Submitted URL: http://irstaxrelief.co/
Effective URL: https://irstaxrelief.co/
Submission: On September 30 via manual from US — Scanned from NL

Summary

This website contacted 15 IPs in 2 countries across 11 domains to perform 92 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is irstaxrelief.co.
TLS certificate: Issued by GTS CA 1P5 on September 1st 2023. Valid for: 3 months.
This is the only time irstaxrelief.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
47 irstaxrelief.co
irstaxrelief.co
2 MB
16 leadshook.io
hendricksen-innovations.leadshook.io
static.leadshook.io
polyfill.leadshook.io
1 MB
9 gstatic.com
fonts.gstatic.com
95 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
249 B
4 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 1878
www.google-analytics.com — Cisco Umbrella Rank: 96
21 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 229
167 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 410
29 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 80
67 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 111
169 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
10 KB
1 cloudfront.net
d2zdr2rqflfo3.cloudfront.net
413 B
92 11
Domain Requested by
47 irstaxrelief.co 1 redirects irstaxrelief.co
9 fonts.gstatic.com fonts.googleapis.com
8 hendricksen-innovations.leadshook.io irstaxrelief.co
hendricksen-innovations.leadshook.io
static.leadshook.io
7 static.leadshook.io hendricksen-innovations.leadshook.io
4 www.facebook.com irstaxrelief.co
hendricksen-innovations.leadshook.io
4 connect.facebook.net irstaxrelief.co
connect.facebook.net
hendricksen-innovations.leadshook.io
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cdnjs.cloudflare.com hendricksen-innovations.leadshook.io
2 www.youtube.com hendricksen-innovations.leadshook.io
www.youtube.com
2 www.googletagmanager.com irstaxrelief.co
www.googletagmanager.com
2 fonts.googleapis.com irstaxrelief.co
hendricksen-innovations.leadshook.io
1 d2zdr2rqflfo3.cloudfront.net hendricksen-innovations.leadshook.io
1 region1.google-analytics.com www.googletagmanager.com
1 polyfill.leadshook.io hendricksen-innovations.leadshook.io
92 14

This site contains no links.

Subject Issuer Validity Valid
irstaxrelief.co
GTS CA 1P5
2023-09-01 -
2023-11-30
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
leadshook.io
Amazon RSA 2048 M01
2023-02-24 -
2023-12-06
9 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
*.google.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-09-04 -
2023-11-27
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-07-09 -
2023-10-07
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh

This page contains 2 frames:

Primary Page: https://irstaxrelief.co/
Frame ID: 18E925ACF22FCF1BB034F9D361469E6B
Requests: 79 HTTP requests in this frame

Frame: https://hendricksen-innovations.leadshook.io/survey/ANdr9oin6NEjPM5f8iWCq7ulQYIVA5J3S9kqJCCl?embed=true&index=0
Frame ID: 33291918D37B1748A2AFAB0DD7381B55
Requests: 23 HTTP requests in this frame

Screenshot

Page Title

Instant Tax Attorney – IRS Tax Debt Relief

Page URL History Show full URLs

  1. http://irstaxrelief.co/ HTTP 301
    https://irstaxrelief.co/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • <div class=(?:"|')[^"']*elementor
  • <section class=(?:"|')[^"']*elementor
  • <link [^>]*href=(?:"|')[^"']*elementor/assets
  • <link [^>]*href=(?:"|')[^"']*uploads/elementor/css

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

92
Requests

100 %
HTTPS

73 %
IPv6

11
Domains

14
Subdomains

15
IPs

2
Countries

3176 kB
Transfer

9437 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://irstaxrelief.co/ HTTP 301
    https://irstaxrelief.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

92 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
irstaxrelief.co/
Redirect Chain
  • http://irstaxrelief.co/
  • https://irstaxrelief.co/
101 KB
18 KB
Document
General
Full URL
https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7bb50f6b2fe1669823aded1f118d5c9d47952c9465d658649f84f183e3ecc13

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

age
1656
alt-svc
h3=":443"; ma=86400
cache-control
max-age=0
cf-cache-status
DYNAMIC
cf-ray
80ea13f83b860bc5-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 30 Sep 2023 05:31:09 GMT
expires
Sat, 30 Sep 2023 05:03:33 GMT
last-modified
Fri, 29 Sep 2023 23:14:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cvy8VK%2FmlrStKsK%2ByeNlO84CSVbxgQlG1fIh9dyXDuEwTKVN%2F%2Bpwkvqr3JBlxQus%2BppPIeYxx8B9Yg3fLSfxs1%2B2DoJTZxaLNxMLsaR60hwAXOP8CLcIHP6E2MrmnR%2BxOcZJu3EfkESpCihbGNg%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-cache
HIT

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
80ea13f3cadc1afd-AMS
Connection
keep-alive
Content-Type
text/html
Date
Sat, 30 Sep 2023 05:31:09 GMT
Location
https://irstaxrelief.co/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgwFfqMnN4KR0UCFGnDeZqDh4gb1iIGTZA0ULctqpq6e95dJWt3ermypFbhwBW%2B9AW3Ic55Bv0f5HiJ8O%2BkrbRrdUknZ9OBSLh1zm4zp3gPLu0N9dl4VDtchFoGrAegBeVwUA97uyux3cMUe3fQ%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
alt-svc
h3=":443"; ma=86400
css
fonts.googleapis.com/
47 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
07c9873c5d2ffb2aaab1a798fa024ce5c08a2ab5cc9ac7814283e7ff80890447
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 30 Sep 2023 05:31:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 30 Sep 2023 05:31:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 30 Sep 2023 05:31:09 GMT
style.min.css
irstaxrelief.co/wp-includes/css/dist/block-library/
102 KB
14 KB
Stylesheet
General
Full URL
https://irstaxrelief.co/wp-includes/css/dist/block-library/style.min.css?ver=6.3.1
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Aug 2023 22:47:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64d2c602-19824"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Di3YlqHsfFpvLHyLgqOlc1f3lFMBuDlG2TBCLrgxoJqKbNuaMqWKeoIvJ%2FBPelHRIEkZVv6OTzFxwaluUj2u9BTVxdrf5H8rkJWqVlpDuA0FfTT2V2M5%2FJYH9DChhOHF0MYry7MQQJ%2FaEr1epeg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
80ea13f99d280bc5-AMS
alt-svc
h3=":443"; ma=86400
custom.css
irstaxrelief.co/wp-content/cache/min/1/wp-content/plugins/taylor-plugins/public/css/
5 KB
1 KB
Stylesheet
General
Full URL
https://irstaxrelief.co/wp-content/cache/min/1/wp-content/plugins/taylor-plugins/public/css/custom.css?ver=1665006816
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae425b1366b7e83a9601e88aa4533dff0cefba80718b5b66bd8204ed967c3312

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Oct 2022 21:53:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"633dfce0-1384"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BaVCZJLfdWZdWQSDAmVaMdslMzBdZB7LkUMrqYGHDMJc1YoL%2FDczIuehNrCPUjvw%2Bdbuuvq4F43v%2BcB1Iun1kQNGUCj5oGHTjy315Aoh7UCRrhINcFizyRUFsJQBlFc9%2FfjQDntdf61hOU8EJIQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
80ea13f99d290bc5-AMS
alt-svc
h3=":443"; ma=86400
style.min.css
irstaxrelief.co/wp-content/themes/hello-elementor/
6 KB
2 KB
Stylesheet
General
Full URL
https://irstaxrelief.co/wp-content/themes/hello-elementor/style.min.css?ver=2.6.1
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbdb1eb69c6b5cbffaf1be2df2bcbd4a97d2823de9f4b856aae722900a5e27c7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 Jul 2022 22:21:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62cca267-17a3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bibUSlNZsX%2Fwb63fEOaoQR3eOY8OUsEgKfS9dYPdU3O17Thwjk67QU7Zywbanml%2FbtDgCY3qWGvhXoDcla7qTD7cgd9IrN1jlD%2BN2itXotGtOONs%2FtftyRGCqyqhw4TBhAlFzcmcwP7io%2Bwp4GY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
80ea13f99d2b0bc5-AMS
alt-svc
h3=":443"; ma=86400
theme.min.css
irstaxrelief.co/wp-content/themes/hello-elementor/
15 KB
3 KB
Stylesheet
General
Full URL
https://irstaxrelief.co/wp-content/themes/hello-elementor/theme.min.css?ver=2.6.1
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eee1ce2620eaf7f585a69794864001be0bde74b874d6a18b9f2d11f074229f2b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 Jul 2022 22:21:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62cca267-3d38"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpuoGGMMuyyoVyG8rByRcPopMWATv6sfYlOdMr32NR8hVSG7Jcf8Zqd2Cfq7gzmW%2F4awNYcImSOM5QI7ozAWHDbDFfmHDXa%2ByiYmI8MKq2ir2Cm8PCNB0UJ2cdORzay6M2K3jq52rHeXt1%2F6dkg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
80ea13f99d2c0bc5-AMS
alt-svc
h3=":443"; ma=86400
frontend-lite.min.css
irstaxrelief.co/wp-content/plugins/elementor/assets/css/
106 KB
14 KB
Stylesheet
General
Full URL
https://irstaxrelief.co/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.7.8
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b370f6233409b571bdb0abef8bdee915f95fd28740fa9a1f28953d1037eeb232

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Oct 2022 21:50:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"633dfc1e-1a78c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2ByTCHXTCWiBBpSQnC0ZkU3L1kGKayiHLkaVOnExpLA32H8PNyyWe7tebyafObdUfKZ4ycl4htz4sKhInouR%2Fz1JZgse%2FSbCAai%2Bx1n2VcLSXJxtJqAD9DBif89m%2Fl0llBJGs0kvOzDbEkIRsE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
80ea13f99d300bc5-AMS
alt-svc
h3=":443"; ma=86400
post-5.css
irstaxrelief.co/wp-content/uploads/elementor/css/
2 KB
882 B
Stylesheet
General
Full URL
https://irstaxrelief.co/wp-content/uploads/elementor/css/post-5.css?ver=1665006814
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35ce49a8411f941ebfd58091a9206b2d87fb270da70dd2abdd9c9225101dcf09

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Oct 2022 21:53:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"633dfcde-8a5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRPwbUPCZmGYHoc7rlBGqut5mhk5s0UB5bi2w7LTnIgICGHSb5zN7Wys9jI9MGOJGFulbAJQKteMEVQGE%2FzhMRx4kKp9dhNHp%2FOC1t29dfOkZs5QN%2BRVl5OIYCYYcB4%2BCY12EoB1AKiGm69l1J4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
80ea13f99d310bc5-AMS
alt-svc
h3=":443"; ma=86400
elementor-icons.min.css
irstaxrelief.co/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/eicons/css/
19 KB
4 KB
Stylesheet
General
Full URL
https://irstaxrelief.co/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=1665006816
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
076546002a8b8baa066718b45d88e23a67288d83e4118115579088e61cbbecda

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Oct 2022 21:53:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"633dfce0-4cdb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=APymeM4vZhYTXDMLx0t2ifpj4PrCrY4tt%2B9eUznGO5LIV2q%2FH9GBqRhkfpBRB%2Fm6jipKk9yZ3Ki9iWKBJDXstFglEuzkMnO%2B%2FbnG5iGTs%2FmOSMpcFm57YXaG7RCXAEnbAHKy15Kn%2FkVoQlXGaHo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
80ea13f99d320bc5-AMS
alt-svc
h3=":443"; ma=86400
frontend-lite.min.css
irstaxrelief.co/wp-content/plugins/elementor-pro/assets/css/
11 KB
2 KB
Stylesheet
General
Full URL
https://irstaxrelief.co/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.7.7
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b37cfbed115311e2234d160428f52aad1a8baae0edbd0f5abeaa3115495a19f1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 23 Sep 2022 21:57:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"632e2bba-2d0a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pU%2F40Bs5HMJCILb3ttcuivZH9H3F8srWnJA0r3rDzbUuvr6mv7B8vU%2BTz%2BUr5emW6wWJNBDWxbBJIgKT644dHUKXz37HW19Gddcea4yCMHBl%2BOAy4%2BzBGVCkXJr24lllAU8CKjrFj0iiDizEg3Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
80ea13f99d330bc5-AMS
alt-svc
h3=":443"; ma=86400
global.css
irstaxrelief.co/wp-content/uploads/elementor/css/
73 KB
4 KB
Stylesheet
General
Full URL
https://irstaxrelief.co/wp-content/uploads/elementor/css/global.css?ver=1665006815
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26386cd10f3a3c472b22bc53b085371bc9364da0965448f67a63e17199bcd988

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Oct 2022 21:53:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"633dfcdf-12306"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6xmqu6jUOjwABZ7JCjkpMy9KmyWnEcUxk25DG4UwYCgm%2Fo79pvbKh%2BpydRt9y1e8PQx6Gx7N0EotQOr%2FqK1etlEopGaVoLdegFaMHK7WWH5HuLlDTrtuLIBAYsH%2FvzLOF8E4VKWaaGITpgWcfUU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
80ea13f99d340bc5-AMS
alt-svc
h3=":443"; ma=86400
post-14.css
irstaxrelief.co/wp-content/uploads/elementor/css/
56 KB
4 KB
Stylesheet
General
Full URL
https://irstaxrelief.co/wp-content/uploads/elementor/css/post-14.css?ver=1665114295
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8e66c68cc11100b0d7021af4be447d0c7fc6eed5086b2519ca01e619e6ef5ec

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 07 Oct 2022 03:44:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"633fa0b7-de23"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jtMq5f12qKN2ijiemFaC%2B%2FBaMjiquizEQma14OMBb9FHiKK1oIkrxF3319XewYTconMu4iaz9UsS6Xde4VEiHUWKQSmCCz3UeYc0XisvmWkuXUZp5MSN30LGQlXRfFIPm6i%2BtZi1tU%2FP5i4akS0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
80ea13f99d350bc5-AMS
alt-svc
h3=":443"; ma=86400
post-11.css
irstaxrelief.co/wp-content/uploads/elementor/css/
832 B
522 B
Stylesheet
General
Full URL
https://irstaxrelief.co/wp-content/uploads/elementor/css/post-11.css?ver=1665006815
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c64f7cc07a9e54553311d088dab88ef7cbde4788794d3468ea8e83f7702a9635

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Oct 2022 21:53:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"633dfcdf-340"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2PtDtXfHEyWO35QAA4ERisW%2BGzVddyjw%2BFIsACq3p64s7RNp2rMeZ0jSQzX5k6KCULNxC4T%2FFnLdCO8BJgiSb9GpPcicrqXBD3v8PhemSitWhTY7aL3zhXK5SDCx7OufMBkk30%2Bx98ragIPuHXA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
80ea13f9bd7e0bc5-AMS
alt-svc
h3=":443"; ma=86400
fontawesome.min.css
irstaxrelief.co/wp-content/plugins/elementor/assets/lib/font-awesome/css/
57 KB
13 KB
Stylesheet
General
Full URL
https://irstaxrelief.co/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Oct 2022 21:50:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"633dfc1e-e238"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rap1INr7mmkd2h8bkWnFqMZmc7SHWsQKSpurZ%2Fcr5P9ubogsHphHnfBSBWLFml9e5Qwz66tI9bEJBRgGxHK2BdlBXkaWu4PcxfjoB2P5NB%2BAOyr9USI47XDspFhocZAPKwYSJLTaMWaos0GgYdA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
80ea13f9bd7f0bc5-AMS
alt-svc
h3=":443"; ma=86400
regular.min.css
irstaxrelief.co/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/
1 KB
623 B
Stylesheet
General
Full URL
https://irstaxrelief.co/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=1665006816
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f42fa1fe21c3cdf7ccfa09bfb44d1325bd3713e1ddb82e661e2c28002eef957

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Oct 2022 21:53:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"633dfce0-442"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NTrtUk221TeyYLSLUClhq3ThLwybUC3p%2BsCjJ0lG%2FARKuSln50kiEjAXn5JvV1Nt87V2p0idAbT98PXi3RJrBXup74NPwIg24eTWlkX16uYxRu9tC3t7QUu%2FAn%2FJOa%2FzdVa1KB8M3vZjQV3cEzM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
80ea13f9bd820bc5-AMS
alt-svc
h3=":443"; ma=86400
solid.min.css
irstaxrelief.co/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/
1 KB
647 B
Stylesheet
General
Full URL
https://irstaxrelief.co/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=1665006816
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc7e118b7e07217031d017282955569cb66891f527050135caadb2dd5779824f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Oct 2022 21:53:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"633dfce0-43a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uLr7ujrl3Wu%2FGguhKIQf1JyAUtn3AkiHDenwPhQBA2hL6ljpGsmsafquGVZ%2BuVvtr63IR0QgFH4DkZg0v9PN9V08Rm26JXb036wk5a3vvY%2BZUr0RHCuWDliJR3ARgqE0EtGuUkOn1q%2F14lBXVLw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
80ea13f9bd830bc5-AMS
alt-svc
h3=":443"; ma=86400
jquery.min.js
irstaxrelief.co/wp-includes/js/jquery/
85 KB
31 KB
Script
General
Full URL
https://irstaxrelief.co/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Aug 2023 22:47:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64d2c602-155ba"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d18Ab7b828zhGNT6CETWBuy5Wpap0%2FXvPaOG0ECerIFO8bDn%2B1QeECSWmW704X%2F1nKrIUh%2Fe4DBZAbCSChAivYzi%2FlampFmY0otitMbvmELTyoTCHdTrp%2FdVKhFZWiNHh91RGqIChKXzJ9RpTsc%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
80ea13f9bd860bc5-AMS
alt-svc
h3=":443"; ma=86400
jquery-migrate.min.js
irstaxrelief.co/wp-includes/js/jquery/
13 KB
5 KB
Script
General
Full URL
https://irstaxrelief.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Aug 2023 22:47:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64d2c602-3509"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BCw0I1KJQSq5jQomAaCgNvK4WQnK0GX%2FgPxQXASqFlnupWkBuc00qV5WrQpHajcNOglYPRLfjVgcqltpEG0M9LjSHHt9QHOLrlla3P53Et6a%2Fv6TQgJoylxilTLhyEyFn3VDsGKfNFUbDLBBURY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
80ea13f9bd880bc5-AMS
alt-svc
h3=":443"; ma=86400
custom.js
irstaxrelief.co/wp-content/plugins/taylor-plugins/public/js/
992 B
876 B
Script
General
Full URL
https://irstaxrelief.co/wp-content/plugins/taylor-plugins/public/js/custom.js?ver=1.0.0
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58b9222fa1a1cd4ef0c0f1f537ad8bde859d0dffcab04a8b46c5a16bcfc24e5a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Jun 2022 21:38:29 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62a3b9d5-3e0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fnNL5MMqdyPkfid3gnKkM9yQfuOtK4bzILFpLrX4qcvcIi9afQy63Z1t13in3WUKJ00hLnzTXXWBNxQaLVG5S6myM1cL5a0zVkHoegA1XQrvyhlsjffYRmnN3C2zTTwRvx%2B1OW%2FNYmIlkRXPgtI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
80ea13f9bd8b0bc5-AMS
alt-svc
h3=":443"; ma=86400
js_embed
hendricksen-innovations.leadshook.io/s/
13 KB
5 KB
Script
General
Full URL
https://hendricksen-innovations.leadshook.io/s/js_embed
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.16.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-16-4.compute-1.amazonaws.com
Software
nginx/1.19.9 / Express
Resource Hash
e6c1823bc1d37e4707ef75e6370d009fc00d687021e6cb0e7ba8f4539478188a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:09 GMT
content-encoding
gzip
server
nginx/1.19.9
x-powered-by
Express
x-cache-status
EXPIRED
vary
Accept-Encoding
etag
W/"3298-JCjSes/ODOSFfTbJviMbwoZvdLI"
content-type
text/html; charset=utf-8
widget-icon-list.min.css
irstaxrelief.co/wp-content/plugins/elementor/assets/css/
11 KB
1 KB
Stylesheet
General
Full URL
https://irstaxrelief.co/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af8e0c2f9a98f639588c7b32f93643c644c7ae463c7e52a9efa56619cb0fb6d3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Oct 2022 21:50:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"633dfc1e-2dff"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a24ZQjxEH9W0gs3c6W9pkZNqq0MR1nKtAGE%2FD5A%2F9cc0Ao1abgGOQoZGZzxJEei%2F6YeKjVCmRfSfqO6I%2FQAL1KUsZ1zhhQ%2F941PtoWRkB9HdYHiPEyevT06tQLts6u9iuriyVc%2F45WRrNp9Fuq4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
80ea13f9bd850bc5-AMS
alt-svc
h3=":443"; ma=86400
hello-frontend.min.js
irstaxrelief.co/wp-content/themes/hello-elementor/assets/js/
3 KB
1 KB
Script
General
Full URL
https://irstaxrelief.co/wp-content/themes/hello-elementor/assets/js/hello-frontend.min.js?ver=1.0.0
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f161501494bc2f199eaf414c3104318a00e2072f272ebce45540eef58cfb08b

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 11 Jul 2022 22:21:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"62cca267-c5c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJS4gO5rztv4m%2FbrgLFfEEb2nv0wjvaz8tSL2ftkR1e2THhtdPy4XEq7oVVQYeKCmffFPfC7PCtYdwMdI10s3MXT9llslRirRQIqI8Rn%2BHU59%2FOUP2NxdX9aE6gRav7MSUwZyNkmEyWnWwXTXmU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
80ea13f9bd8d0bc5-AMS
alt-svc
h3=":443"; ma=86400
webpack-pro.runtime.min.js
irstaxrelief.co/wp-content/plugins/elementor-pro/assets/js/
5 KB
3 KB
Script
General
Full URL
https://irstaxrelief.co/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.7.7
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f032f0b942ea9f4bd771ddb2262c518e948328a305a5268dacc74f3eee364514

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 23 Sep 2022 21:57:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"632e2bba-1440"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qw%2FcC9Zzdj%2BK2QwRJIVwBQ6oCV4kOAxDnFgSc%2FC3Ziw4Tw3wzLcMuxcBfOotOcmjMGuUOLE5N6ZpPwRv8AqlCZ1zHrKqrxuciEFC0SK5XvtZjci84c%2BZyUhpuiYAugxk6g3%2Be8WiA2WvmacVYPk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
80ea13f9bd8e0bc5-AMS
alt-svc
h3=":443"; ma=86400
webpack.runtime.min.js
irstaxrelief.co/wp-content/plugins/elementor/assets/js/
5 KB
2 KB
Script
General
Full URL
https://irstaxrelief.co/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.8
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
189526e3c25dc1cd28633db393e38d926f86432f000908ed3f55aaef43778cc0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Oct 2022 21:50:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"633dfc1e-135d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2FQkChcwDeDpiP5kYvhpKBSQjL%2Bhk%2Fdx4GhVVRvPzuULJaNRyZulY3TLLPDQOM4PRKKW%2BAuflYcJ7y4mh4yGzN9HtAVzPInWdK48%2BOMVzYtyPrOiNsvWOakIcT96e5Xzm9aSyG5R%2BYSwjpyYWL8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
80ea13f9bd8f0bc5-AMS
alt-svc
h3=":443"; ma=86400
frontend-modules.min.js
irstaxrelief.co/wp-content/plugins/elementor/assets/js/
32 KB
11 KB
Script
General
Full URL
https://irstaxrelief.co/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.7.8
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b5283387ec103868d83ebcb8ed6516cf4b29fa6c1490991ce3aff980aadfe02

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Oct 2022 21:50:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"633dfc1e-80a1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FmSKwaW2mi97VvRrIGYUrSqUyFCPucE6jEnZl9RmpXjG4xky%2FiHK8IlEiwnXhl6y4pEc%2Fcu8tKgxpMDLuYxJOU2NtC8%2FnmN293AmX42bCwc87MQrY50UKqgP6j%2B5AdXepNx4fr8vrExmZtJPjaw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
80ea13f9bd910bc5-AMS
alt-svc
h3=":443"; ma=86400
wp-polyfill-inert.min.js
irstaxrelief.co/wp-includes/js/dist/vendor/
8 KB
3 KB
Script
General
Full URL
https://irstaxrelief.co/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Mar 2023 22:56:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6424c221-1feb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=texTCVSl4zcOVEvsfSNrMxTCXlcdTHJPmE%2F72pSRzfXpfcg%2B59LultlU0wXPsSkseiccSiFKYmnOGsoqCZn6oRjHEDDvnOV6rcIzPidNN8kSnoT760v0QpW28G2d5EpeJmz0UTD7MaNgzu%2BFN6U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
80ea13f9bd930bc5-AMS
alt-svc
h3=":443"; ma=86400
regenerator-runtime.min.js
irstaxrelief.co/wp-includes/js/dist/vendor/
6 KB
3 KB
Script
General
Full URL
https://irstaxrelief.co/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Mar 2023 22:56:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6424c221-19cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nDd4SABzcTTEaNNbQzU%2BGP68k2dUQWnLvTWuMyrPsFX0TDjhdMzsxgNtfzA92WYQF%2BsggZgRwF7XnoAL754ZAMwru8MsvSLXBAc5%2Fdd2SfxUikdsmSdPxBz%2BawANPYpxD%2BMuAqGOfojJ2ueHzF0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
80ea13f9bd960bc5-AMS
alt-svc
h3=":443"; ma=86400
wp-polyfill.min.js
irstaxrelief.co/wp-includes/js/dist/vendor/
16 KB
6 KB
Script
General
Full URL
https://irstaxrelief.co/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Aug 2023 22:47:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64d2c602-3f12"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3LfvjvS7kRTUYfTkcEzPSS%2BQN6YlOLbrxIcAWY3To7bhrDH%2B1NLGqU2YFHHg8ye3sZjc2X%2FVNo%2FCGiMt7ZWEJkXjR4Cnx%2FwSVDFGbDgEl%2F9H6ROf84kF4umfHiObmMQOLuyzOpwOkIdXIFxU6Bg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
80ea13f9bd970bc5-AMS
alt-svc
h3=":443"; ma=86400
hooks.min.js
irstaxrelief.co/wp-includes/js/dist/
5 KB
2 KB
Script
General
Full URL
https://irstaxrelief.co/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Aug 2023 22:47:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64d2c602-1213"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tOh6K0h%2BgNMuGpp0UCpDH8ziaBD0SV2TKWxIO5bX5X%2BByHnwHDl46cf3CSdRSC1HSuQpBGse2GFq5YXDYF5VTkvUDS7%2B2Onn1NdPCDDK2711%2BRU5jH7qXfmi4TjmiOFfcAm4QLf9Vag26ydTHag%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
80ea13f9bd980bc5-AMS
alt-svc
h3=":443"; ma=86400
i18n.min.js
irstaxrelief.co/wp-includes/js/dist/
9 KB
4 KB
Script
General
Full URL
https://irstaxrelief.co/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 08 Aug 2023 22:47:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64d2c602-24e5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWUB%2BBlxlRQkprorlecbQgnFUHJnBKX%2FhcjOVCE9h0BcWP4y%2FJyz1aN3CPfr2JQybtRIp8u0iilY%2FM%2FCkwvsKVseMfOzGxx4Zd5v%2BDtfPww6WDKO9le12pEoKb5Cby9wU%2BAXbg%2BKIEuZKpnaaHw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
80ea13f9bd990bc5-AMS
alt-svc
h3=":443"; ma=86400
frontend.min.js
irstaxrelief.co/wp-content/plugins/elementor-pro/assets/js/
21 KB
6 KB
Script
General
Full URL
https://irstaxrelief.co/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.7.7
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b00cbc0ab0a8a635ebeaf832cc1e0775145b3775e617ede3c1e45f19681ffcba

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 23 Sep 2022 21:57:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"632e2bba-53a9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fN87UO6ec4RLCNUxgCWVJ4DZ6ucGQZ6cXg0wrMjS3MgXvFYasEkQnILqAfzuMvF9EuoKE1kdT1gDiuiS21xAd2MKsEpBqVgmXmxScXXKnPGAcR8IJjVoGCyqtGWUNwMDBX7Dkwhdr8jjGev1e3s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
80ea13f9bd9a0bc5-AMS
alt-svc
h3=":443"; ma=86400
waypoints.min.js
irstaxrelief.co/wp-content/plugins/elementor/assets/lib/waypoints/
12 KB
3 KB
Script
General
Full URL
https://irstaxrelief.co/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Oct 2022 21:50:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"633dfc1e-2fa6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2FG36RWUfL7qzaWqyVz8pjqfNnkf%2BzD%2Fr1VPp8%2FdXIr3l9eq1TN%2FVU2UX93Qsu4HQxdcPfuPQ%2FzTXJv98vN2OhbJ6wAPWO1DLgn0F7wsPXBv%2B0wUBF05YJNuscRe0R5y7O906XQd%2BVMlMOlAs1o%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
80ea13f9bd9c0bc5-AMS
alt-svc
h3=":443"; ma=86400
core.min.js
irstaxrelief.co/wp-includes/js/jquery/ui/
21 KB
7 KB
Script
General
Full URL
https://irstaxrelief.co/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Mar 2023 22:56:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6424c221-53be"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LcY%2BxNXYh%2Fy2lVx5ux9qSwq0SI6Jar2RzPnyLt0bdZg7HzrmsDSQiDZEcbmsI0YB7F0HIonjh7brBXIAmGTfJ4hVGnLgse9e%2Bg6CM6XlhYxN6okPPjXVUh6NU61u2E1Mr8Kp9M2LBtvcdXNg4%2B8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
80ea13f9bd9f0bc5-AMS
alt-svc
h3=":443"; ma=86400
frontend.min.js
irstaxrelief.co/wp-content/plugins/elementor/assets/js/
40 KB
13 KB
Script
General
Full URL
https://irstaxrelief.co/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.7.8
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e4b2020366cf0e467191b309fe8f9a946228e2834bf2c053ae7cb8facb1d97f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Oct 2022 21:50:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"633dfc1e-9e41"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u4idvthVPU0CKGElNUlXF0BCdaeo7QMSFRokvCQZrLIWfk4Y3ohgUs3NhSO5x7wBha1pSS6hpkIVJv8hv5at8xOSZqN5yby1RznPBHiUb3E%2Fl%2FjNJHbFhXrx52I1%2BccJF9zgHUZHjiEPez9O0qw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
80ea13f9bda10bc5-AMS
alt-svc
h3=":443"; ma=86400
elements-handlers.min.js
irstaxrelief.co/wp-content/plugins/elementor-pro/assets/js/
24 KB
6 KB
Script
General
Full URL
https://irstaxrelief.co/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.7.7
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf318affe78386fd3458c28d3148eb84d7443f8ccf8ad74088f5f051c50b9ba4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 23 Sep 2022 21:57:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"632e2bba-5f3e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MjfpPpgE5GuipE2i9%2Fdg0TRS08tv7yCHfeAH5cagElidRmoubQkBrafe%2FPQh6cJbyu5OvBqzcRKFjhVKe5vsD9JYC6kDi5HcVCm3KjhcimyVHWSjs15%2BLZD%2F8KLtmPjd89J9IBFZWMoqkuLF6EI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
80ea13f9bda20bc5-AMS
alt-svc
h3=":443"; ma=86400
jquery.sticky.min.js
irstaxrelief.co/wp-content/plugins/elementor-pro/assets/lib/sticky/
4 KB
2 KB
Script
General
Full URL
https://irstaxrelief.co/wp-content/plugins/elementor-pro/assets/lib/sticky/jquery.sticky.min.js?ver=3.7.7
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aec33c581d5e02e4431f1afc6396a33f1637ad979a3412a2ecc237932af3c8a0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 23 Sep 2022 21:57:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"632e2bba-e78"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nkdymG8W%2BQmPed8Zc1uKoxmCrjHQuLgzFNQ89YOkFoOJQCfyPcX16GU8f69oU7ypmgsi5sqDKueefCwhHnpt1w%2BHmNOGQEUlcz3qc61GRbryiyMzLwQnbqZPcCi%2FbXiLc5RWE0itaeUnSJh6gmA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
80ea13f9bda40bc5-AMS
alt-svc
h3=":443"; ma=86400
lazyload.min.js
irstaxrelief.co/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/
8 KB
3 KB
Script
General
Full URL
https://irstaxrelief.co/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Oct 2022 21:50:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"633dfc23-2063"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zP9OChORevAipDGO5vEKrW6XiYFBeIfsFYV8g3hMn8EWcEmfTeA%2BMsUwMITgyWnOAvXc%2BtApArJKznrbSUn72ZsJwrW5x2F%2BLaFTPX2hmz%2BS21raSb1%2B9sB1q4xQnUjlFZUAahg6ArwSE%2FjcNsU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
80ea13fdd8f2b969-AMS
alt-svc
h3=":443"; ma=86400
gtm.js
www.googletagmanager.com/
240 KB
85 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W4X83RS
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f31759b3d2030d29b52af5d5241ccf43c18f7def17296276c5ae3321775cc86a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
86733
x-xss-protection
0
last-modified
Sat, 30 Sep 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 30 Sep 2023 05:31:10 GMT
truncated
/
69 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b90300815db52a38326ef42db99656a68ee8b1bc180ab6abcd5eae9149b24144

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
css_embed
hendricksen-innovations.leadshook.io/s/
10 KB
3 KB
Stylesheet
General
Full URL
https://hendricksen-innovations.leadshook.io/s/css_embed
Requested by
Host: hendricksen-innovations.leadshook.io
URL: https://hendricksen-innovations.leadshook.io/s/js_embed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.16.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-16-4.compute-1.amazonaws.com
Software
nginx/1.19.9 / Express
Resource Hash
805f109c4c821372e30f43d7d288fbadf88d62aaa3964fcc432f06ecb5909280

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:10 GMT
content-encoding
gzip
server
nginx/1.19.9
x-powered-by
Express
x-cache-status
EXPIRED
vary
Accept-Encoding
etag
W/"29f5-DddodIoJxOqyAN0ovxTvHpuqRlo"
content-type
text/css; charset=utf-8
ANdr9oin6NEjPM5f8iWCq7ulQYIVA5J3S9kqJCCl
hendricksen-innovations.leadshook.io/survey/ Frame 3329
175 KB
26 KB
Document
General
Full URL
https://hendricksen-innovations.leadshook.io/survey/ANdr9oin6NEjPM5f8iWCq7ulQYIVA5J3S9kqJCCl?embed=true&index=0
Requested by
Host: hendricksen-innovations.leadshook.io
URL: https://hendricksen-innovations.leadshook.io/s/js_embed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.16.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-16-4.compute-1.amazonaws.com
Software
nginx/1.19.9 / Express
Resource Hash
cfa78307ddf4f855127dc53edcd4f16028052ab1a48212193b3c7d52cd88af15

Request headers

Referer
https://irstaxrelief.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 30 Sep 2023 05:31:10 GMT
etag
W/"2bdd9-flryms9qal98hUNzUADokQNGRzs"
expires
0
pragma
no-cache
server
nginx/1.19.9
vary
Accept-Encoding
x-cache-status
MISS
x-powered-by
Express
x-username
undefined
iframe_api
www.youtube.com/
993 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: hendricksen-innovations.leadshook.io
URL: https://hendricksen-innovations.leadshook.io/s/js_embed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
18614606d320439a121e4f4b77c33b944d9cef43ed48cecb48e8b4428580a803
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:10 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /cspreport
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=nl for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Sat, 30 Sep 2023 05:31:10 GMT
truncated
/
67 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d779e15618288d4d715c38039a70a0e2a7a139651a39803cc91f6df788c1f0a

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
67 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
00cd51382f2cc1c51288469feb95888f7e4beb126e377452b26b80244f409f7f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
67 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
47fb6e967d823bdb76acdbd458fa46b9138be5aa3f125b26b477b7312cf62599

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
67 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11b988ad95739d6b5c7fd4b2a033e5f21ac28de03da98e600e5132e6ba78646f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://irstaxrelief.co
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Thu, 28 Sep 2023 00:08:32 GMT
x-content-type-options
nosniff
age
192158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 27 Sep 2024 00:08:32 GMT
fa-regular-400.woff2
irstaxrelief.co/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/
13 KB
13 KB
Font
General
Full URL
https://irstaxrelief.co/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-regular-400.woff2
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=1665006816
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951

Request headers

Referer
https://irstaxrelief.co/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/font-awesome/css/regular.min.css?ver=1665006816
Origin
https://irstaxrelief.co
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:10 GMT
cf-cache-status
HIT
last-modified
Wed, 05 Oct 2022 21:50:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"633dfc1e-33dc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DSHj5um2sCn5whr3IydrcLvcLISTetgSH%2BmRHId0rpw1GsL1%2FC3yOBLVPt6N92OyaJ6SYAVShKu%2FLOMbkOy8hPkYvEgnLk8nfrxjOLpVdtXnie8Wrn2EwHCdrpMvN510UMZmXdZChjG14dCvDfQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
80ea13fe1943b969-AMS
alt-svc
h3=":443"; ma=86400
content-length
13276
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://irstaxrelief.co
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 07:45:30 GMT
x-content-type-options
nosniff
age
337540
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Sep 2024 07:45:30 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://irstaxrelief.co
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 16:50:19 GMT
x-content-type-options
nosniff
age
218451
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Sep 2024 16:50:19 GMT
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e473b99d06c831a749697194cfcfaa225f324bdba152002b44d5d7ab1559bea

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
67 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cdb69fa70a5f1278ecaaab1ba6606fe5ba6e7af7404cd05cbc9f1a28622be5e6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ba3544888c16ea37a9da809bd4628a3d32dc783299376fadabb6ed485e988b8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
beeefddc7bc976a55d91c514398d309c3ce9de06381ca4a7b215d799d2fdd64d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
68 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aab6b08c75834ec555a87c4a633c9b41f4a90b3fde2d3971f3d3c96ff278597d

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

Content-Type
image/svg+xml
instant-tax-solutions-office-staff.jpg
irstaxrelief.co/wp-content/uploads/2022/09/
115 KB
115 KB
Image
General
Full URL
https://irstaxrelief.co/wp-content/uploads/2022/09/instant-tax-solutions-office-staff.jpg
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/wp-content/uploads/elementor/css/post-14.css?ver=1665114295
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7a95ea75f41cf76aa5f8eaab3095d653610966a126b02e6d1395f85410f3384

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/wp-content/uploads/elementor/css/post-14.css?ver=1665114295
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:10 GMT
cf-cache-status
HIT
last-modified
Wed, 07 Sep 2022 04:07:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63181904-1ca4a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hbn5sxdz1QI%2BRpp%2BnKY74YxJRF30LvXBHisM6b1oQExl8NA5GWOAANykrLwUwLSiCQkig8AOyHIiO8nv069rvwFo621ltVQ%2B7llmcNgqU0gzaARl9zqV%2BMhHGp6G%2BP%2FvuurNv7RrEA8HagWNXKg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
80ea13fe3966b969-AMS
alt-svc
h3=":443"; ma=86400
content-length
117322
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://irstaxrelief.co
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 07:35:17 GMT
x-content-type-options
nosniff
age
78953
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Sep 2024 07:35:17 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://irstaxrelief.co
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 23 Sep 2023 07:15:26 GMT
x-content-type-options
nosniff
age
598544
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 22 Sep 2024 07:15:26 GMT
pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b0864712c6e7ca75f8c003f7bc1a9270af33d6becd4119463771593274c48d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://irstaxrelief.co
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 04:11:00 GMT
x-content-type-options
nosniff
age
4810
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8596
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:03:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 29 Sep 2024 04:11:00 GMT
eicons.woff2
irstaxrelief.co/wp-content/plugins/elementor/assets/lib/eicons/fonts/
91 KB
92 KB
Font
General
Full URL
https://irstaxrelief.co/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=1665006816
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
691fa7d17effc7d303eda0ad7e4a1d91b2f375506cfc8a774480cc2b55f156ea

Request headers

Referer
https://irstaxrelief.co/wp-content/cache/min/1/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=1665006816
Origin
https://irstaxrelief.co
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:11 GMT
cf-cache-status
HIT
last-modified
Wed, 05 Oct 2022 21:50:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"633dfc1e-16cbc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ckkT%2Fjbtx8Sas7PUk%2Fnv0ed1q6p4seJbWGoe5E%2FsEAlVabfFdprVRr3tsmKPoP4nHkSi310mQSplNnYwpLG78PubgqvgRGkokEa8sqH86IQVCv9TPC2qvaHEADLE8%2FqkQiXqfaxyBP4TGigAxPo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
80ea13fe3969b969-AMS
alt-svc
h3=":443"; ma=86400
content-length
93372
pxiGyp8kv8JHgFVrJJLucHtA.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
9 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiGyp8kv8JHgFVrJJLucHtA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://irstaxrelief.co
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 02:37:29 GMT
x-content-type-options
nosniff
age
269621
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8668
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:07:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Sep 2024 02:37:29 GMT
video.fab0f05f6306583e8ff8.bundle.min.js
irstaxrelief.co/wp-content/plugins/elementor/assets/js/
3 KB
2 KB
Script
General
Full URL
https://irstaxrelief.co/wp-content/plugins/elementor/assets/js/video.fab0f05f6306583e8ff8.bundle.min.js
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
00ec34da58bf930b72fb2d61d03d0e88edbe97dbe9df9ec881b40555734bd414

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Oct 2022 21:50:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"633dfc1e-db4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=runW0dgxn0iYaFRr6A28Z9FQIsNkRSk0yfCiWQb52nnLW2M2PuhfeqnFunD5quj4%2F5kUXwfCnzpdn%2BjOKdkrs7KYKc3W%2BlX0iN9m96xkTBqiziydEXW1aVFM%2FhrjXh%2FAdYCKqIv8yXpd448a2%2Fg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
80ea13fe89bdb969-AMS
alt-svc
h3=":443"; ma=86400
text-editor.2c35aafbe5bf0e127950.bundle.min.js
irstaxrelief.co/wp-content/plugins/elementor/assets/js/
1 KB
1 KB
Script
General
Full URL
https://irstaxrelief.co/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.7.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8022d018cf850c02b580b4d97b53a03518af6260efc76cb1d7a647b14c2f8813

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:10 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 05 Oct 2022 21:50:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"633dfc1e-54f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zDKK8%2FiMhmH9P4lx2mCOFsiDzBejE4A0TMWqnGODU2p6FksJiP4%2FqRPUt3kjCHskaOpeTBu8ErumlfCcFqPLYSIef%2FRZoWqvorHM2rdHw%2F3orLIr36mTsuUIhgE%2BcM2%2FUD3tzL61Yi9V5uAgz1I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000
cf-ray
80ea13fe99cab969-AMS
alt-svc
h3=":443"; ma=86400
www-widgetapi.js
www.youtube.com/s/player/f7e1823a/www-widgetapi.vflset/
210 KB
65 KB
Script
General
Full URL
https://www.youtube.com/s/player/f7e1823a/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e187e4a8a9f228ce430019536e1bc7c83a4da9b3a049b5cb8203f1b08392d9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 04:42:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
2897
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
66243
x-xss-protection
0
last-modified
Wed, 27 Sep 2023 01:54:31 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sun, 29 Sep 2024 04:42:53 GMT
logo-lg.png
irstaxrelief.co/wp-content/uploads/2022/09/
13 KB
13 KB
Image
General
Full URL
https://irstaxrelief.co/wp-content/uploads/2022/09/logo-lg.png
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
697e78e3993d10dfbc31409458586dd43c7895bb2772466eba5cc94d10c53264

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:10 GMT
cf-cache-status
HIT
last-modified
Fri, 23 Sep 2022 21:59:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"632e2c46-339e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yexoMhdLGifXgC37%2FdTcffTPpvwuHLZBcsIcYyC6Br9dEmL8ffKo91dsNNrqfygJxv238%2BT%2FwnQsS0FxQN4dN8r6cniYTdGhHzTK8OkyeHllM%2FYDUxbmhCI6bO%2BqVHUj2L90wQGUSdzJuNxwHh4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
80ea13ff3a9cb969-AMS
alt-svc
h3=":443"; ma=86400
content-length
13214
logo-bbb.png
irstaxrelief.co/wp-content/uploads/2022/09/
1 KB
2 KB
Image
General
Full URL
https://irstaxrelief.co/wp-content/uploads/2022/09/logo-bbb.png
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
478aa39121932c0ba8866d252208716b98ef8990bb956a45797d9ed743ebb963

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:10 GMT
cf-cache-status
HIT
last-modified
Tue, 06 Sep 2022 16:58:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63177c31-4b5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HRKzcDaSxNBqS9rBhkslvFTmj%2FFHGiint3sDpwZ%2F6hDvQWmg9ZJOLaajqaa75uf9XRrcmbAVSzuaMhGw3xQH8L4%2FnOeAmdHhiaRnrpJ8p2ij7zeaz1Ge5HQOUjoY%2FMzDIgzeHr2Sc3vZVfKlXZw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
80ea13ff3a9fb969-AMS
alt-svc
h3=":443"; ma=86400
content-length
1205
logo-trustpilot.png
irstaxrelief.co/wp-content/uploads/2022/09/
2 KB
2 KB
Image
General
Full URL
https://irstaxrelief.co/wp-content/uploads/2022/09/logo-trustpilot.png
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
06f86b6fe129ddcc21da575ecf860a8e59431cd3bce41afb6534e0b87371dba6

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:11 GMT
cf-cache-status
HIT
last-modified
Tue, 06 Sep 2022 16:59:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63177c56-64d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LlyFpidl982HOybW%2BKdKhGF2FoMYCTlt9Vl5ad4ddXif%2BRpJ9kkDOrsHm0P9LiJqX9y2xnOSYdNgRn%2Bca%2F8S3f34%2BFfvYfEQ0IX%2BrAb4hphK6Cmei0OAwevJcGSrHr8ANsqvlVVJTjhKeRqwiOs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
80ea13ff3aa1b969-AMS
alt-svc
h3=":443"; ma=86400
content-length
1613
logo-ivouch.png
irstaxrelief.co/wp-content/uploads/2022/09/
1 KB
2 KB
Image
General
Full URL
https://irstaxrelief.co/wp-content/uploads/2022/09/logo-ivouch.png
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2a7eb08cd38d895c5fa0e97c12e98289342ad7a0e1b6df5ab6e2f34a326dfc9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:10 GMT
cf-cache-status
HIT
last-modified
Tue, 06 Sep 2022 16:59:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63177c60-5c9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ym9U3tv27ClY68HU2n6%2BMuhaMmjgjSOdFZZ85MAir4LGwABQAQIb%2Be2T3nUnpGFO0kO9bcenJmeSYBSFNwnQa%2BC3WqwGUuoieWThF1W3Qim8XpEmxUfPUMFXFFhaPYdw5wA8v9DQBBSTscIdt2M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
80ea13ff3aa3b969-AMS
alt-svc
h3=":443"; ma=86400
content-length
1481
logo-trustlink.png
irstaxrelief.co/wp-content/uploads/2022/09/
2 KB
2 KB
Image
General
Full URL
https://irstaxrelief.co/wp-content/uploads/2022/09/logo-trustlink.png
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3365e2d0c22a37d13f2fe9f86dbf3366fa342963b64b2fd93ac2706d77089baf

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:10 GMT
cf-cache-status
HIT
last-modified
Tue, 06 Sep 2022 16:59:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"63177c6a-6b0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oIy7eApTY6uWuylTIyOI39GAnBkThZA88d%2FkP4m9QWoQlQDcnK3GPJnJmBPEnXNqYqnkUYM0jHeNb8uAs%2BbY21xyUvCDm9AhUAq7RoFxasPeQufZzwWgE2Snwc0lkl9cloQDdllXOMRpZySN6Eg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
80ea13ff3aa4b969-AMS
alt-svc
h3=":443"; ma=86400
content-length
1712
1.1.3-ITA-Main-3-Sq-high.gif
irstaxrelief.co/wp-content/uploads/2022/09/
1 MB
1 MB
Image
General
Full URL
https://irstaxrelief.co/wp-content/uploads/2022/09/1.1.3-ITA-Main-3-Sq-high.gif
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8472e3147e5a3fc79ff726d3cffee1beb68b39f3d75da08628c2edd0a3bee43f

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:10 GMT
cf-cache-status
HIT
last-modified
Sat, 24 Sep 2022 22:47:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"632f8906-113a02"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lao1EnEAzD5cVnV%2B58z2qlgFUbQg4VpMVasMJQGRWzZQEracC8hVCf4jduOk9j20pMdaHHXH0Yz%2BdJSIfTzgUnK%2B1Px00Tejz431d3rmlk4N4D6Xg5pX5UG1JvP2rt14CRF0jdXkiotE7SV42VY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
80ea13ff3aa5b969-AMS
alt-svc
h3=":443"; ma=86400
content-length
1128962
fbevents.js
connect.facebook.net/en_US/
197 KB
53 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
275a43b12f692b2930a431505a506f0ddff81d732b5cef0d30f4396abdb40637
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 30 Sep 2023 05:31:10 GMT
document-policy
force-load-at-top
content-security-policy-report-only
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53277
x-xss-protection
0
pragma
public
x-fb-debug
9wZ8GCoI7ENSwEmtqbMl/ALOuzoOHSYn9GOmZB0yXNhJjphc0ugbgSlcKYNFWPIhwLAbyhQmjM4Ap1sQwqxCbw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.googletagmanager.com/gtag/
241 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RVRE5L9M8S&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4X83RS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
893cc6c453558edf50b85629253021640965243fce990c82692aa1cf00791887
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85790
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 30 Sep 2023 05:31:10 GMT
d3fed649.frontend_vendor.css
static.leadshook.io/app/ Frame 3329
29 KB
6 KB
Stylesheet
General
Full URL
https://static.leadshook.io/app/d3fed649.frontend_vendor.css
Requested by
Host: hendricksen-innovations.leadshook.io
URL: https://hendricksen-innovations.leadshook.io/survey/ANdr9oin6NEjPM5f8iWCq7ulQYIVA5J3S9kqJCCl?embed=true&index=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-64.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3715b504c68323affe436a0169f96fcccfff8f0632a7bce1ca2a762ff714fd17

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hendricksen-innovations.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:09:15 GMT
content-encoding
gzip
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Tue, 26 Sep 2023 19:42:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
1410
x-amz-server-side-encryption
AES256
etag
"2691bec10dfcb03933e154272b77dc57"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
accept-ranges
bytes
content-length
5740
x-amz-cf-id
nxzUAvtXJs14QftmPjZWCFk2IyUV2-if2TwlLD0myeywAH6Co-yCpg==
5692d0b8.app.css
static.leadshook.io/app/ Frame 3329
279 KB
47 KB
Stylesheet
General
Full URL
https://static.leadshook.io/app/5692d0b8.app.css
Requested by
Host: hendricksen-innovations.leadshook.io
URL: https://hendricksen-innovations.leadshook.io/survey/ANdr9oin6NEjPM5f8iWCq7ulQYIVA5J3S9kqJCCl?embed=true&index=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-64.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
11b86b79a3bcca03a5c1465b3910b6f25822d9eac7c39f826fb928174b617b07

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hendricksen-innovations.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 01:10:20 GMT
content-encoding
gzip
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Fri, 29 Sep 2023 16:25:18 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
15651
etag
W/"5692d0b8716c7a570e750fea783589b5"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css; charset=utf-8
x-amz-cf-id
ancb_IjHEa9CUqYgpvceiCp64xmkqGZLtGB1vfc1rQp7OFbHtMMBuA==
pollyfill.js
polyfill.leadshook.io/ Frame 3329
101 B
527 B
Script
General
Full URL
https://polyfill.leadshook.io/pollyfill.js
Requested by
Host: hendricksen-innovations.leadshook.io
URL: https://hendricksen-innovations.leadshook.io/survey/ANdr9oin6NEjPM5f8iWCq7ulQYIVA5J3S9kqJCCl?embed=true&index=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-3.fra2.r.cloudfront.net
Software
CloudFront /
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Content-Security-Policy default-src 'self'

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hendricksen-innovations.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:10 GMT
content-security-policy
default-src 'self'
via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA2-C1
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=31536000
feature-policy
camera 'none'; microphone 'none'; speaker 'none'
content-length
101
x-amz-cf-id
6PiEdHQZ_EYsHcNRNyXvI_e4ptiL5Cr2RINdVDt7C37fIs9wjAp-Xg==
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame 3329
30 KB
6 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: hendricksen-innovations.leadshook.io
URL: https://hendricksen-innovations.leadshook.io/survey/ANdr9oin6NEjPM5f8iWCq7ulQYIVA5J3S9kqJCCl?embed=true&index=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hendricksen-innovations.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1249889
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LgqYjjOHIsfyw6g6kFuZUWvQ8UglzAyMtJ7Ja4rXvRQvsjNHigZlqtYnd4QV2eLdaw6w8Xy77svCY%2BHrvZb%2F1s%2Bgm4g0cyQRI4n56Yvp%2B%2BAEy%2BtXXfdTOi%2FA1DSuuOqrqJj1fyzosmd1iEQwUWQ2fMJ0"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80ea13ffbc01286b-AMS
expires
Thu, 19 Sep 2024 05:31:10 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/ Frame 3329
63 KB
23 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/gsap.min.js
Requested by
Host: hendricksen-innovations.leadshook.io
URL: https://hendricksen-innovations.leadshook.io/survey/ANdr9oin6NEjPM5f8iWCq7ulQYIVA5J3S9kqJCCl?embed=true&index=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hendricksen-innovations.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:10 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7008046
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
22890
last-modified
Sat, 25 Dec 2021 03:05:32 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61c68a7c-596a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UasGUhMIM9h1BcVKURwSx1Ftp7snnzQpP4EB%2BLWYVwARpi%2BLrgvDlrHqIZZPxEVau4%2BCVgfHXMv81gAJ7Wjv32tS4okezlkGwaZyMggyx6VsrEgX7Xl%2FdIVR0gotNcHhkPAsFQYBz2uL5k4wplp5XQJI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80ea13ffbc03286b-AMS
expires
Thu, 19 Sep 2024 05:31:10 GMT
a50169db.frontend_vendor.js
static.leadshook.io/app/ Frame 3329
2 MB
613 KB
Script
General
Full URL
https://static.leadshook.io/app/a50169db.frontend_vendor.js
Requested by
Host: hendricksen-innovations.leadshook.io
URL: https://hendricksen-innovations.leadshook.io/survey/ANdr9oin6NEjPM5f8iWCq7ulQYIVA5J3S9kqJCCl?embed=true&index=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-64.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
61c45e2bf4eecf61ebca61e7204b1163436e0dbed20c1bdd4eed68f834af26fd

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hendricksen-innovations.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 23:14:13 GMT
content-encoding
gzip
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Tue, 26 Sep 2023 19:42:51 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
22618
x-amz-server-side-encryption
AES256
etag
"8e3590465879707b945623b296f8db90"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
accept-ranges
bytes
content-length
626781
x-amz-cf-id
EJuOSC4O3MQiF6zF9UlT8EZ-jla-uGS99l069bG8rRVMqsbherwbCw==
7767ddf1.frontend_app.js
static.leadshook.io/app/ Frame 3329
3 MB
330 KB
Script
General
Full URL
https://static.leadshook.io/app/7767ddf1.frontend_app.js
Requested by
Host: hendricksen-innovations.leadshook.io
URL: https://hendricksen-innovations.leadshook.io/survey/ANdr9oin6NEjPM5f8iWCq7ulQYIVA5J3S9kqJCCl?embed=true&index=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-64.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4a3b10921ecc27d8fe98e42ee9a784d469ecacd2a110d7d887e165ff37477c3c

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hendricksen-innovations.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Fri, 29 Sep 2023 16:49:19 GMT
content-encoding
gzip
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Fri, 29 Sep 2023 16:25:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
45712
etag
W/"a74c799d45241766ea173f900a51dcf3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
x-amz-cf-id
e6_3C52XBqVfSchnhml9cufgjDULAqmt_T9qaHzXlE5VdhUUrO9P7w==
collect
region1.google-analytics.com/g/
0
253 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-RVRE5L9M8S&gtm=45je39r0&_p=1404125495&cid=588088158.1696051871&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1696051870&sct=1&seg=0&dl=https%3A%2F%2Firstaxrelief.co%2F&dt=Instant%20Tax%20Attorney%20%E2%80%93%20IRS%20Tax%20Debt%20Relief&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RVRE5L9M8S&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 05:31:10 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://irstaxrelief.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
901028416583172
connect.facebook.net/signals/config/
116 KB
31 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/901028416583172?v=2.9.131&r=stable&domain=irstaxrelief.co
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4bf144bd9177751b760250e14c22cc04dc2af058684ec9273d19a6e05ebd8b16
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 30 Sep 2023 05:31:10 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
CKOe/9RvfdJ4xye3Gf9R1rlhcKftl3lbUTT6MApxxFo+YbIBpewZJ0eymGtWbPBUDVgQUAWt9svdHiJ4bBWa+Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
css2
fonts.googleapis.com/ Frame 3329
242 KB
7 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Abel:wght@100;300;400;500;700;900&family=Abril+Fatface:wght@100;300;400;500;700;900&family=Barlow:wght@100;300;400;500;700;900&family=Bitter:wght@100;300;400;500;700;900&family=Comforta:wght@100;300;400;500;700;900&family=Droid+Serif:wght@100;300;400;500;700;900&family=Inconsolata:wght@100;300;400;500;700;900&family=Josefin+Sans:wght@100;300;400;500;700;900&family=Josefin+Slab:wght@100;300;400;500;700;900&family=Lato:wght@100;300;400;500;700;900&family=Libre+Franklin:wght@100;300;400;500;700;900&family=Lobset+Two:wght@100;300;400;500;700;900&family=Lobster:wght@100;300;400;500;700;900&family=Lora:wght@100;300;400;500;700;900&family=Merriweather:wght@100;300;400;500;700;900&family=Montserrat:wght@100;300;400;500;700;900&family=Muli:wght@100;300;400;500;700;900&family=Noto+Sans:wght@100;300;400;500;700;900&family=Nunito:wght@100;300;400;500;700;900&family=Nunito+Sans:wght@100;300;400;500;700;900&family=Open+Sans:wght@100;300;400;500;700;900&family=Oswald:wght@100;300;400;500;700;900&family=Oxygen:wght@100;300;400;500;700;900&family=PT+Sans:wght@100;300;400;500;700;900&family=PT+Serif:wght@100;300;400;500;700;900&family=Patua+Online:wght@100;300;400;500;700;900&family=Playfair+Display:wght@100;300;400;500;700;900&family=Poppins:wght@100;300;400;500;700;900&family=Quicksand:wght@100;300;400;500;700;900&family=Raleway:wght@100;300;400;500;700;900&family=Roboto:wght@100;300;400;500;700;900&family=Roboto+Condensed:wght@100;300;400;500;700;900&family=Roboto+Mono:wght@100;300;400;500;700;900&family=Roboto+Slab:wght@100;300;400;500;700;900&family=Rubik:wght@100;300;400;500;700;900&family=Sigmar+One:wght@100;300;400;500;700;900&family=Source+Sans+Pro:wght@100;300;400;500;700;900&family=Special+Elite:wght@100;300;400;500;700;900&family=Titillium+Web:wght@100;300;400;500;700;900&family=Ubuntu:wght@100;300;400;500;700;900&family=Work+Sans&display=swap
Requested by
Host: hendricksen-innovations.leadshook.io
URL: https://hendricksen-innovations.leadshook.io/survey/ANdr9oin6NEjPM5f8iWCq7ulQYIVA5J3S9kqJCCl?embed=true&index=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d40a99bfc6c487df5f51e8fe051e699c9c4f312c066bc27dab4701804c3b009c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hendricksen-innovations.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 30 Sep 2023 05:31:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 30 Sep 2023 05:31:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 30 Sep 2023 05:31:10 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 3329
197 KB
52 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: hendricksen-innovations.leadshook.io
URL: https://hendricksen-innovations.leadshook.io/survey/ANdr9oin6NEjPM5f8iWCq7ulQYIVA5J3S9kqJCCl?embed=true&index=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
275a43b12f692b2930a431505a506f0ddff81d732b5cef0d30f4396abdb40637
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hendricksen-innovations.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 30 Sep 2023 05:31:10 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53277
x-xss-protection
0
pragma
public
x-fb-debug
SjmKtmRhAEkKMIBNy4ZgqiUUX0Gl1qClNTKcD8C/4eB8UhKn1wUipqmnBSBaimrZ+nkQAJBN218v/FURpqCfuQ==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=901028416583172&ev=PageView&dl=https%3A%2F%2Firstaxrelief.co&rl=&if=false&ts=1696051871021&sw=1600&sh=1200&v=2.9.131&r=stable&ec=0&o=28&fbp=fb.1.1696051871019.1692190687&pm=1&hrl=3a6957&ler=empty&it=1696051870809&coo=false&cs_cc=1&cas=5901251553240471%2C3402122016549293&exp=a0&rqm=GET
Requested by
Host: irstaxrelief.co
URL: https://irstaxrelief.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 30 Sep 2023 05:31:11 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
nodetracker
hendricksen-innovations.leadshook.io/api/ Frame 3329
0
198 B
XHR
General
Full URL
https://hendricksen-innovations.leadshook.io/api/nodetracker
Requested by
Host: static.leadshook.io
URL: https://static.leadshook.io/app/a50169db.frontend_vendor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.16.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-16-4.compute-1.amazonaws.com
Software
nginx/1.19.9 / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://hendricksen-innovations.leadshook.io/survey/ANdr9oin6NEjPM5f8iWCq7ulQYIVA5J3S9kqJCCl?embed=true&index=0
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

access-control-allow-origin
https://hendricksen-innovations.leadshook.io
date
Sat, 30 Sep 2023 05:31:11 GMT
access-control-allow-credentials
true
server
nginx/1.19.9
x-username
undefined
x-powered-by
Express
vary
X-HTTP-Method-Override, Origin
pixel.png
d2zdr2rqflfo3.cloudfront.net/ Frame 3329
95 B
413 B
Image
General
Full URL
https://d2zdr2rqflfo3.cloudfront.net/pixel.png?host=hendricksen-innovations.leadshook.io&subdomain=hendricksen-innovations&accountId=1208&quizId=48057&leadId=426789819&quizVersionId=14
Requested by
Host: hendricksen-innovations.leadshook.io
URL: https://hendricksen-innovations.leadshook.io/survey/ANdr9oin6NEjPM5f8iWCq7ulQYIVA5J3S9kqJCCl?embed=true&index=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.118.220 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-118-220.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hendricksen-innovations.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:12 GMT
via
1.1 0dec5f752f0f332c449471a83f050dd2.cloudfront.net (CloudFront)
last-modified
Sat, 28 Sep 2019 18:11:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
etag
"9591c410148e6883727c5339fd1c02cd"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
95
x-amz-cf-id
oBvfPgXhSlCwPRyXr0a-jUb2SNHPU-9TUK1hn8WtU4PMqt_wPQqtVQ==
icon-irs-1591388980996.png
static.leadshook.io/upload/hendricksen-innovations/ Frame 3329
13 KB
14 KB
Image
General
Full URL
https://static.leadshook.io/upload/hendricksen-innovations/icon-irs-1591388980996.png
Requested by
Host: hendricksen-innovations.leadshook.io
URL: https://hendricksen-innovations.leadshook.io/survey/ANdr9oin6NEjPM5f8iWCq7ulQYIVA5J3S9kqJCCl?embed=true&index=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-64.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d790f65970a8db0ac0a81605e7bb05a2de000955c1b76d08730513b7ba15be4

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hendricksen-innovations.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:12 GMT
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Fri, 05 Jun 2020 20:29:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"cda463a2cd11b3f80bda960a96eec4a1"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
13549
x-amz-cf-id
z1AngiihoNxW171dUQ6efU_bE7LeU6KdOE9H2nr4ZSLuW2D4rXEplA==
icon-state-1591389067945.png
static.leadshook.io/upload/hendricksen-innovations/ Frame 3329
9 KB
10 KB
Image
General
Full URL
https://static.leadshook.io/upload/hendricksen-innovations/icon-state-1591389067945.png
Requested by
Host: hendricksen-innovations.leadshook.io
URL: https://hendricksen-innovations.leadshook.io/survey/ANdr9oin6NEjPM5f8iWCq7ulQYIVA5J3S9kqJCCl?embed=true&index=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-64.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87a2dc43761d108dff44970fe929996472c46855d09e997d812c9ef97ccc9ab8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hendricksen-innovations.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:12 GMT
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Fri, 05 Jun 2020 20:31:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"94d7536d3aa67b801f0daddd7f66f634"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
9456
x-amz-cf-id
wf0EGM5AYq8rgRVlLI2X9n2I3PVpTfwf6L-9No4RHxyfP2hrrixqgA==
icon-both-1591389087358.png
static.leadshook.io/upload/hendricksen-innovations/ Frame 3329
15 KB
15 KB
Image
General
Full URL
https://static.leadshook.io/upload/hendricksen-innovations/icon-both-1591389087358.png
Requested by
Host: hendricksen-innovations.leadshook.io
URL: https://hendricksen-innovations.leadshook.io/survey/ANdr9oin6NEjPM5f8iWCq7ulQYIVA5J3S9kqJCCl?embed=true&index=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-64.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f5f8a896dbfb61dba4b3b98a41950f757ff0c2bdc3edc316cc41b77d643dd52

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hendricksen-innovations.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:12 GMT
via
1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
last-modified
Fri, 05 Jun 2020 20:31:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
etag
"981a6b61a51f7aa3c5a8eb79c797de1c"
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
15187
x-amz-cf-id
yDz3hvLnPIqW59QThzBwOIuigjDHfA49iTF0BRR1FuzPevjJO_LNNA==
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3329
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abel:wght@100;300;400;500;700;900&family=Abril+Fatface:wght@100;300;400;500;700;900&family=Barlow:wght@100;300;400;500;700;900&family=Bitter:wght@100;300;400;500;700;900&family=Comforta:wght@100;300;400;500;700;900&family=Droid+Serif:wght@100;300;400;500;700;900&family=Inconsolata:wght@100;300;400;500;700;900&family=Josefin+Sans:wght@100;300;400;500;700;900&family=Josefin+Slab:wght@100;300;400;500;700;900&family=Lato:wght@100;300;400;500;700;900&family=Libre+Franklin:wght@100;300;400;500;700;900&family=Lobset+Two:wght@100;300;400;500;700;900&family=Lobster:wght@100;300;400;500;700;900&family=Lora:wght@100;300;400;500;700;900&family=Merriweather:wght@100;300;400;500;700;900&family=Montserrat:wght@100;300;400;500;700;900&family=Muli:wght@100;300;400;500;700;900&family=Noto+Sans:wght@100;300;400;500;700;900&family=Nunito:wght@100;300;400;500;700;900&family=Nunito+Sans:wght@100;300;400;500;700;900&family=Open+Sans:wght@100;300;400;500;700;900&family=Oswald:wght@100;300;400;500;700;900&family=Oxygen:wght@100;300;400;500;700;900&family=PT+Sans:wght@100;300;400;500;700;900&family=PT+Serif:wght@100;300;400;500;700;900&family=Patua+Online:wght@100;300;400;500;700;900&family=Playfair+Display:wght@100;300;400;500;700;900&family=Poppins:wght@100;300;400;500;700;900&family=Quicksand:wght@100;300;400;500;700;900&family=Raleway:wght@100;300;400;500;700;900&family=Roboto:wght@100;300;400;500;700;900&family=Roboto+Condensed:wght@100;300;400;500;700;900&family=Roboto+Mono:wght@100;300;400;500;700;900&family=Roboto+Slab:wght@100;300;400;500;700;900&family=Rubik:wght@100;300;400;500;700;900&family=Sigmar+One:wght@100;300;400;500;700;900&family=Source+Sans+Pro:wght@100;300;400;500;700;900&family=Special+Elite:wght@100;300;400;500;700;900&family=Titillium+Web:wght@100;300;400;500;700;900&family=Ubuntu:wght@100;300;400;500;700;900&family=Work+Sans&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hendricksen-innovations.leadshook.io
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Tue, 26 Sep 2023 01:26:25 GMT
x-content-type-options
nosniff
age
360286
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 25 Sep 2024 01:26:25 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3329
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Abel:wght@100;300;400;500;700;900&family=Abril+Fatface:wght@100;300;400;500;700;900&family=Barlow:wght@100;300;400;500;700;900&family=Bitter:wght@100;300;400;500;700;900&family=Comforta:wght@100;300;400;500;700;900&family=Droid+Serif:wght@100;300;400;500;700;900&family=Inconsolata:wght@100;300;400;500;700;900&family=Josefin+Sans:wght@100;300;400;500;700;900&family=Josefin+Slab:wght@100;300;400;500;700;900&family=Lato:wght@100;300;400;500;700;900&family=Libre+Franklin:wght@100;300;400;500;700;900&family=Lobset+Two:wght@100;300;400;500;700;900&family=Lobster:wght@100;300;400;500;700;900&family=Lora:wght@100;300;400;500;700;900&family=Merriweather:wght@100;300;400;500;700;900&family=Montserrat:wght@100;300;400;500;700;900&family=Muli:wght@100;300;400;500;700;900&family=Noto+Sans:wght@100;300;400;500;700;900&family=Nunito:wght@100;300;400;500;700;900&family=Nunito+Sans:wght@100;300;400;500;700;900&family=Open+Sans:wght@100;300;400;500;700;900&family=Oswald:wght@100;300;400;500;700;900&family=Oxygen:wght@100;300;400;500;700;900&family=PT+Sans:wght@100;300;400;500;700;900&family=PT+Serif:wght@100;300;400;500;700;900&family=Patua+Online:wght@100;300;400;500;700;900&family=Playfair+Display:wght@100;300;400;500;700;900&family=Poppins:wght@100;300;400;500;700;900&family=Quicksand:wght@100;300;400;500;700;900&family=Raleway:wght@100;300;400;500;700;900&family=Roboto:wght@100;300;400;500;700;900&family=Roboto+Condensed:wght@100;300;400;500;700;900&family=Roboto+Mono:wght@100;300;400;500;700;900&family=Roboto+Slab:wght@100;300;400;500;700;900&family=Rubik:wght@100;300;400;500;700;900&family=Sigmar+One:wght@100;300;400;500;700;900&family=Source+Sans+Pro:wght@100;300;400;500;700;900&family=Special+Elite:wght@100;300;400;500;700;900&family=Titillium+Web:wght@100;300;400;500;700;900&family=Ubuntu:wght@100;300;400;500;700;900&family=Work+Sans&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hendricksen-innovations.leadshook.io
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Wed, 27 Sep 2023 16:50:19 GMT
x-content-type-options
nosniff
age
218452
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Sep 2024 16:50:19 GMT
geoip
hendricksen-innovations.leadshook.io/api/ Frame 3329
3 KB
1020 B
XHR
General
Full URL
https://hendricksen-innovations.leadshook.io/api/geoip?leadId=426789819
Requested by
Host: static.leadshook.io
URL: https://static.leadshook.io/app/a50169db.frontend_vendor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.16.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-16-4.compute-1.amazonaws.com
Software
nginx/1.19.9 / Express
Resource Hash
28036b316790685a375d8d85c0737d328887b249226777558d8e479d7c485ef2

Request headers

Accept
*/*
Referer
https://hendricksen-innovations.leadshook.io/survey/ANdr9oin6NEjPM5f8iWCq7ulQYIVA5J3S9kqJCCl?embed=true&index=0
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:11 GMT
content-encoding
gzip
server
nginx/1.19.9
x-username
undefined
x-powered-by
Express
etag
W/"d5e-vDxA+3rf1lzcvGh97vcjcFMeMJI"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-cache-status
MISS
leaddevice
hendricksen-innovations.leadshook.io/api/ Frame 3329
1 KB
666 B
XHR
General
Full URL
https://hendricksen-innovations.leadshook.io/api/leaddevice?leadId=426789819&ua=Mozilla%2F5.0+(Windows+NT+10.0%3B+Win64%3B+x64)+AppleWebKit%2F537.36+(KHTML%2C+like+Gecko)+Chrome%2F117.0.5938.132+Safari%2F537.36
Requested by
Host: static.leadshook.io
URL: https://static.leadshook.io/app/a50169db.frontend_vendor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.16.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-16-4.compute-1.amazonaws.com
Software
nginx/1.19.9 / Express
Resource Hash
a686c829ebf157a0ee565bcfdad2409c4669963861d0e1e701eefae85d38deef

Request headers

Accept
*/*
Referer
https://hendricksen-innovations.leadshook.io/survey/ANdr9oin6NEjPM5f8iWCq7ulQYIVA5J3S9kqJCCl?embed=true&index=0
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 05:31:11 GMT
content-encoding
gzip
server
nginx/1.19.9
x-username
undefined
x-powered-by
Express
etag
W/"567-1/cRCnT1EjhXHsInDpUnn0+PABc"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
x-cache-status
MISS
901028416583172
connect.facebook.net/signals/config/ Frame 3329
116 KB
31 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/901028416583172?v=2.9.131&r=stable&domain=irstaxrelief.co
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4bf144bd9177751b760250e14c22cc04dc2af058684ec9273d19a6e05ebd8b16
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hendricksen-innovations.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 30 Sep 2023 05:31:11 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
31348
x-xss-protection
0
pragma
public
x-fb-debug
CKOe/9RvfdJ4xye3Gf9R1rlhcKftl3lbUTT6MApxxFo+YbIBpewZJ0eymGtWbPBUDVgQUAWt9svdHiJ4bBWa+Q==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ Frame 3329
0
31 B
Image
General
Full URL
https://www.facebook.com/tr/?id=901028416583172&ev=PageView&dl=https%3A%2F%2Fhendricksen-innovations.leadshook.io&rl=https%3A%2F%2Firstaxrelief.co&if=true&ts=1696051871278&sw=1600&sh=1200&v=2.9.131&r=stable&ec=0&o=28&pm=1&hrl=3a6957&ler=other&it=1696051871235&coo=false&cs_cc=1&cas=5901251553240471%2C3402122016549293&exp=a0&rqm=GET
Requested by
Host: hendricksen-innovations.leadshook.io
URL: https://hendricksen-innovations.leadshook.io/survey/ANdr9oin6NEjPM5f8iWCq7ulQYIVA5J3S9kqJCCl?embed=true&index=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://hendricksen-innovations.leadshook.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 30 Sep 2023 05:31:11 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
426789819
hendricksen-innovations.leadshook.io/api/leads/ Frame 3329
771 B
767 B
XHR
General
Full URL
https://hendricksen-innovations.leadshook.io/api/leads/426789819
Requested by
Host: static.leadshook.io
URL: https://static.leadshook.io/app/a50169db.frontend_vendor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.16.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-16-4.compute-1.amazonaws.com
Software
nginx/1.19.9 / Express
Resource Hash
bbb98944feea4690d1e43e9068651f414ac0fe5d4436d1d8b5c4a68579879996

Request headers

Accept
application/json, text/plain, */*
Referer
https://hendricksen-innovations.leadshook.io/survey/ANdr9oin6NEjPM5f8iWCq7ulQYIVA5J3S9kqJCCl?embed=true&index=0
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sat, 30 Sep 2023 05:31:11 GMT
content-encoding
gzip
server
nginx/1.19.9
x-username
undefined
x-powered-by
Express
etag
W/"303-sRKeTw/o/3lzdlH8t/wzicYYD7s"
vary
Accept-Encoding, Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://hendricksen-innovations.leadshook.io
access-control-allow-credentials
true
358950718
hendricksen-innovations.leadshook.io/api/impressions/ Frame 3329
3 B
273 B
XHR
General
Full URL
https://hendricksen-innovations.leadshook.io/api/impressions/358950718
Requested by
Host: static.leadshook.io
URL: https://static.leadshook.io/app/a50169db.frontend_vendor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.198.16.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-198-16-4.compute-1.amazonaws.com
Software
nginx/1.19.9 / Express
Resource Hash
080a9ed428559ef602668b4c00f114f1a11c3f6b02a435f0bdc154578e4d7f22

Request headers

Accept
application/json, text/plain, */*
Referer
https://hendricksen-innovations.leadshook.io/survey/ANdr9oin6NEjPM5f8iWCq7ulQYIVA5J3S9kqJCCl?embed=true&index=0
X-Requested-With
XMLHttpRequest
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

date
Sat, 30 Sep 2023 05:31:11 GMT
server
nginx/1.19.9
x-username
undefined
x-powered-by
Express
etag
W/"3-9imuRLez3P7URNNj5ibt9BHsaag"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://hendricksen-innovations.leadshook.io
access-control-allow-credentials
true
content-length
3
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W4X83RS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 30 Sep 2023 03:44:21 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
6411
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 30 Sep 2023 05:44:21 GMT
/
www.facebook.com/tr/
0
18 B
Image
General
Full URL
https://www.facebook.com/tr/?id=901028416583172&ev=ViewContent&dl=https%3A%2F%2Firstaxrelief.co&rl=&if=false&ts=1696051872838&cd[content_name]=Tax%20%7C%20IRSTaxRelief.co&cd[content_category]=LH_first_visit&cd[content_type]=LH%20First%20Visit&sw=1600&sh=1200&v=2.9.131&r=stable&ec=1&o=28&fbp=fb.1.1696051871019.1692190687&pm=1&hrl=2abacb&ler=empty&it=1696051870809&coo=false&eid=849970_426789819_first&cs_cc=1&cas=5560909953939008%2C5901251553240471%2C3402122016549293&exp=a0&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 30 Sep 2023 05:31:12 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
collect
www.google-analytics.com/j/
3 B
207 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1404125495&t=event&ni=0&_s=1&dl=https%3A%2F%2Firstaxrelief.co%2F&ul=en-us&de=UTF-8&dt=Instant%20Tax%20Attorney%20%E2%80%93%20IRS%20Tax%20Debt%20Relief&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=LH_first_visit&ea=LH%20First%20Visit&el=Tax%20%7C%20IRSTaxRelief.co&_u=YADAAEABAAAAACAAI~&jid=603162009&gjid=250906445&cid=588088158.1696051871&tid=UA-12345678-9&_gid=90455405.1696051873&_r=1&_slc=1&gtm=45He39r0n81W4X83RS&z=1269772265
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://irstaxrelief.co/
accept-language
nl-NL,nl;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 30 Sep 2023 05:31:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://irstaxrelief.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
132 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1404125495&t=event&ni=0&_s=1&dl=https%3A%2F%2Firstaxrelief.co%2F&ul=en-us&de=UTF-8&dt=Instant%20Tax%20Attorney%20%E2%80%93%20IRS%20Tax%20Debt%20Relief&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=LH_view_tax_q_1&ea=LH%20Page%20View%20Event&el=Tax%20%7C%20IRSTaxRelief.co&ev=0&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=588088158.1696051871&tid=UA-12345678-9&_gid=90455405.1696051873&gtm=45He39r0n81W4X83RS&z=1487598181
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Sep 2023 21:06:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
30288
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/
0
15 B
Image
General
Full URL
https://www.facebook.com/tr/?id=901028416583172&ev=ViewContent&dl=https%3A%2F%2Firstaxrelief.co&rl=&if=false&ts=1696051873072&cd[content_name]=Tax%20%7C%20IRSTaxRelief.co&cd[content_category]=LH_view_tax_q_1&cd[content_type]=LH%20Page%20View%20Event&sw=1600&sh=1200&v=2.9.131&r=stable&ec=2&o=28&fbp=fb.1.1696051871019.1692190687&pm=1&hrl=2abacb&ler=empty&it=1696051870809&coo=false&eid=849970_426789819_enter&cs_cc=1&cas=5560909953939008%2C5901251553240471%2C3402122016549293&exp=a0&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://irstaxrelief.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 30 Sep 2023 05:31:13 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture undefined| $ function| jQuery object| dataLayer function| attrUnescape function| parseAttributes function| getViewport function| addEvent number| mobileBreakpoint function| resize object| CSSModal object| LH object| quizzes function| _createClass function| _classCallCheck function| RocketBrowserCompatibilityChecker object| RocketPreloadLinksConfig object| webpackChunkelementor_pro object| webpackChunkelementor object| elementorModules object| runtime object| regeneratorRuntime object| wp function| sprintf function| vsprintf object| ElementorProFrontendConfig object| elementorProFrontend function| Waypoint object| elementorFrontendConfig object| elementorFrontend function| Sticky object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady function| LazyLoad object| google_tag_manager object| google_tag_data function| fbq function| _fbq object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| gaGlobal object| tokens object| messages function| receiveMessage string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData

11 Cookies

Domain/Path Name / Value
.youtube.com/ Name: YSC
Value: 2tqL5c9gD7c
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: QmqAE8M8J84
hendricksen-innovations.leadshook.io/ Name: AWSALBTGCORS
Value: EY9Ldx1rJQYugH/WvXPqjIa+ihVRHfwykZAZjmaDr2RPH/ANscDSAtVkfQ6EakGsebhpI5ohsWR36NMXLa82BEWhjfTKRLLAWCGWD7Nlk4cTA3w8tnkAun/rcVpOpoKfiMjVNe+F1Kw4uVsgtXnrgOKbqKUWmC0Z89/jA2+PaJb87VlG7NlrYH8t3OtIXyqnDV1ddZyNhMrZ02sYlOf/6b89wPSgAMuWmhUiEZlf0jBM1BOrvbk1YcqJ7Tq1JnxPSHRf1Gw=
hendricksen-innovations.leadshook.io/ Name: AWSALBCORS
Value: HrMhjaASjsxICexZKUL82zTB7+OPPvno3P5HkQLFCakG/I2VDet+pHo0Bsctr8SAtoYwb64zc7aiI1q1oBG3nin5FbC3wQUdclxHHl6lw5r6Z2xuC0Gvg5Y56Ocl
hendricksen-innovations.leadshook.io/ Name: ANdr9oin6NEjPM5f8iWCq7ulQYIVA5J3S9kqJCCl.leadData
Value: j%3A%7B%22leadId%22%3A426789819%2C%22leadToken%22%3A%22ANdr9oin6NEjPM5f8iWCq7ulQYIVA5J3S9kqJCClnVCYfuO1WL1YuGcoUXhb%22%2C%22quizId%22%3A48057%7D
.irstaxrelief.co/ Name: _gcl_au
Value: 1.1.1296002795.1696051871
.irstaxrelief.co/ Name: _fbp
Value: fb.1.1696051871019.1692190687
.irstaxrelief.co/ Name: _ga
Value: GA1.2.588088158.1696051871
.irstaxrelief.co/ Name: _gid
Value: GA1.2.90455405.1696051873
.irstaxrelief.co/ Name: _gat_UA-12345678-9
Value: 1
.irstaxrelief.co/ Name: _ga_RVRE5L9M8S
Value: GS1.1.1696051870.1.0.1696051873.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
connect.facebook.net
d2zdr2rqflfo3.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
hendricksen-innovations.leadshook.io
irstaxrelief.co
polyfill.leadshook.io
region1.google-analytics.com
static.leadshook.io
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
13.224.189.3
13.32.118.220
13.32.99.64
2001:4860:4802:34::36
2606:4700::6811:180e
2a00:1450:4001:806::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::200e
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3121::3
44.198.16.4
00cd51382f2cc1c51288469feb95888f7e4beb126e377452b26b80244f409f7f
00ec34da58bf930b72fb2d61d03d0e88edbe97dbe9df9ec881b40555734bd414
06f86b6fe129ddcc21da575ecf860a8e59431cd3bce41afb6534e0b87371dba6
076546002a8b8baa066718b45d88e23a67288d83e4118115579088e61cbbecda
07c9873c5d2ffb2aaab1a798fa024ce5c08a2ab5cc9ac7814283e7ff80890447
080a9ed428559ef602668b4c00f114f1a11c3f6b02a435f0bdc154578e4d7f22
0e4b2020366cf0e467191b309fe8f9a946228e2834bf2c053ae7cb8facb1d97f
11b86b79a3bcca03a5c1465b3910b6f25822d9eac7c39f826fb928174b617b07
11b988ad95739d6b5c7fd4b2a033e5f21ac28de03da98e600e5132e6ba78646f
18614606d320439a121e4f4b77c33b944d9cef43ed48cecb48e8b4428580a803
189526e3c25dc1cd28633db393e38d926f86432f000908ed3f55aaef43778cc0
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1d779e15618288d4d715c38039a70a0e2a7a139651a39803cc91f6df788c1f0a
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
26386cd10f3a3c472b22bc53b085371bc9364da0965448f67a63e17199bcd988
275a43b12f692b2930a431505a506f0ddff81d732b5cef0d30f4396abdb40637
28036b316790685a375d8d85c0737d328887b249226777558d8e479d7c485ef2
2ba3544888c16ea37a9da809bd4628a3d32dc783299376fadabb6ed485e988b8
2d790f65970a8db0ac0a81605e7bb05a2de000955c1b76d08730513b7ba15be4
3365e2d0c22a37d13f2fe9f86dbf3366fa342963b64b2fd93ac2706d77089baf
35ce49a8411f941ebfd58091a9206b2d87fb270da70dd2abdd9c9225101dcf09
3715b504c68323affe436a0169f96fcccfff8f0632a7bce1ca2a762ff714fd17
3e187e4a8a9f228ce430019536e1bc7c83a4da9b3a049b5cb8203f1b08392d9c
3e473b99d06c831a749697194cfcfaa225f324bdba152002b44d5d7ab1559bea
478aa39121932c0ba8866d252208716b98ef8990bb956a45797d9ed743ebb963
47fb6e967d823bdb76acdbd458fa46b9138be5aa3f125b26b477b7312cf62599
4a3b10921ecc27d8fe98e42ee9a784d469ecacd2a110d7d887e165ff37477c3c
4b0864712c6e7ca75f8c003f7bc1a9270af33d6becd4119463771593274c48d2
4bf144bd9177751b760250e14c22cc04dc2af058684ec9273d19a6e05ebd8b16
4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032
4f42fa1fe21c3cdf7ccfa09bfb44d1325bd3713e1ddb82e661e2c28002eef957
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
58b9222fa1a1cd4ef0c0f1f537ad8bde859d0dffcab04a8b46c5a16bcfc24e5a
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5f5f8a896dbfb61dba4b3b98a41950f757ff0c2bdc3edc316cc41b77d643dd52
61c45e2bf4eecf61ebca61e7204b1163436e0dbed20c1bdd4eed68f834af26fd
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
691fa7d17effc7d303eda0ad7e4a1d91b2f375506cfc8a774480cc2b55f156ea
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
697e78e3993d10dfbc31409458586dd43c7895bb2772466eba5cc94d10c53264
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7f161501494bc2f199eaf414c3104318a00e2072f272ebce45540eef58cfb08b
8022d018cf850c02b580b4d97b53a03518af6260efc76cb1d7a647b14c2f8813
805f109c4c821372e30f43d7d288fbadf88d62aaa3964fcc432f06ecb5909280
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8472e3147e5a3fc79ff726d3cffee1beb68b39f3d75da08628c2edd0a3bee43f
87a2dc43761d108dff44970fe929996472c46855d09e997d812c9ef97ccc9ab8
893cc6c453558edf50b85629253021640965243fce990c82692aa1cf00791887
8afc6e5e842baab16010c2ce6fcf48ec4ded8e1579a37c1f1bc027e120d04951
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9b5283387ec103868d83ebcb8ed6516cf4b29fa6c1490991ce3aff980aadfe02
a686c829ebf157a0ee565bcfdad2409c4669963861d0e1e701eefae85d38deef
a7bb50f6b2fe1669823aded1f118d5c9d47952c9465d658649f84f183e3ecc13
aab6b08c75834ec555a87c4a633c9b41f4a90b3fde2d3971f3d3c96ff278597d
ae425b1366b7e83a9601e88aa4533dff0cefba80718b5b66bd8204ed967c3312
aec33c581d5e02e4431f1afc6396a33f1637ad979a3412a2ecc237932af3c8a0
af8e0c2f9a98f639588c7b32f93643c644c7ae463c7e52a9efa56619cb0fb6d3
b00cbc0ab0a8a635ebeaf832cc1e0775145b3775e617ede3c1e45f19681ffcba
b370f6233409b571bdb0abef8bdee915f95fd28740fa9a1f28953d1037eeb232
b37cfbed115311e2234d160428f52aad1a8baae0edbd0f5abeaa3115495a19f1
b8e66c68cc11100b0d7021af4be447d0c7fc6eed5086b2519ca01e619e6ef5ec
b90300815db52a38326ef42db99656a68ee8b1bc180ab6abcd5eae9149b24144
bbb98944feea4690d1e43e9068651f414ac0fe5d4436d1d8b5c4a68579879996
bbdb1eb69c6b5cbffaf1be2df2bcbd4a97d2823de9f4b856aae722900a5e27c7
beeefddc7bc976a55d91c514398d309c3ce9de06381ca4a7b215d799d2fdd64d
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c64f7cc07a9e54553311d088dab88ef7cbde4788794d3468ea8e83f7702a9635
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cafbd551d674da240212f6c44988757a728b9dc8cbc2a6c8dcf53c0d9159c323
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cdb69fa70a5f1278ecaaab1ba6606fe5ba6e7af7404cd05cbc9f1a28622be5e6
cf318affe78386fd3458c28d3148eb84d7443f8ccf8ad74088f5f051c50b9ba4
cfa78307ddf4f855127dc53edcd4f16028052ab1a48212193b3c7d52cd88af15
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
d40a99bfc6c487df5f51e8fe051e699c9c4f312c066bc27dab4701804c3b009c
d7a95ea75f41cf76aa5f8eaab3095d653610966a126b02e6d1395f85410f3384
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
dc7e118b7e07217031d017282955569cb66891f527050135caadb2dd5779824f
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2a7eb08cd38d895c5fa0e97c12e98289342ad7a0e1b6df5ab6e2f34a326dfc9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6c1823bc1d37e4707ef75e6370d009fc00d687021e6cb0e7ba8f4539478188a
eee1ce2620eaf7f585a69794864001be0bde74b874d6a18b9f2d11f074229f2b
f032f0b942ea9f4bd771ddb2262c518e948328a305a5268dacc74f3eee364514
f31759b3d2030d29b52af5d5241ccf43c18f7def17296276c5ae3321775cc86a
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615