-HHN
date
Fri, 28 Oct 2022 21:24:24 GMT
content-encoding
br
via
1.1 varnish, 1.1 varnish
age
368191
x-timer
S1666992264.493514,VS0,VE0
vary
Accept-Encoding,x-http-method-override
x-cache
HIT, HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
content-length
109728
x-cache-hits
2, 51021
1663162732_67f41f7b-a154-4721-ae14-cdda144518e5.png
s3.amazonaws.com/stonewood-app/company-logos/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/stonewood-app/company-logos/1663162732_67f41f7b-a154-4721-ae14-cdda144518e5.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.142.176 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
4cb734fac5ba6dc4badfd9ed743121771a31126a77d4f8f6c41fa38bd9a687a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retirementtaxbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Fri, 28 Oct 2022 21:24:25 GMT
Last-Modified
Wed, 14 Sep 2022 13:38:54 GMT
Server
AmazonS3
x-amz-request-id
JVQR8JD4VYNVSEFT
ETag
"7accf441ffaba92feba4d8de0a8f832d"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
16021
x-amz-id-2
LCUSMOMJCv1z49V7OZDSuW3YsM3PavddKsveOhssG52Uf0e1VCuWC/c+M0zVEaHHyiEnfFul6VE=
vuid.min.js
f.vimeocdn.com/js_opt/modules/utils/ Frame 3528 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/605875159?h=1e06f9d73c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-served-by
cache-iad-kiad7000106-IAD, cache-hhn4066-HHN
date
Fri, 28 Oct 2022 21:24:24 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
792425
x-timer
S1666992265.899387,VS0,VE0
vary
Accept-Encoding,x-http-method-override
x-cache
HIT, HIT
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
997
x-cache-hits
52304, 128006
player-test-impression
fresnel.vimeocdn.com/add/ Frame 3528 		0
40 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.11.11/js/vendor.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Fri, 28 Oct 2022 21:24:24 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
1267024218-2ac8e4c045d47e5c86ea88273781c347db659431c6fedfd25
i.vimeocdn.com/video/ Frame 3528 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/1267024218-2ac8e4c045d47e5c86ea88273781c347db659431c6fedfd25?mw=600&mh=338
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f316785b9c326175f432d837e928f07abfa835407a48a291946f236d439a6eda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date
Fri, 28 Oct 2022 21:24:24 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
795179
x-viewmaster-lossless-format
automatic
x-cache
miss, HIT, HIT
x-backend-server
varnish
content-length
18934
viewmaster-server
viewmaster-us-central1-377k
x-served-by
cache-dfw-kdfw8210071-DFW, cache-hhn4063-HHN
x-timer
S1666992265.688194,VS0,VE1
etag
82e6dd731897c0a343f5595bcab11f67
access-control-max-age
86400
vary
Accept
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
X-Viewmaster-Status
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
24, 1
player-stats
fresnel.vimeocdn.com/add/ Frame 3528 		0
142 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=488338ee5969f189507c4a9ee7de3213559cf5331666992264
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.11.11/js/vendor.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Fri, 28 Oct 2022 21:24:24 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vuid
vimeo.com/ablincoln/ Frame 3528 		0
901 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vimeo.com/ablincoln/vuid?pid=488338ee5969f189507c4a9ee7de3213559cf5331666992264
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.138.60 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

expires
Fri, 28 Oct 2022 09:24:25 GMT
Date
Fri, 28 Oct 2022 21:24:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
CF-Cache-Status
DYNAMIC
Via
1.1 varnish, 1.1 varnish
content-security-policy-report-only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache
MISS, MISS
Connection
keep-alive
x-xss-protection
1; mode=block
X-Served-By
cache-iad-kcgs7200064-IAD, cache-fra-eddf8230033-FRA
x-ua-compatible
IE=edge
x-vimeo-device
d
Server
cloudflare
X-Timer
S1666992265.004170,VS0,VE135
x-backend-proxy
webproxy2
x-frame-options
sameorigin
Vary
User-Agent
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server
pweb-fbc4f56c6-j5ccb
Accept-Ranges
bytes
CF-RAY
7616bcf81ea890b8-FRA
X-Cache-Hits
0, 0
1663162732_67f41f7b-a154-4721-ae14-cdda144518e5.png
s3.amazonaws.com/stonewood-app/company-logos/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/stonewood-app/company-logos/1663162732_67f41f7b-a154-4721-ae14-cdda144518e5.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.142.176 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
4cb734fac5ba6dc4badfd9ed743121771a31126a77d4f8f6c41fa38bd9a687a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://retirementtaxbill.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date
Fri, 28 Oct 2022 21:24:26 GMT
Last-Modified
Wed, 14 Sep 2022 13:38:54 GMT
Server
AmazonS3
x-amz-request-id
WSKA122KK9921RSA
ETag
"7accf441ffaba92feba4d8de0a8f832d"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
16021
x-amz-id-2
+NvrgjIlYb5Y0I1DBzd0tStuPycNEq1faph+J32Yy9M1do+BYHUNwrnEkfxssGaZx2uGD76MvfE=

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| webpackJsonp function| jQuery function| $

2 Cookies

Domain/Path Name / Value
.vimeo.com/ Name: __cf_bm
Value: jHOBIegV9eEiYNww3U7kojcwAMNS1ZhZb7SmJ8utg6I-1666992264-0-AQRetHiTIGCk77te2hCQKheneegc2Xpkr9tH/B4hq4d0gi6M8Ui2MsLEkNCxUR7d/StLGL+uNNkq1F87FOdf6xc=
.vimeo.com/ Name: vuid
Value: pl392244194.20552615

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.stonewoodfinancial.com
cdn.jsdelivr.net
email.mg.lirplan.com
f.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
fresnel.vimeocdn.com
i.vimeocdn.com
player.vimeo.com
retirementtaxbill.com
s3.amazonaws.com
vimeo.com
151.101.114.109
162.159.128.61
162.159.138.60
2606:4700::6810:5614
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200a
3.142.201.129
3.18.201.9
34.120.202.204
34.127.83.42
52.217.142.176
25038265e790e4ee17e16018c71e3a315baa5975b36afefe5249f8310f6aa749
4cb734fac5ba6dc4badfd9ed743121771a31126a77d4f8f6c41fa38bd9a687a5
4f0bd9fb2c05f860608c1547413c267f4092a3090ab4c7d1485c60ca3235c35d
5bfa64d87243615141ec56f1b2b7ec1e14794b3b2d2602a41c9dd84aafe2c91f
70488ef7f38058eb3bfcea7f96eb12183f864af75393c7d6d643a96122841832
741c8914ba6a7f9e734f9d302d3791b7f421f076c693373b212df12ebb508ade
7a0cd3cd0eeafb8984f6844eee6a9ae2d2a5f37af46167e56d6be4267d9066a3
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
96a380786ad6cbf73028a0bfc7ac24d210cb66c03a4d1dc5766868fbbd402e60
9b9c9c2d93395ec8f6a7e8220ace8030af3cd8ce73ec9b67f57e4712b54432cb
9db6c9be78eb6e21cc3c1e6669764a6e018d35be7f540ea525bee3144c0f8f31
ad704c627aa100e5ebaa79378897a5b2e4c7621ed68661128471fc1289e3ac39
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a
c1b29262ce3a043874204e7b17b0537cb9b5d0b6ca57abb2a4e9a23f2591ecad
d13fac40c4bb06da618de1f0f46b5b86021ba4d54460be27ca980704027df32b
da7fba3ca3e0b9cd42a9cd10c7c6ed16d2fdb938174116601cd3d51033c6f490
de8172e5c23434d2b711129265edcd09a184499f9437f2ce8823e88326b9b00c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66dff35c8b8d2f1b5814524159b73a4fe6e4934d4f55017eb0d29262188c95a
f316785b9c326175f432d837e928f07abfa835407a48a291946f236d439a6eda
fd0d282d40334b40d702f4ae6c2f98c3edc40c0be9eec78688aad6d06aea5082