freedomtaxrefund.com Open in urlscan Pro
34.83.38.241 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.freedomtaxrefund.com/
Effective URL:
https://freedomtaxrefund.com/
Submission: On February 16 via automatic, source certstream-suspicious (February 16th 2022, 1:46:29 am UTC) — Scanned from DE

Summary HTTP 69 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 8 domains to perform 69 HTTP transactions. The main IP is 34.83.38.241, located in The Dalles, United States and belongs to GOOGLE-PRIVATE-CLOUD, US. The main domain is freedomtaxrefund.com.
TLS certificate: Issued by R3 on February 16th 2022. Valid for: 3 months.

This is the only time freedomtaxrefund.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 16	34.83.38.241 34.83.38.241	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1	2a00:1450:400... 2a00:1450:400e:80e::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a06:98c1:312... 2a06:98c1:3121::f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	23.96.4.241 23.96.4.241	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400e:801::2004	15169 (GOOGLE) (GOOGLE)
20	2620:1ec:46::44 2620:1ec:46::44	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
11	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400e:801::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400e:801::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400e:810::2003	15169 (GOOGLE) (GOOGLE)
69	13

16 34.83.38.241 (The Dalles, United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 241.38.83.34.bc.googleusercontent.com

www.freedomtaxrefund.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
freedomtaxrefund.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cardsetter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:80e::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3121::f (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.96.4.241 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.cognitoforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:801::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2620:1ec:46::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

static.cognitoforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400e:801::2003 (Ireland)

ASN15169 (GOOGLE, US)

maps.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:801::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:810::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	cognitoforms.com www.cognitoforms.com — Cisco Umbrella Rank: 46943 static.cognitoforms.com — Cisco Umbrella Rank: 104575	272 KB
15	freedomtaxrefund.com 1 redirects www.freedomtaxrefund.com freedomtaxrefund.com	614 KB
14	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 250 maps.googleapis.com — Cisco Umbrella Rank: 349 fonts.googleapis.com — Cisco Umbrella Rank: 35	245 KB
5	gstatic.com maps.gstatic.com fonts.gstatic.com	98 KB
4	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 1582 ka-f.fontawesome.com — Cisco Umbrella Rank: 2933	23 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 197	11 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	cardsetter.com cardsetter.com	4 KB
69	8

	Domain	Requested by
20	static.cognitoforms.com	www.cognitoforms.com
14	freedomtaxrefund.com	freedomtaxrefund.com
11	maps.googleapis.com	www.google.com maps.googleapis.com
7	www.cognitoforms.com	freedomtaxrefund.com www.cognitoforms.com static.cognitoforms.com
3	maps.gstatic.com	www.google.com freedomtaxrefund.com
3	cdnjs.cloudflare.com	freedomtaxrefund.com
3	ka-f.fontawesome.com	kit.fontawesome.com
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	www.cognitoforms.com static.cognitoforms.com
1	www.google.com	freedomtaxrefund.com
1	cardsetter.com	freedomtaxrefund.com
1	kit.fontawesome.com	freedomtaxrefund.com
1	ajax.googleapis.com	freedomtaxrefund.com
1	www.freedomtaxrefund.com	1 redirects
69	14

This site contains links to these domains. Also see Links.

Domain
goo.gl
cardsetter.com

Subject Issuer	Validity	Valid
freedomtaxrefund.com R3	`2022-02-16` - `2022-05-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-07` - `2022-05-02`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2023-01-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-12` - `2022-09-11`	a year	crt.sh
*.cognitoforms.com Go Daddy Secure Certificate Authority - G2	`2020-06-13` - `2022-08-29`	2 years	crt.sh
cardsetter.com R3	`2022-02-09` - `2022-05-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://freedomtaxrefund.com/
Frame ID: 59E9EE2E6AEBBAE419443186E813458F
Requests: 24 HTTP requests in this frame

Frame: https://www.cognitoforms.com/f/Tvg7jDdv30WqXFGuvk-qBQ/1
Frame ID: 11ADE1E18EC7B6FDF3D490AC1EB4579B
Requests: 31 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3580.5220617313985!2d-80.20610998497041!3d26.179690483448848!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x88d9041dfa7ac065%3A0x244727f348d4b6eb!2s4397%20N%20State%20Rd%207%2C%20Lauderdale%20Lakes%2C%20FL%2033319%2C%20USA!5e0!3m2!1sen!2srs!4v1644685958635!5m2!1sen!2srs
Frame ID: 30B8BC9C748CE5B8608D16B0D57E876F
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Freedom Tax Services

Page URL History Show full URLs

https://www.freedomtaxrefund.com/ HTTP 301
https://freedomtaxrefund.com/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

69
Requests

100 %
HTTPS

83 %
IPv6

8
Domains

14
Subdomains

13
IPs

3
Countries

1269 kB
Transfer

3900 kB
Size

2
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://goo.gl/maps/ovQzywTrG1JYSxmx8
Title: 4397 N. State Rd. 7, Lauderdale Lakes, FL 33319

Search URL Search Domain Scan URL

URL: https://cardsetter.com/
Title: Powered By Cardsetter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.freedomtaxrefund.com/ HTTP 301
https://freedomtaxrefund.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

69 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
freedomtaxrefund.com/
Redirect Chain

https://www.freedomtaxrefund.com/
https://freedomtaxrefund.com/

128 KB
20 KB

474ms
142ms

Document
text/html

34.83.38.241
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomtaxrefund.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.83.38.241 The Dalles, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

241.38.83.34.bc.googleusercontent.com

Software

nginx/1.15.10 /

Resource Hash

59283f95a847220905eb3934b86da7c752a4b1f7581852876189cd9cedf5174a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx/1.15.10
date: Wed, 16 Feb 2022 01:46:22 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding
cache-control: public, s-maxage=3600
etag: W/"20180-kdAxqDN4Iqgz06VA2viH7E7pxVk"
age: 43
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip

Redirect headers

server: nginx/1.15.10
date: Wed, 16 Feb 2022 01:46:21 GMT
content-type: text/html
content-length: 170
location: https://freedomtaxrefund.com

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 46ms
14ms Script
text/javascript 2a00:1450:400e:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://freedomtaxrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 13:25:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 130865
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 Feb 2023 13:25:17 GMT

GET
H2 200 4678887713.js Show response
kit.fontawesome.com/ 11 KB
4 KB 72ms
28ms Script
text/javascript 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/4678887713.js

Requested by

Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36cee952a1cc4af1b3784e5f52731e544f323e198f32248ce18947ac80d27920

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://freedomtaxrefund.com/
Origin: https://freedomtaxrefund.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:46:22 GMT
content-encoding: gzip
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-cache-status: HIT
age: 2
strict-transport-security: max-age=31536000; preload
x-request-id: FtQg8Fy6M2cIE8mLXvBB
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
cf-ray: 6de31a126bab83b4-MXP
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 131ms
27ms Fetch
text/css 2a06:98c1:3121::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=4678887713
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/4678887713.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://freedomtaxrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:46:22 GMT
via: 1.1 82a476a12dec0fbc7a41b159bd76cf6a.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M8CJKSE%2F7ZOr3YOtm1OQ9HD75sKmEnYj7okbWNpjnbowXPpTP7wFg2E%2FTS9O3YJyCTjQp%2Bd45eH%2BVHGURi5xzPmc9tvjfrzdu%2FDLt%2FpvGygMkhvryjkIFVDzPiTH1wuUvOKoJF91QXpjj9FawLpNASqLQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: MXP63-P1
cf-ray: 6de31a133bb90dfe-MXP
access-control-allow-headers: fa-kit-token
x-amz-cf-id: Q-VQ2LEwLvEX19nwlN4UxkLgovWRouAlprwrTKrrb7p46T0Z6krbiw==

GET
H2 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
4 KB 132ms
27ms Fetch
text/css 2a06:98c1:3121::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=4678887713
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/4678887713.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://freedomtaxrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:46:22 GMT
via: 1.1 d2efc2528c9d37ec19b94a3d8dc21422.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vo3rsCUPKcteMxXF4iCE2zJVM8quS2Md7BOonm3HRl1sGGfkArnAZH%2FZryTCeSJWgq4GfBKa6o4gKi317dlkq6tpvr7wXyYPrfldLNDlqxvON%2FnXvdLzad%2Fg7d3FYhxd96voAezAsvNBp8zYf%2Fec9YVTXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: MXP63-P1
cf-ray: 6de31a133bba0dfe-MXP
access-control-allow-headers: fa-kit-token
x-amz-cf-id: PaGbH_81ELs_NbYyRlx6XTLR7QX-BIvKaM7H73BMpcLNJsnQx6U-zA==

GET
H2 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
2 KB 130ms
26ms Fetch
text/css 2a06:98c1:3121::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=4678887713
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/4678887713.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://freedomtaxrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:46:22 GMT
via: 1.1 018d49139552bac4221d8e525a1600be.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2
x-cache: Hit from cloudfront
access-control-allow-methods: GET
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z34BJjw3KNHNDCEiueBhFKk7AiESvaVe31Tf4jj1paGUSKnNXJdkqfbP0mvtTBS0n%2BB6Q6NUO23A6BvZCAG2OOL5CT7SRbkPNoOo8PnpP79bbea7je9VWMWhMy1OptqucedhytnFm3kn%2BUCLOzeP1%2FnT1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
x-amz-cf-pop: MXP63-P1
cf-ray: 6de31a133bbb0dfe-MXP
access-control-allow-headers: fa-kit-token
x-amz-cf-id: nLqRt4ZV2j-qebd9woJEnCNzLSjm0omYx2n5NPMt7VGPavthe28jAQ==

GET
H2 200 drawer.min.css
cdnjs.cloudflare.com/ajax/libs/drawer/3.2.2/css/ 7 KB
2 KB 80ms
24ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/drawer/3.2.2/css/drawer.min.css

Requested by

Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0828d30d904cdb14a90cff420541165a1eb0567dee4300186565f367018fd06

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://freedomtaxrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:46:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 84671
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1246
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e3e-1ac9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2FDdOtALkf4JMx%2BmAU%2FVojcHNWA054hO8Nv0oLLVwugebR4T29xJ5DwqIqcOcu0S%2B87kOqp3hI%2B4jgR5eYLzBQI8%2B6Lk0xP2qaEXY48e4fCpVY1%2FQceLlJYcj1yYnBYddru9qdxnaylYub%2BKfIULwu6C"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6de31a133fcd83a6-MXP
expires: Mon, 06 Feb 2023 01:46:22 GMT

GET
H2 200 iscroll.min.js Show response
cdnjs.cloudflare.com/ajax/libs/iScroll/5.2.0/ 32 KB
8 KB 78ms
23ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/iScroll/5.2.0/iscroll.min.js

Requested by

Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95ea62b1500600dbaf8354a2a2a8f0f9e9d023217c53bb215a9aaa0524a44efb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://freedomtaxrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:46:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 8845472
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7559
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:10 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e9e-80dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c5wPlSegH5%2B8mIMcHZSHqgpkYPZdmJ%2Bf8LwkXtlqmpzFznlQCTXKu4APA9elIWIMt5%2Bfd%2B8om5GMpK8eoexYXMJe2ZZ2XrqSvklDM2Su89UnZLOEctXWQwOHyBQlDVZER2mzSP8fVFxSydjrxMs8%2BwUs"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6de31a133fd083a6-MXP
expires: Mon, 06 Feb 2023 01:46:22 GMT

GET
H2 200 drawer.min.js Show response
cdnjs.cloudflare.com/ajax/libs/drawer/3.2.2/js/ 3 KB
1 KB 80ms
25ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/drawer/3.2.2/js/drawer.min.js

Requested by

Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a96b79230a7166f85e822caf6ebc7f0481a83c98099e1004c5b9b9aba3c4743c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://freedomtaxrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:46:22 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 542143
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 883
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e3e-b36"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fXRi075XY%2F2lo185h%2BcDB2o3HbUCGkQHOoYW%2BFhKMpSUlN0zi6WZjbr8FE4F79qQeRC2AxaFtTJZjb%2Ba%2FJxJOjA05mdQoYeDq1W330ByQtVmZxwthdgKL1RoHNASKrUiaL334EHEu2JITcxIcHMa7LPt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6de31a133fd283a6-MXP
expires: Mon, 06 Feb 2023 01:46:22 GMT

GET
H2 200 logo.jpg
freedomtaxrefund.com/images/img_W4CD55GVrCoL1X2jSqjMLr/ 10 KB
11 KB 144ms
143ms Image
image/webp 34.83.38.241
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomtaxrefund.com/images/img_W4CD55GVrCoL1X2jSqjMLr/logo.jpg

Requested by

Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.83.38.241 The Dalles, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

241.38.83.34.bc.googleusercontent.com

Software

nginx/1.15.10 /

Resource Hash

bf85f082ac0307f67e36e703a07cd187c3081bbb396f42c4c6a3470cdc9fae80

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://freedomtaxrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:46:22 GMT
server: nginx/1.15.10
age: 43
etag: "1a755ab78ccfac466bd6f5bacdae1d3916984e90"
vary: x-accept-webp
content-type: image/webp
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
content-length: 10612

GET
H2 200 iframe.js Show response
www.cognitoforms.com/f/ 63 KB
26 KB 296ms
105ms Script
application/javascript 23.96.4.241
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cognitoforms.com/f/iframe.js

Requested by

Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.96.4.241 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

529c90edaa72f59d520b28990d2c221b4b75d2c27560213a8518d7669ae32a6c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://; img-src data:; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline'; frame-src 'self' https://* mailto:
Strict-Transport-Security	max-age=35136000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://freedomtaxrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=35136000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
p3p: CP="Cognito does not have a P3P policy. Visit https://cognitoforms.com/privacy for details."
vary: Accept-Encoding
content-length: 26101
request-context: appId=cid-v1:bac45fa9-8f8e-4ddb-8e70-d648fe57a27a
x-server-time: 2022-02-16T01:46:22.773Z
referrer-policy: origin-when-cross-origin
server: Microsoft-IIS/10.0
date: Wed, 16 Feb 2022 01:46:22 GMT
x-role-instance: Cognito.Services_IN_29
content-type: application/javascript
pragma: no-cache
access-control-expose-headers: X-SessionToken,X-Server-Time
cache-control: no-cache, no-store, must-revalidate
x-request-time: 3ms
content-security-policy: default-src 'self' https://*; img-src * data:; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline'; frame-src 'self' https://* mailto:
expires: -1

GET
H2 200 logo
cardsetter.com/images/img_ER9LaDJ3Gv9pq8yW5AvhKT/ 3 KB
4 KB 446ms
151ms Image
image/webp 34.83.38.241
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cardsetter.com/images/img_ER9LaDJ3Gv9pq8yW5AvhKT/logo?fit=inside&h=60&w=300

Requested by

Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.83.38.241 The Dalles, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

241.38.83.34.bc.googleusercontent.com

Software

nginx/1.15.10 /

Resource Hash

23173c3ea07b31e220006cf4684515fe0d7b5e5b8dc23a10b388567eb9eafdc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://freedomtaxrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:46:22 GMT
server: nginx/1.15.10
age: 1482
etag: "8ba0f4b3b844e288752ec56e37b428623b5d2710"
vary: x-accept-webp
content-type: image/webp
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
content-length: 3576

GET
H2 200 9f3cdc24fe876b354539.js Show response
freedomtaxrefund.com/assets/ 223 KB
57 KB 144ms
143ms Script
application/javascript 34.83.38.241
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomtaxrefund.com/assets/9f3cdc24fe876b354539.js

Requested by

Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.83.38.241 The Dalles, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

241.38.83.34.bc.googleusercontent.com

Software

nginx/1.15.10 /

Resource Hash

9473375ad87ce6b6a0ffcf10091df24b56b0492ac233b5d106716f4a728ec71c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://freedomtaxrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:46:22 GMT
content-encoding: gzip
last-modified: Thu, 21 Oct 2021 00:19:41 GMT
server: nginx/1.15.10
age: 43
etag: W/"37a89-17ca037c148"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 62cc9d22535e90beca84.js Show response
freedomtaxrefund.com/assets/ 235 KB
63 KB 290ms
288ms Script
application/javascript 34.83.38.241
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomtaxrefund.com/assets/62cc9d22535e90beca84.js

Requested by

Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.83.38.241 The Dalles, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

241.38.83.34.bc.googleusercontent.com

Software

nginx/1.15.10 /

Resource Hash

8d83b16e8e509c614fedea4b882cf8d045e4f195506a5184258b68bae8693069

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://freedomtaxrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:46:22 GMT
content-encoding: gzip
last-modified: Thu, 21 Oct 2021 00:19:41 GMT
server: nginx/1.15.10
age: 43
etag: W/"3ad98-17ca037c148"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 339caa491dc90a74b2b0.js Show response
freedomtaxrefund.com/assets/ 197 KB
60 KB 432ms
431ms Script
application/javascript 34.83.38.241
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomtaxrefund.com/assets/339caa491dc90a74b2b0.js

Requested by

Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.83.38.241 The Dalles, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

241.38.83.34.bc.googleusercontent.com

Software

nginx/1.15.10 /

Resource Hash

1a0ba9ad4fee38586304bea3273545f7692a214ff2a3742f515b0c17de7c12b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://freedomtaxrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:46:22 GMT
content-encoding: gzip
last-modified: Thu, 21 Oct 2021 00:19:41 GMT
server: nginx/1.15.10
age: 43
etag: W/"315d7-17ca037c148"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 180cec1772a8dd8a8c92.js Show response
freedomtaxrefund.com/assets/ 200 KB
61 KB 439ms
438ms Script
application/javascript 34.83.38.241
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomtaxrefund.com/assets/180cec1772a8dd8a8c92.js

Requested by

Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.83.38.241 The Dalles, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

241.38.83.34.bc.googleusercontent.com

Software

nginx/1.15.10 /

Resource Hash

52d5d24d30ef6cd9ffe67b7830bc6a58028142044a7e9e584e4bd685b908e0d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://freedomtaxrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:46:22 GMT
content-encoding: gzip
last-modified: Thu, 21 Oct 2021 00:19:41 GMT
server: nginx/1.15.10
age: 43
etag: W/"32063-17ca037c148"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 94ce9e96e75cba26f0f5.js Show response
freedomtaxrefund.com/assets/ 80 KB
23 KB 578ms
577ms Script
application/javascript 34.83.38.241
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomtaxrefund.com/assets/94ce9e96e75cba26f0f5.js

Requested by

Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.83.38.241 The Dalles, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

241.38.83.34.bc.googleusercontent.com

Software

nginx/1.15.10 /

Resource Hash

32c1cf52bfba378e0488557e63a71e251bd2ca5519fe73665d483d6f0f19584a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://freedomtaxrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:46:22 GMT
content-encoding: gzip
last-modified: Thu, 21 Oct 2021 00:19:41 GMT
server: nginx/1.15.10
age: 43
etag: W/"141eb-17ca037c148"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 2234b1c205e1caa542d0.js Show response
freedomtaxrefund.com/assets/ 226 KB
69 KB 571ms
571ms Script
application/javascript 34.83.38.241
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomtaxrefund.com/assets/2234b1c205e1caa542d0.js

Requested by

Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.83.38.241 The Dalles, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

241.38.83.34.bc.googleusercontent.com

Software

nginx/1.15.10 /

Resource Hash

69a2532196c3fa6b003bab159a9af83a56fec3e189a450c3eb9c4b1122a3bd17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://freedomtaxrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:46:22 GMT
content-encoding: gzip
last-modified: Thu, 21 Oct 2021 00:19:41 GMT
server: nginx/1.15.10
age: 43
etag: W/"387a7-17ca037c148"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 46f110be6a2ad0085cbb.js Show response
freedomtaxrefund.com/assets/ 105 KB
33 KB 580ms
579ms Script
application/javascript 34.83.38.241
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomtaxrefund.com/assets/46f110be6a2ad0085cbb.js

Requested by

Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.83.38.241 The Dalles, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

241.38.83.34.bc.googleusercontent.com

Software

nginx/1.15.10 /

Resource Hash

a5490df5af20a737d00e6020ad9801673b3b43a9da5905ca0f84ad71ec0b1173

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://freedomtaxrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:46:22 GMT
content-encoding: gzip
last-modified: Thu, 21 Oct 2021 00:19:41 GMT
server: nginx/1.15.10
age: 43
etag: W/"1a3a2-17ca037c148"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 88e54110b2faeb16b49f.js Show response
freedomtaxrefund.com/assets/ 209 KB
49 KB 587ms
587ms Script
application/javascript 34.83.38.241
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomtaxrefund.com/assets/88e54110b2faeb16b49f.js

Requested by

Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.83.38.241 The Dalles, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

241.38.83.34.bc.googleusercontent.com

Software

nginx/1.15.10 /

Resource Hash

58d1bb2f4f1e5a6ed723c936429b37a10c1ab9faa7bdfc8795caa09e61ae730f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://freedomtaxrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:46:22 GMT
content-encoding: gzip
last-modified: Thu, 21 Oct 2021 00:19:41 GMT
server: nginx/1.15.10
age: 43
etag: W/"3459f-17ca037c148"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 6226c1d6ccf5967e03a4.js Show response
freedomtaxrefund.com/assets/ 44 KB
15 KB 591ms
590ms Script
application/javascript 34.83.38.241
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://freedomtaxrefund.com/assets/6226c1d6ccf5967e03a4.js

Requested by

Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.83.38.241 The Dalles, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

241.38.83.34.bc.googleusercontent.com

Software

nginx/1.15.10 /

Resource Hash

2107a3465e87623f98f69f02f7e5bd66b67268784ee211090f7502774ad0085d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://freedomtaxrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:46:22 GMT
content-encoding: gzip
last-modified: Thu, 21 Oct 2021 00:19:41 GMT
server: nginx/1.15.10
age: 43
etag: W/"ae00-17ca037c148"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
strict-transport-security: max-age=15724800; includeSubDomains

GET
H2 200 istockphoto-1173998443-2048x2048-cropped.jpg
freedomtaxrefund.com/images/img_Bxq92E7EhpGZts4An4Dq9F/ 130 KB
130 KB 484ms
483ms Image
image/webp 34.83.38.241
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomtaxrefund.com/images/img_Bxq92E7EhpGZts4An4Dq9F/istockphoto-1173998443-2048x2048-cropped.jpg?fit=outside&w=1600

Requested by

Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.83.38.241 The Dalles, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

241.38.83.34.bc.googleusercontent.com

Software

nginx/1.15.10 /

Resource Hash

b810cb33011deed26409b4712ba37631f155248959015d6e41f40e7c7d2f3c2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://freedomtaxrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:46:22 GMT
server: nginx/1.15.10
age: 43
etag: "8848f882f8fa82d7683786b2f600acee514d7bfe"
vary: x-accept-webp
content-type: image/webp
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
content-length: 132800

GET
H2 200 omar-lopez-gx5-zf_he9w-unsplash.jpg
freedomtaxrefund.com/images/img_PQhGQfyMHx7difxBzJ1MLE/ 10 KB
11 KB 567ms
566ms Image
image/webp 34.83.38.241
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomtaxrefund.com/images/img_PQhGQfyMHx7difxBzJ1MLE/omar-lopez-gx5-zf_he9w-unsplash.jpg?h=200&w=300&fit=cover&dpr=1

Requested by

Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.83.38.241 The Dalles, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

241.38.83.34.bc.googleusercontent.com

Software

nginx/1.15.10 /

Resource Hash

eee5ebb47afff7b721c9a558a3521342370e4466ba4bd01357364672ae384681

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://freedomtaxrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:46:22 GMT
server: nginx/1.15.10
age: 43
etag: "cb9838938d4e1b1e8dddcd4acabbde987c6e7b83"
vary: x-accept-webp
content-type: image/webp
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
content-length: 10694

GET
H2 200 jimmy-dean-nd1ahlohbi0-unsplash.jpg
freedomtaxrefund.com/images/img_LxFRasn941YoXFD8nmAFEP/ 11 KB
12 KB 567ms
567ms Image
image/webp 34.83.38.241
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://freedomtaxrefund.com/images/img_LxFRasn941YoXFD8nmAFEP/jimmy-dean-nd1ahlohbi0-unsplash.jpg?h=200&w=300&fit=cover&dpr=1

Requested by

Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.83.38.241 The Dalles, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

241.38.83.34.bc.googleusercontent.com

Software

nginx/1.15.10 /

Resource Hash

f8d6c91271d85f726d1ebd434e4fa3af40d9db3ef79ff334ad5cb1e291231b16

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://freedomtaxrefund.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:46:22 GMT
server: nginx/1.15.10
age: 43
etag: "c81cacb9f61e5f1de7f6c0f4c71bff5cc7f25d23"
vary: x-accept-webp
content-type: image/webp
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
strict-transport-security: max-age=15724800; includeSubDomains
accept-ranges: bytes
content-length: 11524

GET
H2 200 1 Show response
www.cognitoforms.com/f/Tvg7jDdv30WqXFGuvk-qBQ/ Frame 11AD 597 B
579 B 231ms
197ms Document
text/html 23.96.4.241
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cognitoforms.com/f/Tvg7jDdv30WqXFGuvk-qBQ/1

Requested by

Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.96.4.241 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

38cd770dbbb79722083eac0846f9d4776b7f2ac51c0fb498137aead03050b196

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://; img-src data:; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline'; frame-src 'self' https://* mailto:
Strict-Transport-Security	max-age=35136000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://freedomtaxrefund.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
server: Microsoft-IIS/10.0
strict-transport-security: max-age=35136000; includeSubDomains
access-control-allow-origin: *
x-server-time: 2022-02-16T01:46:22.773Z
access-control-expose-headers: X-SessionToken,X-Server-Time
p3p: CP="Cognito does not have a P3P policy. Visit https://cognitoforms.com/privacy for details."
x-role-instance: Cognito.Services_IN_29
x-request-time: 32ms
content-security-policy: default-src 'self' https://*; img-src * data:; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline'; frame-src 'self' https://* mailto:
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
request-context: appId=cid-v1:bac45fa9-8f8e-4ddb-8e70-d648fe57a27a
date: Wed, 16 Feb 2022 01:46:22 GMT
content-length: 503

GET
H2 200 embed Show response
www.google.com/maps/ Frame 30B8 2 KB
1 KB 217ms
179ms Document
text/html 2a00:1450:400e:801::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3580.5220617313985!2d-80.20610998497041!3d26.179690483448848!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x88d9041dfa7ac065%3A0x244727f348d4b6eb!2s4397%20N%20State%20Rd%207%2C%20Lauderdale%20Lakes%2C%20FL%2033319%2C%20USA!5e0!3m2!1sen!2srs!4v1644685958635!5m2!1sen!2srs

Requested by

Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:801::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

0945d33638716c912061eada03b6728110b77b2de1937dd3e1b07251a1ef3815

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-3PYzO/3Uojyx4UATey/tew==' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://freedomtaxrefund.com/

Response headers

content-type: text/html; charset=UTF-8
date: Wed, 16 Feb 2022 01:46:23 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
vary: Accept-Language
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-3PYzO/3Uojyx4UATey/tew==' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding: gzip
server: mafe
content-length: 978
x-xss-protection: 0
server-timing: gfet4t7; dur=161
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 AutotestDetect.js Show response
www.cognitoforms.com/Scripts/testing/ Frame 11AD 5 KB
2 KB 93ms
91ms Script
application/javascript 23.96.4.241
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cognitoforms.com/Scripts/testing/AutotestDetect.js

Requested by

Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/Tvg7jDdv30WqXFGuvk-qBQ/1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.96.4.241 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

1ca4c29158f1f930b2cf696a87f1a5c6e242efb401e6cec78e0986a7f732c55c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://; img-src data:; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline'; frame-src 'self' https://* mailto:
Strict-Transport-Security	max-age=35136000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cognitoforms.com/f/Tvg7jDdv30WqXFGuvk-qBQ/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=35136000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="Cognito does not have a P3P policy. Visit https://cognitoforms.com/privacy for details."
vary: Accept-Encoding
content-length: 1528
etag: "070b3ea1719d81:0"
request-context: appId=cid-v1:bac45fa9-8f8e-4ddb-8e70-d648fe57a27a
x-server-time: 2022-02-16T01:24:13.317Z
referrer-policy: origin-when-cross-origin
last-modified: Thu, 03 Feb 2022 16:05:52 GMT
server: Microsoft-IIS/10.0
date: Wed, 16 Feb 2022 01:46:22 GMT
x-role-instance: Cognito.Services_IN_29
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: X-SessionToken,X-Server-Time
x-request-time: 0ms
content-security-policy: default-src 'self' https://*; img-src * data:; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline'; frame-src 'self' https://* mailto:
accept-ranges: bytes

GET
H2 200 seamless.js Show response
www.cognitoforms.com/f/ Frame 11AD 105 KB
36 KB 101ms
100ms Script
application/javascript 23.96.4.241
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cognitoforms.com/f/seamless.js

Requested by

Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/Tvg7jDdv30WqXFGuvk-qBQ/1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.96.4.241 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

2f92407137772390642807181f66682460324b65bc718eff81238dbef9eda495

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://; img-src data:; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline'; frame-src 'self' https://* mailto:
Strict-Transport-Security	max-age=35136000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cognitoforms.com/f/Tvg7jDdv30WqXFGuvk-qBQ/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=35136000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: *
p3p: CP="Cognito does not have a P3P policy. Visit https://cognitoforms.com/privacy for details."
vary: Accept-Encoding
content-length: 36957
request-context: appId=cid-v1:bac45fa9-8f8e-4ddb-8e70-d648fe57a27a
x-server-time: 2022-02-16T01:46:23.027Z
referrer-policy: origin-when-cross-origin
server: Microsoft-IIS/10.0
date: Wed, 16 Feb 2022 01:46:22 GMT
x-role-instance: Cognito.Services_IN_29
content-type: application/javascript
pragma: no-cache
access-control-expose-headers: X-SessionToken,X-Server-Time
cache-control: no-cache, no-store, must-revalidate
x-request-time: 1ms
content-security-policy: default-src 'self' https://*; img-src * data:; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline'; frame-src 'self' https://* mailto:
expires: -1

GET
H2 200 140.3c681a345e85b5f63175.js Show response
static.cognitoforms.com/form/modern/ Frame 11AD 121 KB
28 KB 46ms
10ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/140.3c681a345e85b5f63175.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 987296189f8b1a81e92753d3b1e6ead067e68b362ce5315ac6af4ecc18ca9272

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cognitoforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 16 Feb 2022 01:46:22 GMT
content-encoding: br
x-azure-ref-originshield: 0w44FYgAAAABBX4D+IA+iRYYM0T0f/5ISQU1TMDRFREdFMTkxMAA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5: 08JMENynP9Qh3WUTvLGkXQ==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Thu, 03 Feb 2022 16:54:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9E735EA175FF2
x-azure-ref: 0b1cMYgAAAACf5jFhNtEKQq4925XwJvz0RlJBRURHRTEwMTgANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: d9d25e03-201e-0034-13a7-1e9ff5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 155.3580cde700686dd9f081.js Show response
static.cognitoforms.com/form/modern/ Frame 11AD 38 KB
7 KB 52ms
16ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/155.3580cde700686dd9f081.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b245b27f8ac2e960c979c5d82925c30e217524874881eac4675452849e5a435b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cognitoforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 16 Feb 2022 01:46:22 GMT
content-encoding: br
x-azure-ref-originshield: 0mh8GYgAAAABzeFmBlNLzTrFBwWUHe2STQU1TMDRFREdFMTgxNQA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5: 9AtW8JTUttfTtkbAdxc/eQ==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Thu, 03 Feb 2022 16:54:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9E735EA251FA6
x-azure-ref: 0b1cMYgAAAAD1c3XU8VlVTotTs9J4+SkWRlJBRURHRTEwMTgANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 760cee43-e01e-003b-0a97-1ee999000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 154.8ce2b59188d13b55a652.js Show response
static.cognitoforms.com/form/modern/ Frame 11AD 92 KB
32 KB 53ms
18ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/154.8ce2b59188d13b55a652.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 83c0510a92f130a0d189183d4e148c2ba37b08265f75fff578300b12fca7a5a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cognitoforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 16 Feb 2022 01:46:22 GMT
content-encoding: br
x-azure-ref-originshield: 0RPAFYgAAAADre7Yw6+u8RJsxO2+qW/+4QU1TMDRFREdFMTkxMgA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5: TagjAQ02vT2/u78Q9+0cOA==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Thu, 03 Feb 2022 16:54:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9E735EA248417
x-azure-ref: 0b1cMYgAAAACi3Dc7Wk19QI4Lo3c1xGbVRlJBRURHRTEwMTgANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: f7306364-101e-003f-7f82-1d649e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 153.9ca58454003a22b55cfe.js Show response
static.cognitoforms.com/form/modern/ Frame 11AD 207 KB
57 KB 59ms
24ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/153.9ca58454003a22b55cfe.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e03cdc1caac9c533c272d90d66283fc3a9302e0a44df542188821f3cdcab326f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cognitoforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 16 Feb 2022 01:46:22 GMT
content-encoding: br
x-azure-ref-originshield: 0ax8GYgAAAADUcB8/nbAjTbRBVTMkHhusQU1TMDRFREdFMTkxMgA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5: kefB1eWmInrxNshNnhfoJQ==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Thu, 03 Feb 2022 16:54:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9E735EA243652
x-azure-ref: 0b1cMYgAAAACfJwvTo5vRTJCBu5XdWFznRlJBRURHRTEwMTgANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1c8ad5df-601e-0047-2f42-1dc766000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 139.04a149bf95a7b3a136e8.js Show response
static.cognitoforms.com/form/modern/ Frame 11AD 188 KB
39 KB 64ms
29ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/139.04a149bf95a7b3a136e8.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 48e413a76487cba709bc886dc65101fa4540e9fd7706d2df3aee616ce44b7dce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cognitoforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 16 Feb 2022 01:46:22 GMT
content-encoding: br
x-azure-ref-originshield: 0IhEGYgAAAABGu8R+B5liQLisBJg9CqO0QU1TMDRFREdFMTgxNQA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5: uV2Ssz/9JhRJSxNAFfD99w==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Thu, 03 Feb 2022 16:54:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9E735EA169D7C
x-azure-ref: 0b1cMYgAAAADOPfzoPN5GSpa7r6E89ptJRlJBRURHRTEwMTgANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: bec81475-f01e-0008-6a5d-1db632000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
DATA 200
OK truncated
/ Frame 11AD 497 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05d055c4cb935414f1cc2eb7ffec3f85f541991a10899c53baf31a1e630a78fd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame 30B8 164 KB
54 KB 115ms
7ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=rs&callback=onApiLoad

Requested by

Host: www.google.com
URL: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3580.5220617313985!2d-80.20610998497041!3d26.179690483448848!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x88d9041dfa7ac065%3A0x244727f348d4b6eb!2s4397%20N%20State%20Rd%207%2C%20Lauderdale%20Lakes%2C%20FL%2033319%2C%20USA!5e0!3m2!1sen!2srs!4v1644685958635!5m2!1sen!2srs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

c647453a432159332ad3cb5df3c7e122b0e1c03ddcc420a0e2aca1d5d53d0fde

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:42:01 GMT
content-encoding: gzip
server: mafe
age: 262
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=10
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54586
x-xss-protection: 0
expires: Wed, 16 Feb 2022 02:12:01 GMT

GET
H2 200 1 Show response
www.cognitoforms.com/svc/load-form/form-def/Tvg7jDdv30WqXFGuvk-qBQ/ Frame 11AD 18 KB
6 KB 178ms
178ms Script
application/javascript 23.96.4.241
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cognitoforms.com/svc/load-form/form-def/Tvg7jDdv30WqXFGuvk-qBQ/1

Requested by

Host: static.cognitoforms.com
URL: https://static.cognitoforms.com/form/modern/139.04a149bf95a7b3a136e8.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.96.4.241 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

50e19d50d6bbabc48ee863b9904a7d61ed31813259e4f60d2a5d449235c77f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=35136000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cognitoforms.com/f/Tvg7jDdv30WqXFGuvk-qBQ/1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=35136000; includeSubDomains
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-origin: *
p3p: CP="Cognito does not have a P3P policy. Visit https://cognitoforms.com/privacy for details."
content-length: 6419
request-context: appId=cid-v1:bac45fa9-8f8e-4ddb-8e70-d648fe57a27a
x-server-time: 2022-02-16T01:46:23.490Z
server: Microsoft-IIS/10.0
date: Wed, 16 Feb 2022 01:46:23 GMT
x-role-instance: Cognito.Services_IN_29
content-type: application/javascript; charset=utf-8
pragma: no-cache
access-control-expose-headers: X-SessionToken,X-Server-Time
cache-control: no-cache, no-store, must-revalidate
x-request-time: 80ms
expires: -1

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ Frame 30B8 3 B
46 B 30ms
16ms XHR
application/json 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=rs&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:46:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.google.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 init_embed.js Show response
maps.gstatic.com/maps-api-v3/embed/js/47/7a/ Frame 30B8 220 KB
65 KB 42ms
13ms Script
text/javascript 2a00:1450:400e:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.gstatic.com/maps-api-v3/embed/js/47/7a/init_embed.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:801::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

347ba305e0271a63c6194c4491c697c062b49313aaa5e1ee6119fcbaad653e70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sat, 12 Feb 2022 19:16:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282576
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65681
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 20:22:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Feb 2023 19:16:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 11AD 4 KB
1 KB 50ms
21ms Stylesheet
text/css 2a00:1450:400e:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700

Requested by

Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/form-def/Tvg7jDdv30WqXFGuvk-qBQ/1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:801::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

793817390b35bd74ec65da7f2a25f446089ffb34d71576fdb104838a841cfd9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cognitoforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Feb 2022 00:53:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 16 Feb 2022 01:46:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Feb 2022 01:46:23 GMT

GET
H2 200 58.846d31c9f1d1778b7321.js Show response
static.cognitoforms.com/form/modern/ Frame 11AD 2 KB
1 KB 8ms
8ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/58.846d31c9f1d1778b7321.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b7fcf1c20c5f23a23d5487b6b6ec1122d00eb5ca22f694af86ccc6aa2b0b3c5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cognitoforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 16 Feb 2022 01:46:23 GMT
content-encoding: br
x-azure-ref-originshield: 0Mi4GYgAAAAAnsiZERnzRSKfaFWsp4MuaQU1TMDRFREdFMTgyMgA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5: YL6i5uucYHFsNBoc691SqQ==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Thu, 03 Feb 2022 16:54:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9E735EA463E0C
x-azure-ref: 0b1cMYgAAAAAMSmOTs5J9R7PPYZQtOyqyRlJBRURHRTEwMTgANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 171ba8e7-001e-006e-1c62-1df912000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 29.54cc00bea07c4649ecb2.js Show response
static.cognitoforms.com/form/modern/ Frame 11AD 15 KB
5 KB 9ms
8ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/29.54cc00bea07c4649ecb2.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 35d4c53d144317aa45cb2ba8b17adeb73cdbb1a2ddbb8cfd9020b80a88d30197

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cognitoforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 16 Feb 2022 01:46:23 GMT
content-encoding: br
x-azure-ref-originshield: 0yI4FYgAAAABsp/cy/fjwQbCWgdXS+l8+QU1TMDRFREdFMTkxNwA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5: LSkNmbJAG1NZ7EU+TM2BCA==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Thu, 03 Feb 2022 16:54:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9E735EA30AB6D
x-azure-ref: 0b1cMYgAAAACysGqUqsoURbPlQR6/9nXMRlJBRURHRTEwMTgANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 026cf298-901e-0031-2335-1d4d2e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/47/7a/ Frame 30B8 77 KB
28 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/47/7a/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=rs&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

098695ed055199f9a99f3f7689cc444871533b9227764b0193025fdc6e78ab17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 22:29:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11842
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28806
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 20:23:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 22:29:01 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/47/7a/ Frame 30B8 297 KB
91 KB 23ms
9ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/47/7a/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=rs&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da4ce6a7f2dd3eee8d5424c9b9c1ea0e5ccacd5797dbb10375a8a489b9f3c993

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 21:22:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92772
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 20:23:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 21:22:28 GMT

GET
H3 200 map.js Show response
maps.googleapis.com/maps-api-v3/api/js/47/7a/ Frame 30B8 60 KB
22 KB 29ms
16ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/47/7a/map.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=rs&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c94927a230b441711db5512dccb43c84fcecce42c1961e9eb91f9fc4dcf99b0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 11:42:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50650
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22781
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 20:23:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 11:42:13 GMT

GET
H3 200 overlay.js Show response
maps.googleapis.com/maps-api-v3/api/js/47/7a/ Frame 30B8 4 KB
1 KB 23ms
19ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/47/7a/overlay.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=rs&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c47f95e9a29b4fcad6992ec3cfa56b9d07e52d1e66673b4b97d52a8895d96676

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 22:43:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97385
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1368
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 20:23:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Feb 2023 22:43:18 GMT

GET
H3 200 google4.png
maps.gstatic.com/mapfiles/embed/images/ Frame 30B8 2 KB
2 KB 34ms
18ms Image
image/png 2a00:1450:400e:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/embed/images/google4.png

Requested by

Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:801::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

721fb9398629ae4ac2169b208a651f09a7d5e5a370323fcf8891428acc94a4ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:46:23 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2073
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Wed, 16 Feb 2022 01:46:23 GMT

GET
H3 200 onion.js Show response
maps.googleapis.com/maps-api-v3/api/js/47/7a/ Frame 30B8 25 KB
9 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/47/7a/onion.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=rs&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c6f9736cf91966550d126318c461a04f4f0d179161529ebe884e7e234af1c6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 14 Feb 2022 17:35:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9475
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 20:23:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Feb 2023 17:35:05 GMT

GET
H3 200 search_impl.js Show response
maps.googleapis.com/maps-api-v3/api/js/47/7a/ Frame 30B8 2 KB
1 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/47/7a/search_impl.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=rs&callback=onApiLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d514a054f21f921ef508361726cd32a940e9e2e1ac414edd4391631af58591d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 14:58:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38858
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1260
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 20:23:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Feb 2023 14:58:45 GMT

POST
H2 200 1 Show response
www.cognitoforms.com/svc/load-form/new-session/Tvg7jDdv30WqXFGuvk-qBQ/ Frame 11AD 2 KB
2 KB 139ms
138ms XHR
application/json 23.96.4.241
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cognitoforms.com/svc/load-form/new-session/Tvg7jDdv30WqXFGuvk-qBQ/1?embedContext=iframe

Requested by

Host: static.cognitoforms.com
URL: https://static.cognitoforms.com/form/modern/153.9ca58454003a22b55cfe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.96.4.241 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

83650a375a2c74ed05d8ee0aa33eb8a298e623eec2afa970382bf0065f9f3451

Security Headers

Name	Value
Strict-Transport-Security	max-age=35136000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.cognitoforms.com/f/Tvg7jDdv30WqXFGuvk-qBQ/1
X-Requested-With: XmlHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=35136000; includeSubDomains
vary: Origin
access-control-allow-origin: https://www.cognitoforms.com
p3p: CP="Cognito does not have a P3P policy. Visit https://cognitoforms.com/privacy for details."
content-length: 1767
request-context: appId=cid-v1:bac45fa9-8f8e-4ddb-8e70-d648fe57a27a
x-server-time: 2022-02-16T01:46:23.709Z
server: Microsoft-IIS/10.0
date: Wed, 16 Feb 2022 01:46:23 GMT
x-role-instance: Cognito.Services_IN_29
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: X-SessionToken,X-Server-Time
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-request-time: 41ms
expires: -1

GET
H3 200 openhand_8_8.cur
maps.gstatic.com/mapfiles/ Frame 30B8 326 B
350 B 17ms
17ms Image
image/bmp 2a00:1450:400e:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://maps.gstatic.com/mapfiles/openhand_8_8.cur

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:801::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 16 Feb 2022 01:46:23 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
last-modified: Tue, 18 May 2021 19:15:00 GMT
server: sffe
report-to: {"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type: image/bmp
access-control-allow-origin: *
cache-control: private, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="geo-tactile"
expires: Wed, 16 Feb 2022 01:46:23 GMT

GET
H3 200 ViewportInfoService.GetViewportInfo Show response
maps.googleapis.com/maps/api/js/ Frame 30B8 35 KB
4 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d26.166026010380442&2d-80.25542008800487&2m2&1d26.19288873412934&2d-80.15230189038812&2u16&4sen&5e0&6sm%40590000000&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._9ajwf5&client=google-maps-embed&token=121863

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/47/7a/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

6d76ea937dcf5533f1fa4a1d930ee8208cb538cc4ff0b1728f657f4c606731b5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 01:46:23 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=14
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3610
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ Frame 30B8 62 B
84 B 17ms
17ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7m1&1e0&callback=_xdc_._lkdbea&client=google-maps-embed&token=113829

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/47/7a/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

e8787b986ce1452c351a4976cb95b95be50429a278530debf91d524e72a65ec8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 01:46:23 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment
server-timing: gfet4t7; dur=1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 QuotaService.RecordEvent Show response
maps.googleapis.com/maps/api/js/ Frame 30B8 62 B
83 B 18ms
18ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7sow88f5&10e1&callback=_xdc_._3uf14c&client=google-maps-embed&token=41550

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/47/7a/common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

b288f8084ddfa04718f11624c44a12eb91b87e09654afcb2c9567949c470ad43

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Feb 2022 01:46:23 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 20.6808ca0f361408e3ac61.js Show response
static.cognitoforms.com/form/modern/ Frame 11AD 10 KB
3 KB 9ms
8ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/20.6808ca0f361408e3ac61.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 8a675aa92f8534908d01185a7ca590565615ee4385a88a5b5a789395ee359694

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cognitoforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 16 Feb 2022 01:46:23 GMT
content-encoding: br
x-azure-ref-originshield: 0UzEGYgAAAADvsOaKWEdlQp86Ap26tIY+QU1TMDRFREdFMTgxOAA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5: XR1ARJW8X22yhv4EE7YpBw==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Thu, 03 Feb 2022 16:54:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9E735EA28C50E
x-azure-ref: 0b1cMYgAAAADP+sxfw8bPTYdsoOnJ5kWbRlJBRURHRTEwMTgANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 13593011-701e-0016-1a05-1f5aea000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 21.501f04575d8ea63a6ad8.js Show response
static.cognitoforms.com/form/modern/ Frame 11AD 1 KB
968 B 8ms
8ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/21.501f04575d8ea63a6ad8.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3ae19d5d5f2ed1ba5aa1330f7c8a6ba2d7245f8b75345e9125967a38244c8bd2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cognitoforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 16 Feb 2022 01:46:23 GMT
content-encoding: br
x-azure-ref-originshield: 01u8FYgAAAABGl1krW+dWS4IbWP61aiR7QU1TMDRFREdFMTkxNwA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5: /K/ybKXYhQRJRin4dTG9tA==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Thu, 03 Feb 2022 16:54:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9E735EA31E295
x-azure-ref: 0b1cMYgAAAACB2bEIK+07SpL2K8Alkrg/RlJBRURHRTEwMTgANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 97b3bc08-f01e-0008-03a9-1eb632000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 108.24eb78766e6df1ed10a5.js Show response
static.cognitoforms.com/form/modern/ Frame 11AD 5 KB
2 KB 8ms
8ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/108.24eb78766e6df1ed10a5.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 621a5a19aa5f2305d640063ce171a1dbf194d96997c307cd1e93e37064af1db7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cognitoforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 16 Feb 2022 01:46:23 GMT
content-encoding: br
x-azure-ref-originshield: 0teAGYgAAAAD5aWN5EhzKSI7YLUx7Rks6QU1TMDRFREdFMTkwOAA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5: C3nwGP6Dofnc5RLaeVRJGg==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Thu, 03 Feb 2022 16:54:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9E735E9FAA972
x-azure-ref: 0b1cMYgAAAADJgWrWdAlMR7YVjd698k3kRlJBRURHRTEwMTgANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: ef87c446-901e-0021-0b49-1d8846000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 101.d04417fbb86564a642e7.js Show response
static.cognitoforms.com/form/modern/ Frame 11AD 2 KB
1 KB 10ms
9ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/101.d04417fbb86564a642e7.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 11393afb7a3f3bf4c1f74ae48166a8acc3ec1ef1adea6e5565973ffb1ab3a4a5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cognitoforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 16 Feb 2022 01:46:23 GMT
content-encoding: br
x-azure-ref-originshield: 0hBAGYgAAAABqEKTgw+bFQ7wRY22ZTYSdQU1TMDRFREdFMTkxNgA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5: xJ6Lb7yrvDiEyKAuBGLGSQ==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Thu, 03 Feb 2022 16:54:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9E735E9EE3450
x-azure-ref: 0b1cMYgAAAAANFE13wHnUTZlmrmFspG0LRlJBRURHRTEwMTgANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 81c3481b-901e-0043-50da-1e4a61000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 104.5c7710296d26dfedcfd5.js Show response
static.cognitoforms.com/form/modern/ Frame 11AD 7 KB
3 KB 9ms
9ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/104.5c7710296d26dfedcfd5.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c843edc49247a1622157e772890c0db223b1fd2f7c63f2059380a2c0e834a774

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cognitoforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 16 Feb 2022 01:46:23 GMT
content-encoding: br
x-azure-ref-originshield: 0dOIGYgAAAACEedOFWIRqT7z3dxEw16NQQU1TMDRFREdFMTkxOAA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5: pbFl3cI3lrl9OWDncbdOBg==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Thu, 03 Feb 2022 16:54:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9E735E9F2AF9E
x-azure-ref: 0b1cMYgAAAAAqW+J6JFInToeR5Pm1Rk1nRlJBRURHRTEwMTgANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b6697b06-201e-000b-6f27-1f5756000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 0.06ed6a9bed8802d60b78.js Show response
static.cognitoforms.com/form/modern/ Frame 11AD 272 B
572 B 8ms
7ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/0.06ed6a9bed8802d60b78.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: abc2e11580dc60819873b3b8fe41f91ee97b6a83b232851be271d31dd149ca07

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cognitoforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 16 Feb 2022 01:46:23 GMT
x-azure-ref-originshield: 0My4GYgAAAAAlD/4WBiSySqgJL482bMi5QU1TMDRFREdFMTgwOAA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5: INRkU5qGsOydjXXrn4J3+w==
x-cache: TCP_HIT
content-length: 272
x-ms-lease-status: unlocked
last-modified: Thu, 03 Feb 2022 16:54:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9E735E9F261DB
x-azure-ref: 0b1cMYgAAAAABTyoICr2TQ7L8wD0Rj/AgRlJBRURHRTEwMTgANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 1fca6179-501e-0001-1c9c-1ef3e1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 1.ef95075721889b82360c.js Show response
static.cognitoforms.com/form/modern/ Frame 11AD 561 B
840 B 8ms
7ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/1.ef95075721889b82360c.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: d95df2ffd409a6b4e7abafe600db3e91ad6e38b9666c894ccda238d8446f2f0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cognitoforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 16 Feb 2022 01:46:23 GMT
x-azure-ref-originshield: 0hgsMYgAAAADHrsrIztE5SoYLb+pE4HvLQU1TMDRFREdFMTgxNQA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5: AqjjcA8JAIryOuogEPQHMQ==
x-cache: TCP_HIT
content-length: 561
x-ms-lease-status: unlocked
last-modified: Thu, 03 Feb 2022 16:54:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9E735E9F4E38F
x-azure-ref: 0b1cMYgAAAAAWtTJnJo5YQJ6pRTEh81LwRlJBRURHRTEwMTgANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 198e9591-301e-0017-46a6-220536000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 2.3d9324d8d8808deb026b.js Show response
static.cognitoforms.com/form/modern/ Frame 11AD 12 KB
4 KB 9ms
8ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/2.3d9324d8d8808deb026b.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 65c6f032dc0e37b082d7a18e79bb9134bfc232868039e071e044f9da88ad54bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cognitoforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 16 Feb 2022 01:46:23 GMT
content-encoding: br
x-azure-ref-originshield: 0teAGYgAAAABlQR34sqYMTKX809cIpZvKQU1TMDRFREdFMTkxNwA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5: cpeolc3oPEJ7tHT2gsIAng==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Thu, 03 Feb 2022 16:54:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9E735EA26DEEC
x-azure-ref: 0b1cMYgAAAADZAkxDa2QNRY7SDwK0EfN5RlJBRURHRTEwMTgANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 9d5ae4b9-301e-0007-1350-1dc05e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 7.82de3c47cebe7c9aedc9.js Show response
static.cognitoforms.com/form/modern/ Frame 11AD 17 KB
6 KB 10ms
9ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/7.82de3c47cebe7c9aedc9.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 1a1253124c25bd86e41410178ccbe94d5bf06dc6c02fff2c55acf26bc7292044

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cognitoforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 16 Feb 2022 01:46:23 GMT
content-encoding: br
x-azure-ref-originshield: 0teAGYgAAAABWNA2M4lvqRpncUHjKpvCoQU1TMDRFREdFMTgxMQA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5: eFDZ1pIcUY0UczZHRDhSOg==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Thu, 03 Feb 2022 16:55:00 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9E735EA526559
x-azure-ref: 0b1cMYgAAAABNbAiXOiiPTox03Mn5o8wARlJBRURHRTEwMTgANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 9a5e36d4-501e-005c-773d-1df965000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 3.3e61018615c649de32da.js Show response
static.cognitoforms.com/form/modern/ Frame 11AD 4 KB
1 KB 9ms
9ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/3.3e61018615c649de32da.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 41686712d0c87c7e6c31ae044bbfae89fff6dd8a39d3848b39fbea962d97f12d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cognitoforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 16 Feb 2022 01:46:23 GMT
content-encoding: br
x-azure-ref-originshield: 0My4GYgAAAADuXenNIJJUT6RW2LNw1ftkQU1TMDRFREdFMTgxNAA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5: v5PYpFfKgeHEghst+B8WoQ==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Thu, 03 Feb 2022 16:54:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9E735EA31A83F
x-azure-ref: 0b1cMYgAAAAAl36sv6RjhSoBoQOg0grL7RlJBRURHRTEwMTgANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 41a78055-901e-001e-3129-1f40e5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 11.9c08ddd5f8a7e042a430.js Show response
static.cognitoforms.com/form/modern/ Frame 11AD 4 KB
2 KB 11ms
10ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/11.9c08ddd5f8a7e042a430.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 66241ee251ee5b131179dc059f66fbc4176d0bc857b53f15e924b47200d034d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cognitoforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 16 Feb 2022 01:46:23 GMT
content-encoding: br
x-azure-ref-originshield: 0Lo8FYgAAAACgfGRGQvfuSLPKmALqrDumQU1TMDRFREdFMTgwOQA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5: SVW14MJbFF41Za9KNeB51A==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Thu, 03 Feb 2022 16:54:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9E735E9FAE3C6
x-azure-ref: 0b1cMYgAAAAC4yVv0CZSIS63/pNKEYLANRlJBRURHRTEwMTgANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 12b11599-601e-0025-7b6c-1d0541000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 113.0eb1aa71a7b9fa1f0c93.js Show response
static.cognitoforms.com/form/modern/ Frame 11AD 4 KB
2 KB 10ms
10ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/113.0eb1aa71a7b9fa1f0c93.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 11c1e44ffac8a5a2af81c5808c80e78cf3a9e7c1587f6d6f80d24b1d44533b98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cognitoforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 16 Feb 2022 01:46:23 GMT
content-encoding: br
x-azure-ref-originshield: 0gUgKYgAAAADsXfZMhgskRollMrcKFbE8QU1TMDRFREdFMTgxNwA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5: yfU+UGIJhVbFwULQipNARg==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Thu, 03 Feb 2022 16:54:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9E735E9FD3E9B
x-azure-ref: 0b1cMYgAAAAAAdg4F05rITqPx/AP+KrQwRlJBRURHRTEwMTgANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 41e7ca57-201e-0034-240e-209ff5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H2 200 111.7a952bac94c0f17aae6b.js Show response
static.cognitoforms.com/form/modern/ Frame 11AD 4 KB
2 KB 8ms
7ms Script
application/x-javascript 2620:1ec:46::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cognitoforms.com/form/modern/111.7a952bac94c0f17aae6b.js
Requested by: Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 5a0b520605920267a38b9ba3bff2c57619e1b417359f23fae4d66753ebe5df71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cognitoforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 16 Feb 2022 01:46:23 GMT
content-encoding: br
x-azure-ref-originshield: 0teAGYgAAAADcf1nVM1MtSb7cbK2A8TtdQU1TMDRFREdFMTkxMwA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5: kXVJf7tEvkur4Qzt+XBgnA==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Thu, 03 Feb 2022 16:54:59 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag: 0x8D9E735E9FE1483
x-azure-ref: 0b1cMYgAAAADlr0PjHmAvTKnKTYUpgZHLRlJBRURHRTEwMTgANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: b496e592-201e-0034-5191-1d9ff5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19

GET
H3 200 css
fonts.googleapis.com/ Frame 11AD 225 B
242 B 33ms
18ms Stylesheet
text/css 2a00:1450:400e:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:700&text=Powered%20by%20Cognito%20Forms.Try%20It%20Now

Requested by

Host: static.cognitoforms.com
URL: https://static.cognitoforms.com/form/modern/154.8ce2b59188d13b55a652.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:801::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

408593915e0d55900fe4e1f774a1bc1fed5e0b87cfa3a537508ed5ce90fb2039

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.cognitoforms.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Feb 2022 01:46:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 16 Feb 2022 01:46:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Feb 2022 01:46:23 GMT

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v21/ Frame 11AD 16 KB
17 KB 41ms
13ms Font
font/woff2 2a00:1450:400e:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v21/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:810::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cognitoforms.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 00:13:13 GMT
x-content-type-options: nosniff
age: 523990
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16324
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:56:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 10 Feb 2023 00:13:13 GMT

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v21/ Frame 11AD 15 KB
15 KB 45ms
17ms Font
font/woff2 2a00:1450:400e:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v21/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:810::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.cognitoforms.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 00:13:37 GMT
x-content-type-options: nosniff
age: 523966
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14964
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:56:58 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 10 Feb 2023 00:13:37 GMT

POST
H2 200 log Show response
www.cognitoforms.com/svc/ Frame 11AD 0
86 B 899ms
898ms XHR
text/plain 23.96.4.241
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cognitoforms.com/svc/log

Requested by

Host: static.cognitoforms.com
URL: https://static.cognitoforms.com/form/modern/153.9ca58454003a22b55cfe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.96.4.241 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=35136000; includeSubDomains

Request headers

Referer: https://www.cognitoforms.com/f/Tvg7jDdv30WqXFGuvk-qBQ/1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type: application/json

Response headers

strict-transport-security: max-age=35136000; includeSubDomains
vary: Origin
access-control-allow-origin: https://www.cognitoforms.com
p3p: CP="Cognito does not have a P3P policy. Visit https://cognitoforms.com/privacy for details."
content-length: 0
request-context: appId=cid-v1:bac45fa9-8f8e-4ddb-8e70-d648fe57a27a
x-server-time: 2022-02-16T01:46:24.006Z
server: Microsoft-IIS/10.0
date: Wed, 16 Feb 2022 01:46:24 GMT
x-role-instance: Cognito.Services_IN_29
pragma: no-cache
access-control-expose-headers: X-SessionToken,X-Server-Time
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-request-time: 796ms
expires: -1

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.cognitoforms.com/	1970-01-20 09:41:51	Name: ai_user Value: QGIpN\|2022-02-16T01:46:23.817Z
			www.cognitoforms.com/	1970-01-20 00:56:17	Name: ai_session Value: CX7Ho\|1644975983960\|1644975983960

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cardsetter.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
freedomtaxrefund.com
ka-f.fontawesome.com
kit.fontawesome.com
maps.googleapis.com
maps.gstatic.com
static.cognitoforms.com
www.cognitoforms.com
www.freedomtaxrefund.com
www.google.com
23.96.4.241
2606:4700::6810:125e
2606:4700::6812:1634
2620:1ec:46::44
2a00:1450:4001:830::200a
2a00:1450:400e:801::2003
2a00:1450:400e:801::2004
2a00:1450:400e:801::200a
2a00:1450:400e:80e::200a
2a00:1450:400e:810::2003
2a06:98c1:3121::f
34.83.38.241
05d055c4cb935414f1cc2eb7ffec3f85f541991a10899c53baf31a1e630a78fd
0945d33638716c912061eada03b6728110b77b2de1937dd3e1b07251a1ef3815
098695ed055199f9a99f3f7689cc444871533b9227764b0193025fdc6e78ab17
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
0c6f9736cf91966550d126318c461a04f4f0d179161529ebe884e7e234af1c6c
11393afb7a3f3bf4c1f74ae48166a8acc3ec1ef1adea6e5565973ffb1ab3a4a5
11c1e44ffac8a5a2af81c5808c80e78cf3a9e7c1587f6d6f80d24b1d44533b98
1a0ba9ad4fee38586304bea3273545f7692a214ff2a3742f515b0c17de7c12b3
1a1253124c25bd86e41410178ccbe94d5bf06dc6c02fff2c55acf26bc7292044
1ca4c29158f1f930b2cf696a87f1a5c6e242efb401e6cec78e0986a7f732c55c
1d514a054f21f921ef508361726cd32a940e9e2e1ac414edd4391631af58591d
2107a3465e87623f98f69f02f7e5bd66b67268784ee211090f7502774ad0085d
23173c3ea07b31e220006cf4684515fe0d7b5e5b8dc23a10b388567eb9eafdc7
2f92407137772390642807181f66682460324b65bc718eff81238dbef9eda495
32c1cf52bfba378e0488557e63a71e251bd2ca5519fe73665d483d6f0f19584a
347ba305e0271a63c6194c4491c697c062b49313aaa5e1ee6119fcbaad653e70
35d4c53d144317aa45cb2ba8b17adeb73cdbb1a2ddbb8cfd9020b80a88d30197
36cee952a1cc4af1b3784e5f52731e544f323e198f32248ce18947ac80d27920
38cd770dbbb79722083eac0846f9d4776b7f2ac51c0fb498137aead03050b196
3ae19d5d5f2ed1ba5aa1330f7c8a6ba2d7245f8b75345e9125967a38244c8bd2
408593915e0d55900fe4e1f774a1bc1fed5e0b87cfa3a537508ed5ce90fb2039
41686712d0c87c7e6c31ae044bbfae89fff6dd8a39d3848b39fbea962d97f12d
48e413a76487cba709bc886dc65101fa4540e9fd7706d2df3aee616ce44b7dce
50e19d50d6bbabc48ee863b9904a7d61ed31813259e4f60d2a5d449235c77f1c
529c90edaa72f59d520b28990d2c221b4b75d2c27560213a8518d7669ae32a6c
52d5d24d30ef6cd9ffe67b7830bc6a58028142044a7e9e584e4bd685b908e0d6
58d1bb2f4f1e5a6ed723c936429b37a10c1ab9faa7bdfc8795caa09e61ae730f
59283f95a847220905eb3934b86da7c752a4b1f7581852876189cd9cedf5174a
5a0b520605920267a38b9ba3bff2c57619e1b417359f23fae4d66753ebe5df71
621a5a19aa5f2305d640063ce171a1dbf194d96997c307cd1e93e37064af1db7
65c6f032dc0e37b082d7a18e79bb9134bfc232868039e071e044f9da88ad54bb
66241ee251ee5b131179dc059f66fbc4176d0bc857b53f15e924b47200d034d9
69a2532196c3fa6b003bab159a9af83a56fec3e189a450c3eb9c4b1122a3bd17
6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a
6d76ea937dcf5533f1fa4a1d930ee8208cb538cc4ff0b1728f657f4c606731b5
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
721fb9398629ae4ac2169b208a651f09a7d5e5a370323fcf8891428acc94a4ea
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
793817390b35bd74ec65da7f2a25f446089ffb34d71576fdb104838a841cfd9e
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
83650a375a2c74ed05d8ee0aa33eb8a298e623eec2afa970382bf0065f9f3451
83c0510a92f130a0d189183d4e148c2ba37b08265f75fff578300b12fca7a5a3
8a675aa92f8534908d01185a7ca590565615ee4385a88a5b5a789395ee359694
8d83b16e8e509c614fedea4b882cf8d045e4f195506a5184258b68bae8693069
9473375ad87ce6b6a0ffcf10091df24b56b0492ac233b5d106716f4a728ec71c
95ea62b1500600dbaf8354a2a2a8f0f9e9d023217c53bb215a9aaa0524a44efb
987296189f8b1a81e92753d3b1e6ead067e68b362ce5315ac6af4ecc18ca9272
a5490df5af20a737d00e6020ad9801673b3b43a9da5905ca0f84ad71ec0b1173
a96b79230a7166f85e822caf6ebc7f0481a83c98099e1004c5b9b9aba3c4743c
abc2e11580dc60819873b3b8fe41f91ee97b6a83b232851be271d31dd149ca07
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b245b27f8ac2e960c979c5d82925c30e217524874881eac4675452849e5a435b
b288f8084ddfa04718f11624c44a12eb91b87e09654afcb2c9567949c470ad43
b7fcf1c20c5f23a23d5487b6b6ec1122d00eb5ca22f694af86ccc6aa2b0b3c5d
b810cb33011deed26409b4712ba37631f155248959015d6e41f40e7c7d2f3c2d
bf85f082ac0307f67e36e703a07cd187c3081bbb396f42c4c6a3470cdc9fae80
c47f95e9a29b4fcad6992ec3cfa56b9d07e52d1e66673b4b97d52a8895d96676
c647453a432159332ad3cb5df3c7e122b0e1c03ddcc420a0e2aca1d5d53d0fde
c843edc49247a1622157e772890c0db223b1fd2f7c63f2059380a2c0e834a774
c94927a230b441711db5512dccb43c84fcecce42c1961e9eb91f9fc4dcf99b0a
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d95df2ffd409a6b4e7abafe600db3e91ad6e38b9666c894ccda238d8446f2f0f
da4ce6a7f2dd3eee8d5424c9b9c1ea0e5ccacd5797dbb10375a8a489b9f3c993
e03cdc1caac9c533c272d90d66283fc3a9302e0a44df542188821f3cdcab326f
e0828d30d904cdb14a90cff420541165a1eb0567dee4300186565f367018fd06
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8787b986ce1452c351a4976cb95b95be50429a278530debf91d524e72a65ec8
eee5ebb47afff7b721c9a558a3521342370e4466ba4bd01357364672ae384681
f8d6c91271d85f726d1ebd434e4fa3af40d9db3ef79ff334ad5cb1e291231b16
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

freedomtaxrefund.com Open in urlscan Pro 34.83.38.241 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

69 Requests

100 %HTTPS

83 %IPv6

8 Domains

14 Subdomains

13 IPs

3 Countries

1269 kBTransfer

3900 kBSize

2 Cookies

2 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

freedomtaxrefund.com Open in urlscan Pro
34.83.38.241 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

100 %
HTTPS

83 %
IPv6

8
Domains

14
Subdomains

13
IPs

3
Countries

1269 kB
Transfer

3900 kB
Size

2
Cookies

69 HTTP transactions
1 data transactions