www.offitkurman.com Open in urlscan Pro
192.196.158.175 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u102619.ct.sendgrid.net/ls/click?upn=uYpDifjNEaLWWtYC22gox703cCxLrDc7-2FAqpBa-2FprHoIh6ZxjQyL-2FkQUpJT2jo6m5DY41VG21eCvZ...
Effective URL:
https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Submission: On September 01 via manual (September 1st 2022, 6:22:23 pm UTC) from US — Scanned from DE

Summary HTTP 69 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 16 domains to perform 69 HTTP transactions. The main IP is 192.196.158.175, located in United States and belongs to PRIVATESYSTEMS, US. The main domain is www.offitkurman.com. The Cisco Umbrella rank of the primary domain is 780455.
TLS certificate: Issued by cPanel, Inc. Certification Authority on July 5th 2022. Valid for: 3 months.

This is the only time www.offitkurman.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.118.28 167.89.118.28	11377 (SENDGRID) (SENDGRID)
33	192.196.158.175 192.196.158.175	63410 (PRIVATESY...) (PRIVATESYSTEMS)
5	151.139.128.11 151.139.128.11	20446 (STACKPATH...) (STACKPATH-CDN)
1	2a00:1450:400... 2a00:1450:400a:800::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	54.197.98.98 54.197.98.98	14618 (AMAZON-AES) (AMAZON-AES)
1 2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0b::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	52.200.239.86 52.200.239.86	14618 (AMAZON-AES) (AMAZON-AES)
1	107.20.147.136 107.20.147.136	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	2604:a880:800... 2604:a880:800:10::462:6001	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
69	20

1 167.89.118.28 (Las Vegas, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789118x28.outbound-mail.sendgrid.net

u102619.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 192.196.158.175 (United States)

ASN63410 (PRIVATESYSTEMS, US)

www.offitkurman.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)

cdn.shareaholic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m9m6e2w5.stackpathcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400a:800::200a (Zurich, Switzerland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.197.98.98 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-98-98.compute-1.amazonaws.com

www.shareaholic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.200.239.86 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-239-86.compute-1.amazonaws.com

analytics.shareaholic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.20.147.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-147-136.compute-1.amazonaws.com

partner.shareaholic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2604:a880:800:10::462:6001 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

moderate2.cleantalk.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	offitkurman.com www.offitkurman.com — Cisco Umbrella Rank: 780455	472 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 66	252 KB
4	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 85 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37 region1.google-analytics.com — Cisco Umbrella Rank: 3463	20 KB
4	stackpathcdn.com m9m6e2w5.stackpathcdn.com — Cisco Umbrella Rank: 21525	111 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6487	900 B
3	gstatic.com fonts.gstatic.com www.gstatic.com	67 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	656 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	315 B
2	shareaholic.com analytics.shareaholic.com — Cisco Umbrella Rank: 20096 partner.shareaholic.com — Cisco Umbrella Rank: 25799	648 B
2	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 132	16 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 154	111 KB
2	shareaholic.net cdn.shareaholic.net — Cisco Umbrella Rank: 22308 www.shareaholic.net — Cisco Umbrella Rank: 19817	7 KB
1	cleantalk.org moderate2.cleantalk.org — Cisco Umbrella Rank: 53955	364 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	1 KB
1	sendgrid.net 1 redirects u102619.ct.sendgrid.net	311 B
69	16

	Domain	Requested by
33	www.offitkurman.com	www.offitkurman.com
5	www.googletagmanager.com	www.offitkurman.com www.googletagmanager.com
4	m9m6e2w5.stackpathcdn.com	cdn.shareaholic.net www.offitkurman.com
3	www.google.de	www.offitkurman.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.google.com	www.offitkurman.com
2	www.facebook.com	www.offitkurman.com
2	googleads.g.doubleclick.net	www.googleadservices.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	www.gstatic.com	www.googletagmanager.com www.gstatic.com
2	www.googleadservices.com	1 redirects www.googletagmanager.com
2	connect.facebook.net	www.offitkurman.com connect.facebook.net
1	moderate2.cleantalk.org
1	partner.shareaholic.com	m9m6e2w5.stackpathcdn.com
1	analytics.shareaholic.com	m9m6e2w5.stackpathcdn.com
1	region1.google-analytics.com	www.googletagmanager.com
1	www.shareaholic.net	cdn.shareaholic.net
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	www.offitkurman.com
1	cdn.shareaholic.net	www.offitkurman.com
1	u102619.ct.sendgrid.net	1 redirects
69	21

This site contains links to these domains. Also see Links.

Domain
paylink.paytrace.com
www.facebook.com
twitter.com
www.linkedin.com
www.youtube.com
www.instagram.com
health1.aetna.com

Subject Issuer	Validity	Valid
offitkurman.com cPanel, Inc. Certification Authority	`2022-07-05` - `2022-10-03`	3 months	crt.sh
cdn.shareaholic.net R3	`2022-07-10` - `2022-10-08`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-06-11` - `2022-09-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-15` - `2022-11-07`	3 months	crt.sh
*.stackpathcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-05-04` - `2023-05-31`	a year	crt.sh
*.shareaholic.net R3	`2022-08-21` - `2022-11-19`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
shareaholic.com Amazon	`2022-06-01` - `2023-06-29`	a year	crt.sh
*.shareaholic.com R3	`2022-08-17` - `2022-11-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.cleantalk.org Sectigo RSA Domain Validation Secure Server CA	`2021-09-03` - `2022-09-24`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Frame ID: BECF433D0E397B7226CF31EAF3CB0852
Requests: 69 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2F8FD39D965D5197E6E0A85976D51C4D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Harvesting Tax Credits Is Legitimate Business for Tax Purposes | Offit Kurman

Page URL History Show full URLs

https://u102619.ct.sendgrid.net/ls/click?upn=uYpDifjNEaLWWtYC22gox703cCxLrDc7-2FAqpBa-2FprHoIh6ZxjQyL-2FkQUp... HTTP 302
https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

69
Requests

99 %
HTTPS

65 %
IPv6

16
Domains

21
Subdomains

20
IPs

5
Countries

1063 kB
Transfer

3209 kB
Size

18
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://paylink.paytrace.com/?m=eyJhbGciOiJBMjU2S1ciLCJlbmMiOiJBMTI4R0NNIn0.lDhJMj951pDLcfOgLpAM5OaeOUEcY94D.axlP9GvHGbOPtHda.ElzkbHVNV3geZoHQyorznJeQ9b5egLoOT-ES-wqXT4D8VtrcxJWhNpqMFIT3kxUVAFA1-7m1gwhEx-uD2Unh3ZxplEVwlh4tt7TYjPzgOLT14wvLzSfgOx2EfC2MCaVjVEtwgo2eh9vko09VtV9hQO3zt1sOavwmVEoIiu9SucfyrTtAEr3GkukVj4Hkj62I9-wPXmgAePTVchEglDFrPtPSz0vPrySP5RiUSLKE5qA5yho7htlkat8AwoxfaefRFRBRuMZFjfX1zxVLE_Gu8FCkJ2g6SY3PS1NcBA._STB0mAH5-vNDpPZT4Cikg&amount=&invoice=
Title: Bill Pay

Search URL Search Domain Scan URL

URL: https://www.facebook.com/offitkurman
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/OffitKurmanLaw
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/offit-kurman-p-a-
Title: Linkedin

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCxctkjbiN3aO1SO7oSy9kHg
Title: Youtube

Search URL Search Domain Scan URL

URL: https://www.instagram.com/offit_kurman/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://health1.aetna.com/app/public/#/one/insurerCode=AETNACVS_I&brandCode=ALICSI/machine-readable-transparency-in-coverage?searchTerm=95310020&lock=true
Title: Consolidated Appropriations Act

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u102619.ct.sendgrid.net/ls/click?upn=uYpDifjNEaLWWtYC22gox703cCxLrDc7-2FAqpBa-2FprHoIh6ZxjQyL-2FkQUpJT2jo6m5DY41VG21eCvZkT-2B-2BUIBRk9rLCReOPqMDIjWv4WJAffDMx5qpQKcMYtvEJsUHa97Zt48nvCRIypy0OP18BGhlb5ozTzIaZQ7822WMI0QMEA-3DqRPS_1CMGPqCVvwnsZ3CBVnR4v9S3ZsORs25AeL3b-2B8A1l9ZnhiE7mWw-2BuwKlaJojR8-2F0pdvlFOmo0l3S7WRK-2BsEecMmmXbafKi-2B4GBH3mFkMnSpNs5ekYw6e5ezaBdHc6Tj1dNsCFVYviBUOfCyVlChY0T7X7mqDLaK-2BPgUBLcd9-2BnETmEhsAAgevwbwg0dYxoy-2Bzn-2BOhrsW-2FV0twpKqvyyUuQDWrZcHBVk2taJ82jmkvWU-3D HTTP 302
https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 49

https://www.googleadservices.com/pagead/conversion/827410454/wcm?cc=ZZ&dn=7043777213&cl=tZXxCJqQ-7cBEJaQxYoD&ct_eid=2 HTTP 302
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=7043777213&cl=tZXxCJqQ-7cBEJaQxYoD

69 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Redirect Chain

https://u102619.ct.sendgrid.net/ls/click?upn=uYpDifjNEaLWWtYC22gox703cCxLrDc7-2FAqpBa-2FprHoIh6ZxjQyL-2FkQUpJT2jo6m5DY41VG21eCvZkT-2B-2BUIBRk9rLCReOPqMDIjWv4WJAffDMx5qpQKcMYtvEJsUHa97Zt48nvCRIypy0O...
https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/

110 KB
28 KB

466ms
229ms

Document
text/html

192.196.158.175
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.196.158.175 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 532cc8d15506530a33904ca6b2c4deb01febf8a2661253fb70fc5ed51d87b057

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: public, max-age=172800
content-encoding: br
content-length: 28050
content-type: text/html; charset=UTF-8
date: Thu, 01 Sep 2022 18:22:17 GMT
etag: "737729-1662046426;br"
expires: Sat, 03 Sep 2022 15:33:46 GMT
link: <https://www.offitkurman.com/wp-json/>; rel="https://api.w.org/" <https://www.offitkurman.com/wp-json/wp/v2/posts/153008>; rel="alternate"; type="application/json" <https://www.offitkurman.com/?p=153008>; rel=shortlink
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
x-litespeed-cache: hit
x-tec-api-origin: https://www.offitkurman.com
x-tec-api-root: https://www.offitkurman.com/wp-json/tribe/events/v1/
x-tec-api-version: v1

Redirect headers

Connection: keep-alive
Content-Length: 130
Content-Type: text/html; charset=utf-8
Date: Thu, 01 Sep 2022 18:22:16 GMT
Location: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H2 200 6f292253f343020bdecc0de4cfb59439.css
www.offitkurman.com/wp-content/litespeed/css/1/ 686 KB
92 KB 115ms
113ms Stylesheet
text/css 192.196.158.175
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offitkurman.com/wp-content/litespeed/css/1/6f292253f343020bdecc0de4cfb59439.css?ver=f140d
Requested by: Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.196.158.175 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: c3f37d949ece06eaac5dce02af066a06cf391879f318158e7cf74a5080bd74ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
content-encoding: br
last-modified: Thu, 01 Sep 2022 13:03:43 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
content-type: text/css
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 94040
expires: Sat, 01 Oct 2022 18:22:17 GMT

GET
H2 200 fa-solid-900.woff2
www.offitkurman.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/ 76 KB
77 KB 115ms
113ms Font
font/woff2 192.196.158.175
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offitkurman.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-solid-900.woff2
Requested by: Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.196.158.175 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537

Request headers

Referer: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Origin: https://www.offitkurman.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
last-modified: Mon, 29 Aug 2022 23:00:43 GMT
server: LiteSpeed
vary: User-Agent,User-Agent
content-type: font/woff2
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 78268
expires: Sat, 02 Sep 2023 00:22:17 GMT

GET
H2 200 shareaholic.js Show response
cdn.shareaholic.net/assets/pub/ 10 KB
5 KB 78ms
25ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Requested by: Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: e2f40b3a8aaf4a2abb1987007547690206251ee187f7594db715cfaebad6b654

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 20:54:56 GMT
server: nginx
x-amz-request-id: QNH8WQ4W3E3AP2A4
etag: "879749224dc6aafa8a42879dc68cad9f"
x-hw: 1662056537.cds155.fr8.hn,1662056537.cds285.fr8.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=1200, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 4284
x-amz-id-2: xigMEVFFRFBzsFP0eAN/+f+5Ysg7B4Kdu5B+B6E6OIfm/1c5vQZk+I1rUDYrH8/DJaaiuCczf8s=

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 108ms
40ms Stylesheet
text/css 2a00:1450:400a:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700%2C400%2C700&ver=6.0.2&display=swap

Requested by

Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:800::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9683278c37e1582b09e04109e16b915d20c9771e2d07bc4ba0b0b2b9d2e4c480

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 18:22:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 01 Sep 2022 18:22:17 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 01 Sep 2022 18:22:17 GMT

GET
H2 200 jquery.min.js Show response
www.offitkurman.com/wp-includes/js/jquery/ 87 KB
30 KB 225ms
224ms Script
application/javascript 192.196.158.175
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offitkurman.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.196.158.175 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
content-encoding: br
last-modified: Wed, 10 Mar 2021 15:07:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 30273
expires: Sat, 02 Sep 2023 00:22:17 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.offitkurman.com/wp-includes/js/jquery/ 11 KB
4 KB 227ms
225ms Script
application/javascript 192.196.158.175
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offitkurman.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.196.158.175 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 3995
expires: Sat, 02 Sep 2023 00:22:17 GMT

GET
H2 200 apbct-public-bundle.min.js Show response
www.offitkurman.com/wp-content/plugins/cleantalk-spam-protect/js/ 23 KB
7 KB 227ms
226ms Script
application/javascript 192.196.158.175
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offitkurman.com/wp-content/plugins/cleantalk-spam-protect/js/apbct-public-bundle.min.js?ver=5.183
Requested by: Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.196.158.175 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 7549b9c24e8760a903e8aeeb713017b6b7b5290a8b51a638ed81b79e9736aa63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
content-encoding: br
last-modified: Mon, 29 Aug 2022 22:20:51 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 6632
expires: Sat, 02 Sep 2023 00:22:17 GMT

GET
H2 200 imagesloaded.min.js Show response
www.offitkurman.com/wp-includes/js/ 5 KB
2 KB 227ms
226ms Script
application/javascript 192.196.158.175
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offitkurman.com/wp-includes/js/imagesloaded.min.js?ver=6.0.2
Requested by: Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.196.158.175 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
content-encoding: br
last-modified: Sat, 13 Jun 2020 18:53:27 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1733
expires: Sat, 02 Sep 2023 00:22:17 GMT

GET
H2 200 jquery.cookie.min.js Show response
www.offitkurman.com/wp-content/plugins/bbpowerpack/assets/js/ 1 KB
751 B 227ms
227ms Script
application/javascript 192.196.158.175
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offitkurman.com/wp-content/plugins/bbpowerpack/assets/js/jquery.cookie.min.js?ver=1.4.1
Requested by: Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.196.158.175 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 1a9bd3c697279bf78c0ffadde4e5cb673182cf45fc24a6abd71e3575a04a5f0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
content-encoding: br
last-modified: Mon, 29 Aug 2022 23:17:54 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 695
expires: Sat, 02 Sep 2023 00:22:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 108 KB
42 KB 127ms
75ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-15479718-1

Requested by

Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6af4e7afbd51d76eca35b0f71aae89c1031022bb89f3bf08b163328f29d3c8da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42919
x-xss-protection: 0
expires: Thu, 01 Sep 2022 18:22:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 114 KB
45 KB 86ms
34ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-827410454

Requested by

Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b0f72aa7dcdef36c7a9749edd15db342f4f1fd129ad8dac6ad10407ca7140289

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45992
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 01 Sep 2022 18:22:17 GMT

GET
H3 200 logo-offit-kurman.jpg
www.offitkurman.com/wp-content/uploads/ 19 KB
20 KB 377ms
374ms Image
image/jpeg 192.196.158.175
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.offitkurman.com/wp-content/uploads/logo-offit-kurman.jpg
Requested by: Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.196.158.175 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: a3a2d582b037c8354ea9de93e00a85cd5144a040056fc43e5b9dff7baaa8e710

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
last-modified: Fri, 09 Aug 2019 16:38:30 GMT
server: LiteSpeed
vary: User-Agent,User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 19924
expires: Fri, 01 Sep 2023 18:22:17 GMT

GET
H3 200 tribe-common.min.js Show response
www.offitkurman.com/wp-content/plugins/the-events-calendar/common/src/resources/js/ 321 B
278 B 114ms
113ms Script
application/javascript 192.196.158.175
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offitkurman.com/wp-content/plugins/the-events-calendar/common/src/resources/js/tribe-common.min.js?ver=4.9.20
Requested by: Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.196.158.175 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: cf7a610c11489bfce177c3c71c5c7aec7101b1ba754d3d2aacc9636fc046c3b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
content-encoding: br
last-modified: Mon, 28 Oct 2019 12:19:43 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 124
expires: Sat, 02 Sep 2023 00:22:17 GMT

GET
H3 200 tooltip.min.js Show response
www.offitkurman.com/wp-content/plugins/the-events-calendar/common/src/resources/js/ 523 B
271 B 113ms
113ms Script
application/javascript 192.196.158.175
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offitkurman.com/wp-content/plugins/the-events-calendar/common/src/resources/js/tooltip.min.js?ver=4.9.20
Requested by: Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.196.158.175 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 64c85e8b3d558b7ced2ce4d184dafd88b8dda0cfb0f388a06a7ff3e8f34841d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
content-encoding: br
last-modified: Mon, 28 Oct 2019 12:19:42 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 227
expires: Sat, 02 Sep 2023 00:22:17 GMT

GET
H3 200 frontend.js Show response
www.offitkurman.com/wp-content/plugins/dk-pdf/assets/js/ 42 B
102 B 113ms
112ms Script
application/javascript 192.196.158.175
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offitkurman.com/wp-content/plugins/dk-pdf/assets/js/frontend.js?ver=1.9.6
Requested by: Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.196.158.175 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: e16355e8227ed0b9a11065116c43b6ee9b9ec0fa9431086d77fb122510f0531b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
last-modified: Mon, 27 Jan 2020 18:02:45 GMT
server: LiteSpeed
vary: User-Agent,User-Agent
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 42
expires: Sat, 02 Sep 2023 00:22:17 GMT

GET
H3 200 jquery.ba-throttle-debounce.min.js Show response
www.offitkurman.com/wp-content/plugins/bb-plugin/js/ 731 B
453 B 117ms
113ms Script
application/javascript 192.196.158.175
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offitkurman.com/wp-content/plugins/bb-plugin/js/jquery.ba-throttle-debounce.min.js?ver=2.5.5.4
Requested by: Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.196.158.175 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
content-encoding: br
last-modified: Mon, 29 Aug 2022 23:00:43 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 408
expires: Sat, 02 Sep 2023 00:22:17 GMT

GET
H3 200 f4305d019c2a50de5bb855181b8565e8-layout-bundle.js Show response
www.offitkurman.com/wp-content/uploads/bb-plugin/cache/ 79 KB
16 KB 118ms
113ms Script
application/javascript 192.196.158.175
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offitkurman.com/wp-content/uploads/bb-plugin/cache/f4305d019c2a50de5bb855181b8565e8-layout-bundle.js?ver=2.5.5.4-1.4.3.1
Requested by: Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.196.158.175 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 336a595de90fa30c663b853017b7ffca147c17a7a1ecc0dd5704478b14d46b15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
content-encoding: br
last-modified: Mon, 29 Aug 2022 23:17:57 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 16406
expires: Sat, 02 Sep 2023 00:22:17 GMT

GET
H3 200 gtm4wp-form-move-tracker.js Show response
www.offitkurman.com/wp-content/plugins/duracelltomi-google-tag-manager/js/ 1 KB
332 B 130ms
126ms Script
application/javascript 192.196.158.175
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offitkurman.com/wp-content/plugins/duracelltomi-google-tag-manager/js/gtm4wp-form-move-tracker.js?ver=1.16.1
Requested by: Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.196.158.175 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 0a402d34337e3e7e719751e9e0847dd3d25f0b81b832fcd342b5a0e040b35075

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
content-encoding: br
last-modified: Mon, 29 Aug 2022 22:19:08 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 287
expires: Sat, 02 Sep 2023 00:22:17 GMT

GET
H3 200 theme.js Show response
www.offitkurman.com/wp-content/themes/zestsms-child-theme/js/ 3 KB
994 B 131ms
126ms Script
application/javascript 192.196.158.175
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offitkurman.com/wp-content/themes/zestsms-child-theme/js/theme.js?ver=1.4
Requested by: Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.196.158.175 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: c702d7f7a7b6ee338c055051dbb6a139212b4e25672e9c60e18fc67c374d6a01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
content-encoding: br
last-modified: Tue, 14 Aug 2018 15:12:21 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 949
expires: Sat, 02 Sep 2023 00:22:17 GMT

GET
H3 200 instant_click.min.js Show response
www.offitkurman.com/wp-content/plugins/litespeed-cache/assets/js/ 4 KB
1 KB 131ms
127ms Script
application/javascript 192.196.158.175
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offitkurman.com/wp-content/plugins/litespeed-cache/assets/js/instant_click.min.js?ver=5.2
Requested by: Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.196.158.175 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: ff58039976d62beef36f2d3750b639e7cd571662fe6c6c34cc67beb61647f312

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
content-encoding: br
last-modified: Mon, 29 Aug 2022 22:18:33 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1167
expires: Sat, 02 Sep 2023 00:22:17 GMT

GET
H3 200 app.min.js Show response
www.offitkurman.com/wp-content/plugins/pojo-accessibility/assets/js/ 5 KB
2 KB 134ms
130ms Script
application/javascript 192.196.158.175
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offitkurman.com/wp-content/plugins/pojo-accessibility/assets/js/app.min.js?ver=1.0.0
Requested by: Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.196.158.175 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: d5575de801172d286dc7cdb712db3081a3fa0702672d2bf33f806301706e3e09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
content-encoding: br
last-modified: Wed, 22 Jan 2020 16:09:13 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 1519
expires: Sat, 02 Sep 2023 00:22:17 GMT

GET
H3 200 core.min.js Show response
www.offitkurman.com/wp-includes/js/jquery/ui/ 20 KB
7 KB 136ms
132ms Script
application/javascript 192.196.158.175
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offitkurman.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.1
Requested by: Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.196.158.175 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
content-encoding: br
last-modified: Mon, 29 Aug 2022 23:09:41 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 6637
expires: Sat, 02 Sep 2023 00:22:17 GMT

GET
H3 200 pum-site-scripts-1.js Show response
www.offitkurman.com/wp-content/uploads/pum/ 68 KB
16 KB 140ms
136ms Script
application/javascript 192.196.158.175
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offitkurman.com/wp-content/uploads/pum/pum-site-scripts-1.js?defer&generated=1661370151&ver=1.16.7
Requested by: Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.196.158.175 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 8ec98c4c012c000a3a644825e970a339ab444dd59f9fdc0b247faa8cd76336ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
content-encoding: br
last-modified: Wed, 24 Aug 2022 19:42:31 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 16622
expires: Sat, 02 Sep 2023 00:22:17 GMT

GET
H3 200 mobile-detect.min.js Show response
www.offitkurman.com/wp-content/plugins/popup-maker/assets/js/vendor/ 38 KB
15 KB 324ms
320ms Script
application/javascript 192.196.158.175
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offitkurman.com/wp-content/plugins/popup-maker/assets/js/vendor/mobile-detect.min.js?ver=1.3.3
Requested by: Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.196.158.175 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: ebd21fd785e33300ae6571194031810c2e87373fb139b681888b2423d78a562b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
content-encoding: br
last-modified: Wed, 04 May 2022 14:29:20 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 15764
expires: Sat, 02 Sep 2023 00:22:17 GMT

GET
H3 200 jquery.magnificpopup.min.js Show response
www.offitkurman.com/wp-content/plugins/bb-plugin/js/ 19 KB
7 KB 336ms
333ms Script
application/javascript 192.196.158.175
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offitkurman.com/wp-content/plugins/bb-plugin/js/jquery.magnificpopup.min.js?ver=2.5.5.4
Requested by: Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.196.158.175 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 8bfcec07978309844d788b4ade223b49ba0be250c0da82fa94d7477842db1e6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
content-encoding: br
last-modified: Mon, 29 Aug 2022 23:00:43 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 6878
expires: Sat, 02 Sep 2023 00:22:17 GMT

GET
H3 200 jquery.fitvids.min.js Show response
www.offitkurman.com/wp-content/plugins/bb-plugin/js/ 2 KB
683 B 348ms
344ms Script
application/javascript 192.196.158.175
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offitkurman.com/wp-content/plugins/bb-plugin/js/jquery.fitvids.min.js?ver=1.2
Requested by: Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.196.158.175 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: fcd9ffb64cfd974227451be5fc6ec851c51bb635d8485fd5e48e8717bac902cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
content-encoding: br
last-modified: Mon, 29 Aug 2022 23:00:43 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 661
expires: Sat, 02 Sep 2023 00:22:17 GMT

GET
H3 200 bootstrap.min.js Show response
www.offitkurman.com/wp-content/themes/bb-theme/js/ 39 KB
10 KB 348ms
345ms Script
application/javascript 192.196.158.175
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offitkurman.com/wp-content/themes/bb-theme/js/bootstrap.min.js?ver=1.7.11
Requested by: Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.196.158.175 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: d3b2f660b434b8f2c4c187adfe0f0b6ab4ebffdd99da232e6900112311d66798

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
content-encoding: br
last-modified: Wed, 04 May 2022 19:07:15 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 10519
expires: Sat, 02 Sep 2023 00:22:17 GMT

GET
H3 200 theme.min.js Show response
www.offitkurman.com/wp-content/themes/bb-theme/js/ 22 KB
5 KB 362ms
359ms Script
application/javascript 192.196.158.175
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offitkurman.com/wp-content/themes/bb-theme/js/theme.min.js?ver=1.7.11
Requested by: Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.196.158.175 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: e1a478b48c8e190782382190951e6410356f384923c3c79e0470935cde4bbdfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
content-encoding: br
last-modified: Wed, 04 May 2022 19:07:15 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 5210
expires: Sat, 02 Sep 2023 00:22:17 GMT

GET
H3 200 15249-layout-partial.js Show response
www.offitkurman.com/wp-content/uploads/bb-plugin/cache/ 10 KB
3 KB 367ms
363ms Script
application/javascript 192.196.158.175
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offitkurman.com/wp-content/uploads/bb-plugin/cache/15249-layout-partial.js?ver=5accd01bf01486ff5eee58132b50dc94
Requested by: Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.196.158.175 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 3784d95d7aa937025bf6d9d3ef12ee8cebd6487058492b27c8e66e94e984a3ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
content-encoding: br
last-modified: Thu, 01 Sep 2022 13:08:42 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 2760
expires: Sat, 02 Sep 2023 00:22:17 GMT

GET
H3 200 front.min.js Show response
www.offitkurman.com/wp-content/plugins/facetwp/assets/js/dist/ 33 KB
9 KB 369ms
366ms Script
application/javascript 192.196.158.175
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offitkurman.com/wp-content/plugins/facetwp/assets/js/dist/front.min.js?ver=4.0.7
Requested by: Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.196.158.175 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: e508ae4990d6b7df847c361c6284ca99394bf626e4cef027f460e552dbb2da75

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
content-encoding: br
last-modified: Mon, 29 Aug 2022 22:19:58 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 8778
expires: Sat, 02 Sep 2023 00:22:17 GMT

GET
H3 200 wp-emoji-release.min.js Show response
www.offitkurman.com/wp-includes/js/ 18 KB
5 KB 384ms
381ms Script
application/javascript 192.196.158.175
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offitkurman.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.2
Requested by: Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.196.158.175 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
content-encoding: br
last-modified: Mon, 29 Aug 2022 23:09:41 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent,User-Agent
content-type: application/javascript
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 4619
expires: Sat, 02 Sep 2023 00:22:17 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 135 KB
52 KB 105ms
53ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5R3X6BX

Requested by

Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9b08341cbfb346a03e903b6d0c7822372e545cd147c9715ab9c8b411709b9e0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53537
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 01 Sep 2022 18:22:17 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 99ms
32ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f62054be93b9f30643e209e390ae4299eb0501d1d89d9c8a3c6ee496ea9bd99c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26683
x-xss-protection: 0
pragma: public
x-fb-debug: 1i2LNJgTCAS7xBUeo3tu59dqcz9BAaS9allSny5SQ7K6OIZgaMtTwmjkXzTj+KdemQsa8wdV2Zh4S3DTOA1iBg==
x-fb-trip-id: 720026100
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 01 Sep 2022 18:22:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 44 KB
44 KB 70ms
19ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A300%2C400%2C700%2C400%2C700&ver=6.0.2&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.offitkurman.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 18:50:34 GMT
x-content-type-options: nosniff
age: 257503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Aug 2023 18:50:34 GMT

GET
H2 200 main.js Show response
m9m6e2w5.stackpathcdn.com/v2/f41e75ff/ 148 KB
41 KB 71ms
23ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/main.js
Requested by: Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 59b04a15dacf5d7c6befe6dd8f0c26a66bfab4ac12cf05b7d9acd177e22f5b03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 20:54:53 GMT
server: nginx
x-amz-request-id: NFB49KNGRGY1YFX2
etag: "88fa1ed2ddaaae4bf29d6c2a0672314d"
x-hw: 1662056537.cds259.fr8.hn,1662056537.cds155.fr8.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 41836
x-amz-id-2: HePZJCSNFUOhrCXRPUbrxu5S1nhbgH3/YLE4IrdrYwEBjmZFAYqLDzXrMDSe198oV2+ZRwpicaU=

GET
H2 200 b0c992434f5fbd0609ab90eb54bd8e72.json Show response
www.shareaholic.net/config/ 4 KB
2 KB 326ms
105ms XHR
application/json 54.197.98.98
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.shareaholic.net/config/b0c992434f5fbd0609ab90eb54bd8e72.json
Requested by: Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.197.98.98 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-197-98-98.compute-1.amazonaws.com
Software: nginx /
Resource Hash: bce650efc29ea7c9e3fa3ee6f474edc230739a9c0adf8ccbb276dc1e975eaab5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

x-client-geo-country: DE,Deutschland
date: Wed, 31 Aug 2022 20:31:31 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
content-length: 1307
server: nginx
x-client-geo-region: BY,Bayern
x-client-geo-metrocode
etag: W/"bce650efc29ea7c9e3fa3ee6f474edc2"
access-control-max-age: 2000
x-client-geo-city: Bischberg
x-varnish: 709338926 690372960
via: 1.1 varnish (Varnish/6.0)
access-control-expose-headers: Etag, Access-Control-Allow-Origin, x-client-geo-latlong, x-client-geo-country, x-client-geo-city, x-client-geo-zip, x-client-geo-region, x-client-geo-metrocode
cache-control: max-age=3, public, must-revalidate
x-client-geo-zip: 96120
accept-ranges: bytes
content-type: application/json
access-control-allow-headers: *
x-client-geo-latlong: 49.912900,10.833400

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 profile-banner.jpg
www.offitkurman.com/wp-content/uploads/ 25 KB
25 KB 373ms
373ms Image
image/jpeg 192.196.158.175
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.offitkurman.com/wp-content/uploads/profile-banner.jpg
Requested by: Host: www.offitkurman.com
URL: https://www.offitkurman.com/wp-content/litespeed/css/1/6f292253f343020bdecc0de4cfb59439.css?ver=f140d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.196.158.175 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 5b4d47ae3f511fa214e9b987902de835f791764e046e176a6911f4203ade081b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/wp-content/litespeed/css/1/6f292253f343020bdecc0de4cfb59439.css?ver=f140d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
last-modified: Sat, 30 Apr 2016 20:43:34 GMT
server: LiteSpeed
vary: User-Agent,User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 25156
expires: Fri, 01 Sep 2023 18:22:17 GMT

GET
H3 200 fa-brands-400.woff2
www.offitkurman.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/ 75 KB
75 KB 135ms
134ms Font
font/woff2 192.196.158.175
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.offitkurman.com/wp-content/plugins/bb-plugin/fonts/fontawesome/5.15.4/webfonts/fa-brands-400.woff2
Requested by: Host: www.offitkurman.com
URL: https://www.offitkurman.com/wp-content/litespeed/css/1/6f292253f343020bdecc0de4cfb59439.css?ver=f140d
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.196.158.175 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: 8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Request headers

Referer: https://www.offitkurman.com/wp-content/litespeed/css/1/6f292253f343020bdecc0de4cfb59439.css?ver=f140d
Origin: https://www.offitkurman.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:17 GMT
last-modified: Mon, 29 Aug 2022 23:00:43 GMT
server: LiteSpeed
vary: User-Agent,User-Agent
content-type: font/woff2
cache-control: public, max-age=31557600
accept-ranges: bytes
content-length: 76736
expires: Sat, 02 Sep 2023 00:22:17 GMT

GET
H3 200 200456393740079 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 203ms
169ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/200456393740079?v=2.9.78&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5bb618d3fad0db7923ef48089d2f39751b8c8d04b1a5742f2d5dc38a1fda32d9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: qAle7SZQ1esSqD7s2FuRnGWworRUwWKqFTy8TkoA+BhHQDZyzLSMa4miSbJ5dUASQF0yqpOawnPT5mpRq94l2w==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 01 Sep 2022 18:22:18 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 105 KB
41 KB 76ms
34ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-15479718-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-827410454

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4ca75e9473aaefe14955e417db60cb60cc65c8c2c1af3613a87106c6a913d718

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:18 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41996
x-xss-protection: 0
expires: Thu, 01 Sep 2022 18:22:18 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 41 KB
16 KB 175ms
111ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-827410454

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

cafe /

Resource Hash

f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15690
x-xss-protection: 0
server: cafe
etag: 13194339052015637803
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 01 Sep 2022 18:22:18 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 199 KB
71 KB 77ms
39ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-SNDB3MXMRY&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-827410454

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b90d9049eee197ce3ee671293cd5e0903f6187607b6e0e07b0f20823b5621aba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:18 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 73108
x-xss-protection: 0
expires: Thu, 01 Sep 2022 18:22:18 GMT

GET
H2 200 loader.js Show response
www.gstatic.com/wcm/ 3 KB
2 KB 67ms
21ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/wcm/loader.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-827410454

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 17:38:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2624
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
last-modified: Mon, 15 Mar 2021 16:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 01 Sep 2022 18:38:34 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 66ms
20ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5R3X6BX

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4818
date: Thu, 01 Sep 2022 17:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 01 Sep 2022 19:02:00 GMT

GET
H3 200 call-tracking_7.js Show response
www.gstatic.com/call-tracking/ 54 KB
21 KB 63ms
20ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/call-tracking/call-tracking_7.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/wcm/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Mon, 29 Aug 2022 06:35:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 301611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-telephony
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21020
x-xss-protection: 0
last-modified: Wed, 03 Feb 2021 22:45:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-telephony"
vary: Accept-Encoding
report-to: {"group":"ads-telephony","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-telephony"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 29 Aug 2023 06:35:27 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 71ms
28ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=468002142&t=pageview&_s=1&dl=https%3A%2F%2Fwww.offitkurman.com%2Fblog%2F2022%2F08%2F19%2Fharvesting-tax-credits-is-legitimate-business-for-tax-purposes%2F&ul=en-us&de=UTF-8&dt=Harvesting%20Tax%20Credits%20Is%20Legitimate%20Business%20for%20Tax%20Purposes%20%7C%20Offit%20Kurman&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=842018902&gjid=834272048&cid=852294597.1662056538&tid=UA-15479718-1&_gid=102198416.1662056538&_r=1&gtm=2wg8t05R3X6BX&z=51865137

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offitkurman.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 18:22:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.offitkurman.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 66ms
28ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=468002142&t=pageview&_s=1&dl=https%3A%2F%2Fwww.offitkurman.com%2Fblog%2F2022%2F08%2F19%2Fharvesting-tax-credits-is-legitimate-business-for-tax-purposes%2F&ul=en-us&de=UTF-8&dt=Harvesting%20Tax%20Credits%20Is%20Legitimate%20Business%20for%20Tax%20Purposes%20%7C%20Offit%20Kurman&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACUABBAAAAC~&jid=369025850&gjid=835686910&cid=852294597.1662056538&tid=UA-15479718-1&_gid=102198416.1662056538&_r=1&gtm=2ou8t0&did=dZTNiMT&gdid=dZTNiMT&z=280107395

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offitkurman.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 18:22:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.offitkurman.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
350 B 78ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-SNDB3MXMRY&gtm=2oe8t0&_p=468002142&gdid=dZTNiMT&cid=852294597.1662056538&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1662056538&sct=1&seg=0&dl=https%3A%2F%2Fwww.offitkurman.com%2Fblog%2F2022%2F08%2F19%2Fharvesting-tax-credits-is-legitimate-business-for-tax-purposes%2F&dt=Harvesting%20Tax%20Credits%20Is%20Legitimate%20Business%20for%20Tax%20Purposes%20%7C%20Offit%20Kurman&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-SNDB3MXMRY&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 18:22:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.offitkurman.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

wcm Show response
www.google.de/pagead/attribution/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/827410454/wcm?cc=ZZ&dn=7043777213&cl=tZXxCJqQ-7cBEJaQxYoD&ct_eid=2
https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=7043777213&cl=tZXxCJqQ-7cBEJaQxYoD

80 B
565 B

172ms
27ms

XHR
application/json

2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=7043777213&cl=tZXxCJqQ-7cBEJaQxYoD

Requested by

Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/

Protocol

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: application/json; charset=UTF-8
access-control-allow-origin: null
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87
x-xss-protection: 0

Redirect headers

timing-allow-origin: *
date: Thu, 01 Sep 2022 18:22:18 GMT
x-content-type-options: nosniff
server: cafe
location: https://www.google.de/pagead/attribution/wcm?cc=ZZ&dn=7043777213&cl=tZXxCJqQ-7cBEJaQxYoD
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://www.offitkurman.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
442 B 82ms
27ms XHR
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-15479718-1&cid=852294597.1662056538&jid=842018902&gjid=834272048&_gid=102198416.1662056538&_u=YEBAAEAAAAAAAC~&z=1383795619

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offitkurman.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 01 Sep 2022 18:22:18 GMT
content-type: text/plain
access-control-allow-origin: https://www.offitkurman.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 82ms
28ms XHR
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-15479718-1&cid=852294597.1662056538&jid=369025850&gjid=835686910&_gid=102198416.1662056538&_u=YGDACUABBAAAAC~&z=1633795978

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.offitkurman.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 01 Sep 2022 18:22:18 GMT
content-type: text/plain
access-control-allow-origin: https://www.offitkurman.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/827410454/ 3 KB
2 KB 82ms
34ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/827410454/?random=1662056538286&cv=9&fst=1662056538286&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8t0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.offitkurman.com%2Fblog%2F2022%2F08%2F19%2Fharvesting-tax-credits-is-legitimate-business-for-tax-purposes%2F&tiba=Harvesting%20Tax%20Credits%20Is%20Legitimate%20Business%20for%20Tax%20Purposes%20%7C%20Offit%20Kurman&auid=980731717.1662056538&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e77b75e2deaa6e5e6f993ecc2f54c576d95163e74c1214e0489d83efc35b5315

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 18:22:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1122
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-827410454/ 2 KB
1 KB 81ms
35ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-827410454/?random=1662056538289&cv=9&fst=1662056538289&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8t0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.offitkurman.com%2Fblog%2F2022%2F08%2F19%2Fharvesting-tax-credits-is-legitimate-business-for-tax-purposes%2F&tiba=Harvesting%20Tax%20Credits%20Is%20Legitimate%20Business%20for%20Tax%20Purposes%20%7C%20Offit%20Kurman&auid=980731717.1662056538&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad5dc21cab09f401bbba7354fee862e22b783f3cfe6b8e463e238d4f77b4d8b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 18:22:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1104
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 e
analytics.shareaholic.com/ 43 B
383 B 420ms
107ms Ping
image/gif 52.200.239.86
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.shareaholic.com/e

Requested by

Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/main.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.200.239.86 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-200-239-86.compute-1.amazonaws.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Content-Security-Policy	referrer always

Request headers

Referer: https://www.offitkurman.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 18:22:18 GMT
vary: Origin
p3p: CP="OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC"
access-control-allow-origin: https://www.offitkurman.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
referer-policy: unsafe-url
content-security-policy: referrer always
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3 200 apbct_get_pixel_url Show response
www.offitkurman.com/wp-json/cleantalk-antispam/v1/ 80 B
495 B 626ms
626ms XHR
application/json 192.196.158.175
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.offitkurman.com/wp-json/cleantalk-antispam/v1/apbct_get_pixel_url

Requested by

Host: www.offitkurman.com
URL: https://www.offitkurman.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Protocol

Security

QUIC, , AES_128_GCM

Server

192.196.158.175 , United States, ASN63410 (PRIVATESYSTEMS, US),

Reverse DNS

Software

LiteSpeed /

Resource Hash

cd1c0dbd33a68d428c61edf784f0edf271af608e8666f66fba7ea0c0ccdc9562

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
X-WP-Nonce: 9fed5f1ffe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:18 GMT
content-encoding: br
x-content-type-options: nosniff
x-litespeed-cache-control: no-cache
x-litespeed-tag: 69e1_HTTP.200
vary: Origin,Accept-Encoding,User-Agent,User-Agent
content-length: 72
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
expires: Sat, 03 Sep 2022 18:22:18 GMT
server: LiteSpeed
allow: POST
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.offitkurman.com
x-wp-nonce: 9fed5f1ffe
cache-control: public, max-age=172800
access-control-allow-credentials: true
x-robots-tag: noindex
link: <https://www.offitkurman.com/wp-json/>; rel="https://api.w.org/"
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link

GET
H2 200 buttons.js Show response
m9m6e2w5.stackpathcdn.com/v2/f41e75ff/ 179 KB
37 KB 22ms
22ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/buttons.js
Requested by: Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 8123dc2bf66e2ac6977d94fe97c53156eeccde550b99431793c630e765897aee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:18 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 20:54:54 GMT
server: nginx
x-amz-request-id: NFB2TQ0PKF4N07B3
etag: "49e3d95d37cfa985c04180587e25647b"
x-hw: 1662056538.cds259.fr8.hn,1662056538.cds274.fr8.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 37579
x-amz-id-2: 41CyigLuzTQn7/nYl7JAl5ek+10YUQYUdhQyr1/KsChb1iMZ7aT+ymqqNZoLyeYpUnnPy8eYpr0=

GET
H2 200 recommendations.js Show response
m9m6e2w5.stackpathcdn.com/v2/f41e75ff/ 92 KB
13 KB 28ms
27ms Script
application/javascript 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/recommendations.js
Requested by: Host: cdn.shareaholic.net
URL: https://cdn.shareaholic.net/assets/pub/shareaholic.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: f1209899a0cbbf58df073110347d1429e0ad4d254b584f0fff016f395a09cfff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:18 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 20:54:53 GMT
server: nginx
x-amz-request-id: NFB5P478EE68WWD6
etag: "bd2f6bef184f7e22b7efe36558d084d4"
x-hw: 1662056538.cds259.fr8.hn,1662056538.cds223.fr8.c
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 12624
x-amz-id-2: JCacSqMWtEoyGMrlmSMHg4gyvqgMP2tl7M1aQ5X/zaY+t7TBSm78VLRlW8JM+3tlE/H78MzyZNc=

GET
H2 200 partners.js Show response
partner.shareaholic.com/ 0
265 B 388ms
137ms Script
application/javascript 107.20.147.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://partner.shareaholic.com/partners.js?location=https%3A%2F%2Fwww.offitkurman.com%2Fblog%2F2022%2F08%2F19%2Fharvesting-tax-credits-is-legitimate-business-for-tax-purposes%2F&cl=en-US&id_sync=0b7539a0-d0b6-44fb-9349-a4cbd4479df0&minify=1&pvs=1&site=b0c992434f5fbd0609ab90eb54bd8e72
Requested by: Host: m9m6e2w5.stackpathcdn.com
URL: https://m9m6e2w5.stackpathcdn.com/v2/f41e75ff/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.20.147.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-107-20-147-136.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 18:22:18 GMT
vary: Accept-Encoding, User-Agent
p3p: CP='OTI DSP COR DEVo ADMa OUR CONo IND COM INT ONL PUR STA OTC'
cache-control: no-cache, no-store, must-revalidate
content-type: application/javascript;charset=utf-8
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 95ms
20ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=200456393740079&ev=PageView&dl=https%3A%2F%2Fwww.offitkurman.com%2Fblog%2F2022%2F08%2F19%2Fharvesting-tax-credits-is-legitimate-business-for-tax-purposes%2F&rl=&if=false&ts=1662056538378&sw=1600&sh=1200&v=2.9.78&r=stable&ec=0&o=30&fbp=fb.1.1662056538377.1110686353&it=1662056538053&coo=false&rqm=GET

Requested by

Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Thu, 01 Sep 2022 18:22:18 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/827410454/ 42 B
108 B 107ms
37ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/827410454/?random=1662056538286&cv=9&fst=1662055200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.offitkurman.com%2Fblog%2F2022%2F08%2F19%2Fharvesting-tax-credits-is-legitimate-business-for-tax-purposes%2F&tiba=Harvesting%20Tax%20Credits%20Is%20Legitimate%20Business%20for%20Tax%20Purposes%20%7C%20Offit%20Kurman&async=1&fmt=3&is_vtc=1&random=2514155779&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 18:22:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/827410454/ 42 B
108 B 102ms
33ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/827410454/?random=1662056538286&cv=9&fst=1662055200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa8t0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.offitkurman.com%2Fblog%2F2022%2F08%2F19%2Fharvesting-tax-credits-is-legitimate-business-for-tax-purposes%2F&tiba=Harvesting%20Tax%20Credits%20Is%20Legitimate%20Business%20for%20Tax%20Purposes%20%7C%20Offit%20Kurman&async=1&fmt=3&is_vtc=1&random=2514155779&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 18:22:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/AW-827410454/ 42 B
548 B 101ms
32ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/AW-827410454/?random=1662056538289&cv=9&fst=1662055200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8t0&sendb=1&frm=0&url=https%3A%2F%2Fwww.offitkurman.com%2Fblog%2F2022%2F08%2F19%2Fharvesting-tax-credits-is-legitimate-business-for-tax-purposes%2F&tiba=Harvesting%20Tax%20Credits%20Is%20Legitimate%20Business%20for%20Tax%20Purposes%20%7C%20Offit%20Kurman&async=1&fmt=3&is_vtc=1&random=2113171418&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 18:22:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/AW-827410454/ 42 B
227 B 101ms
32ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/AW-827410454/?random=1662056538289&cv=9&fst=1662055200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg8t0&sendb=1&frm=0&url=https%3A%2F%2Fwww.offitkurman.com%2Fblog%2F2022%2F08%2F19%2Fharvesting-tax-credits-is-legitimate-business-for-tax-purposes%2F&tiba=Harvesting%20Tax%20Credits%20Is%20Legitimate%20Business%20for%20Tax%20Purposes%20%7C%20Offit%20Kurman&async=1&fmt=3&is_vtc=1&random=2113171418&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 01 Sep 2022 18:22:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 shareaholic-icons.woff
m9m6e2w5.stackpathcdn.com/v2/fonts_0ecbeeff/ 20 KB
20 KB 73ms
26ms Font
font/woff 151.139.128.11
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://m9m6e2w5.stackpathcdn.com/v2/fonts_0ecbeeff/shareaholic-icons.woff
Requested by: Host: www.offitkurman.com
URL: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 21e444926ee2b1297a9888fe081f196a640763626243aa07b80ff171049e7a8c

Request headers

Referer: https://www.offitkurman.com/
Origin: https://www.offitkurman.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:18 GMT
content-encoding: gzip
last-modified: Mon, 07 Feb 2022 17:41:10 GMT
server: nginx
x-amz-request-id: 7GX3B7Z1AT9BNC76
etag: "0e26e8e2b7a79ff2a9e9fe9ef5382e6d"
x-hw: 1662056538.cds223.fr8.hn,1662056538.cds254.fr8.c
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-hello-human: Join the fun! Apply at www.shareaholic.com/jobs
accept-ranges: bytes
content-length: 20572
x-amz-id-2: 39X4WTFZt5Z5SwYqtP0IZiCadze/5GJir6DJovbHATYiyovA+QOsA58fN87ifk9XaCccX749pyc=

GET
H3 200 shutterstock_357403964-300x200.jpg
www.offitkurman.com/wp-content/uploads/ 14 KB
14 KB 115ms
114ms Image
image/jpeg 192.196.158.175
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.offitkurman.com/wp-content/uploads/shutterstock_357403964-300x200.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 192.196.158.175 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS
Software: LiteSpeed /
Resource Hash: bc29880076a5b9d970782a5ef538a492b87ad6c72439bc445a1e379eb6c7e92f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:18 GMT
last-modified: Tue, 16 Aug 2022 12:57:21 GMT
server: LiteSpeed
vary: User-Agent,User-Agent
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 14673
expires: Fri, 01 Sep 2023 18:22:18 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 2F8F 0
18 B 44ms
19ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.offitkurman.com
Referer: https://www.offitkurman.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.offitkurman.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Thu, 01 Sep 2022 18:22:18 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK c5865ca33969cf873ab87b6d62d109cb.gif
moderate2.cleantalk.org/pixel/ 43 B
364 B 394ms
96ms Image
image/gif 2604:a880:800:10::462:6001
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://moderate2.cleantalk.org/pixel/c5865ca33969cf873ab87b6d62d109cb.gif

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2604:a880:800:10::462:6001 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

Date: Thu, 01 Sep 2022 18:22:19 GMT
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H3 204 /
www.offitkurman.com/wp-json/pum/v1/analytics/ 0
237 B 370ms
370ms Image
image/gif 192.196.158.175
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.offitkurman.com/wp-json/pum/v1/analytics/?event=open&pid=141229&_cache=1662056540748

Protocol

Security

QUIC, , AES_128_GCM

Server

192.196.158.175 , United States, ASN63410 (PRIVATESYSTEMS, US),

Reverse DNS

Software

LiteSpeed /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.offitkurman.com/blog/2022/08/19/harvesting-tax-credits-is-legitimate-business-for-tax-purposes/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.52 Safari/537.36

Response headers

date: Thu, 01 Sep 2022 18:22:21 GMT
x-content-type-options: nosniff
server: LiteSpeed
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
vary: User-Agent,User-Agent
content-type: image/gif
x-litespeed-cache-control: public,max-age=604800
cache-control: public, max-age=31536000
x-litespeed-tag: 69e1_default,69e1_URL.226665f68fa72942e34cf3ce80002444,69e1_REST,69e1_
x-robots-tag: noindex
link: <https://www.offitkurman.com/wp-json/>; rel="https://api.w.org/"
content-length: 0
expires: Fri, 01 Sep 2023 18:22:21 GMT

Verdicts & Comments Add Verdict or Comment

144 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.offitkurman.com/	1970-01-20 07:50:32	Name: _gcl_au Value: 1.1.980731717.1662056538
.offitkurman.com/	1970-01-20 05:42:22	Name: _gid Value: GA1.2.102198416.1662056538
.offitkurman.com/	1970-01-20 05:40:56	Name: _gat_UA-15479718-1 Value: 1
.offitkurman.com/	1970-01-20 05:40:56	Name: _gat_gtag_UA_15479718_1 Value: 1
.offitkurman.com/	1970-01-20 15:16:56	Name: _ga_SNDB3MXMRY Value: GS1.1.1662056538.1.0.1662056538.0.0.0
www.offitkurman.com/	1969-12-31 23:59:59	Name: ct_ps_timestamp Value: 1662056538
www.offitkurman.com/	1969-12-31 23:59:59	Name: ct_fkp_timestamp Value: 0
www.offitkurman.com/	1969-12-31 23:59:59	Name: ct_timezone Value: 0
www.offitkurman.com/	1969-12-31 23:59:59	Name: ct_screen_info Value: %7B%22fullWidth%22%3A1600%2C%22fullHeight%22%3A3377%2C%22visibleWidth%22%3A1600%2C%22visibleHeight%22%3A1200%7D
www.offitkurman.com/	1969-12-31 23:59:59	Name: apbct_headless Value: false
www.offitkurman.com/	1969-12-31 23:59:59	Name: ct_checked_emails Value: 0
www.offitkurman.com/	1969-12-31 23:59:59	Name: ct_checkjs Value: e4cf1a759b8261ede779fc23ba585d6feceb337ea92acc4f4cfdaa7cea5ecc01
.offitkurman.com/	1970-01-20 15:16:56	Name: _ga Value: GA1.2.852294597.1662056538
.doubleclick.net/	1970-01-20 05:40:57	Name: test_cookie Value: CheckForPermission
.offitkurman.com/	1970-01-20 07:50:32	Name: _fbp Value: fb.1.1662056538377.1110686353
www.offitkurman.com/	1969-12-31 23:59:59	Name: apbct_pixel_url Value: https%3A%2F%2Fmoderate2.cleantalk.org%2Fpixel%2Fc5865ca33969cf873ab87b6d62d109cb.gif
www.offitkurman.com/	1969-12-31 23:59:59	Name: ct_pointer_data Value: %5B%5D
www.offitkurman.com/	1970-01-20 06:24:08	Name: ct_sfw_pass_key Value: df9395c401ccb4536cd71fc6ea7b8ea80

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.shareaholic.com
cdn.shareaholic.net
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
m9m6e2w5.stackpathcdn.com
moderate2.cleantalk.org
partner.shareaholic.com
region1.google-analytics.com
stats.g.doubleclick.net
u102619.ct.sendgrid.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.offitkurman.com
www.shareaholic.net
107.20.147.136
151.139.128.11
167.89.118.28
172.217.16.194
192.196.158.175
2001:4860:4802:34::36
2604:a880:800:10::462:6001
2a00:1450:4001:801::2003
2a00:1450:4001:806::2004
2a00:1450:4001:80e::2003
2a00:1450:4001:810::200e
2a00:1450:4001:812::2003
2a00:1450:4001:812::2008
2a00:1450:4001:828::2002
2a00:1450:400a:800::200a
2a00:1450:400c:c0b::9c
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f11c:8183:face:b00c:0:25de
52.200.239.86
54.197.98.98
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0a402d34337e3e7e719751e9e0847dd3d25f0b81b832fcd342b5a0e040b35075
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1a9bd3c697279bf78c0ffadde4e5cb673182cf45fc24a6abd71e3575a04a5f0d
21e444926ee2b1297a9888fe081f196a640763626243aa07b80ff171049e7a8c
240b702419d6c39ecc4896f0132ccfc9bc517e9aef0c782d99580e0c678b47d5
336a595de90fa30c663b853017b7ffca147c17a7a1ecc0dd5704478b14d46b15
3784d95d7aa937025bf6d9d3ef12ee8cebd6487058492b27c8e66e94e984a3ba
4ca75e9473aaefe14955e417db60cb60cc65c8c2c1af3613a87106c6a913d718
532cc8d15506530a33904ca6b2c4deb01febf8a2661253fb70fc5ed51d87b057
59b04a15dacf5d7c6befe6dd8f0c26a66bfab4ac12cf05b7d9acd177e22f5b03
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b4d47ae3f511fa214e9b987902de835f791764e046e176a6911f4203ade081b
5bb618d3fad0db7923ef48089d2f39751b8c8d04b1a5742f2d5dc38a1fda32d9
64c85e8b3d558b7ced2ce4d184dafd88b8dda0cfb0f388a06a7ff3e8f34841d8
6af4e7afbd51d76eca35b0f71aae89c1031022bb89f3bf08b163328f29d3c8da
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7549b9c24e8760a903e8aeeb713017b6b7b5290a8b51a638ed81b79e9736aa63
8123dc2bf66e2ac6977d94fe97c53156eeccde550b99431793c630e765897aee
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8bfcec07978309844d788b4ade223b49ba0be250c0da82fa94d7477842db1e6a
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
8ec98c4c012c000a3a644825e970a339ab444dd59f9fdc0b247faa8cd76336ae
9683278c37e1582b09e04109e16b915d20c9771e2d07bc4ba0b0b2b9d2e4c480
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
9b08341cbfb346a03e903b6d0c7822372e545cd147c9715ab9c8b411709b9e0d
9f959aaad80347edc26ed8279c6a68c098efc76876ac2e2f8ccc54b118f197f4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a3a2d582b037c8354ea9de93e00a85cd5144a040056fc43e5b9dff7baaa8e710
ad5dc21cab09f401bbba7354fee862e22b783f3cfe6b8e463e238d4f77b4d8b5
b0f72aa7dcdef36c7a9749edd15db342f4f1fd129ad8dac6ad10407ca7140289
b90d9049eee197ce3ee671293cd5e0903f6187607b6e0e07b0f20823b5621aba
bc29880076a5b9d970782a5ef538a492b87ad6c72439bc445a1e379eb6c7e92f
bce650efc29ea7c9e3fa3ee6f474edc230739a9c0adf8ccbb276dc1e975eaab5
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c3f37d949ece06eaac5dce02af066a06cf391879f318158e7cf74a5080bd74ea
c702d7f7a7b6ee338c055051dbb6a139212b4e25672e9c60e18fc67c374d6a01
cd1c0dbd33a68d428c61edf784f0edf271af608e8666f66fba7ea0c0ccdc9562
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7a610c11489bfce177c3c71c5c7aec7101b1ba754d3d2aacc9636fc046c3b6
d3b2f660b434b8f2c4c187adfe0f0b6ab4ebffdd99da232e6900112311d66798
d5575de801172d286dc7cdb712db3081a3fa0702672d2bf33f806301706e3e09
d933a98657089095397ca6126d62e3a07c39e70f82b36f8cea002c0ba5bf1e2c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e16355e8227ed0b9a11065116c43b6ee9b9ec0fa9431086d77fb122510f0531b
e1a478b48c8e190782382190951e6410356f384923c3c79e0470935cde4bbdfa
e2f40b3a8aaf4a2abb1987007547690206251ee187f7594db715cfaebad6b654
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e508ae4990d6b7df847c361c6284ca99394bf626e4cef027f460e552dbb2da75
e77b75e2deaa6e5e6f993ecc2f54c576d95163e74c1214e0489d83efc35b5315
ebd21fd785e33300ae6571194031810c2e87373fb139b681888b2423d78a562b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1209899a0cbbf58df073110347d1429e0ad4d254b584f0fff016f395a09cfff
f6200e00f9bcf9a324c8c1a046c6bc624ebcaf1379faf13e4d76ae56ea0d1a11
f62054be93b9f30643e209e390ae4299eb0501d1d89d9c8a3c6ee496ea9bd99c
fa7b84bb6e37fba06f79793937e55baf6ebc1bee051e350e11c7ca681a9f3db7
fcd9ffb64cfd974227451be5fc6ec851c51bb635d8485fd5e48e8717bac902cb
ff2fde453aa6220144126828a284d4cc227479f1fe83beef3a6b6a4504c7e4df
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869
ff58039976d62beef36f2d3750b639e7cd571662fe6c6c34cc67beb61647f312

www.offitkurman.com Open in urlscan Pro 192.196.158.175 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

69 Requests

99 %HTTPS

65 %IPv6

16 Domains

21 Subdomains

20 IPs

5 Countries

1063 kBTransfer

3209 kBSize

18 Cookies

7 Outgoing links

Page URL History

Redirected requests

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.offitkurman.com Open in urlscan Pro
192.196.158.175 Public Scan

Screenshot
Live screenshot

Full Image

69
Requests

99 %
HTTPS

65 %
IPv6

16
Domains

21
Subdomains

20
IPs

5
Countries

1063 kB
Transfer

3209 kB
Size

18
Cookies

69 HTTP transactions
1 data transactions