www.nicholstaxservice.com Open in urlscan Pro
2a00:1450:4001:800::2013 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.nicholstaxservice.com/
Submission: On August 20 via automatic, source certstream-suspicious (August 20th 2021, 10:55:33 pm UTC)

Summary HTTP 55 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 10 IPs in 1 countries across 8 domains to perform 55 HTTP transactions. The main IP is 2a00:1450:4001:800::2013, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is www.nicholstaxservice.com.
TLS certificate: Issued by GTS CA 1D4 on June 22nd 2021. Valid for: 3 months.

This is the only time www.nicholstaxservice.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a00:1450:400... 2a00:1450:4001:800::2013	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
8	3.66.205.101 3.66.205.101	16509 (AMAZON-02) (AMAZON-02)
55	10

2 2a00:1450:4001:800::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.nicholstaxservice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh5.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
1056765279-atari-embeds.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh4.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh6.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh4.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lh5.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.66.205.101 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-205-101.eu-central-1.compute.amazonaws.com

cdn.ageras.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	googleusercontent.com lh5.googleusercontent.com lh3.googleusercontent.com lh4.googleusercontent.com lh6.googleusercontent.com 1056765279-atari-embeds.googleusercontent.com	6 MB
14	gstatic.com www.gstatic.com fonts.gstatic.com	780 KB
8	ageras.com cdn.ageras.com	207 KB
8	google.com apis.google.com	152 KB
3	googleapis.com fonts.googleapis.com	3 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	nicholstaxservice.com www.nicholstaxservice.com	17 KB
1	googletagmanager.com www.googletagmanager.com	40 KB
55	8

	Domain	Requested by
8	cdn.ageras.com	1056765279-atari-embeds.googleusercontent.com cdn.ageras.com
8	apis.google.com	www.nicholstaxservice.com apis.google.com www.gstatic.com 1056765279-atari-embeds.googleusercontent.com
7	fonts.gstatic.com	fonts.googleapis.com
7	www.gstatic.com	www.nicholstaxservice.com www.gstatic.com
6	lh5.googleusercontent.com	www.nicholstaxservice.com
5	lh4.googleusercontent.com	www.nicholstaxservice.com
4	lh3.googleusercontent.com	www.nicholstaxservice.com
3	fonts.googleapis.com	www.nicholstaxservice.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.nicholstaxservice.com	www.gstatic.com
1	1056765279-atari-embeds.googleusercontent.com	www.gstatic.com
1	lh6.googleusercontent.com	www.nicholstaxservice.com
1	www.googletagmanager.com	www.nicholstaxservice.com
55	13

This site contains links to these domains. Also see Links.

Domain
www.google.com
g.page

Subject Issuer	Validity	Valid
www.nicholstaxservice.com GTS CA 1D4	`2021-06-22` - `2021-09-20`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
api.ageras.com Amazon	`2021-02-07` - `2022-03-08`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.nicholstaxservice.com/
Frame ID: C37F0932A255E11B8AE2C04500D6F597
Requests: 39 HTTP requests in this frame

Frame: https://www.gstatic.com/atari/embeds/5de913a2354e93acf4d43c4db53928e5/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__&r=103811847
Frame ID: B8895F97A9EA6E7D160F6E5DD330C3E8
Requests: 3 HTTP requests in this frame

Frame: https://www.gstatic.com/atari/embeds/5de913a2354e93acf4d43c4db53928e5/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__&r=766027443
Frame ID: EFFAFE78427660B0CF993B6FFE5BFBB0
Requests: 2 HTTP requests in this frame

Frame: https://1056765279-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__
Frame ID: EDA5707269474A75668E90CB9BB09045
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ageras.com/api/rating-widget?partner_id=226605&review_count=undefined&width=220&height=190
Frame ID: CC9979D957B817616FB0954FB7DFDB68
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NTAPSINC.COM

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

55
Requests

100 %
HTTPS

90 %
IPv6

8
Domains

13
Subdomains

10
IPs

1
Countries

7840 kB
Transfer

10146 kB
Size

0
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://www.google.com/url?q=http%3A%2F%2Fwww.facebook.com%2Fntapsinc&sa=D&sntz=1&usg=AFQjCNE8AtjRPmjyxEdKggDiyAGiDRecpw

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https%3A%2F%2Fwww.yelp.com%2Fbiz%2Fntaps-inc-hagerstown&sa=D&sntz=1&usg=AFQjCNGWcgbRI5ar4qGtvKC50CU7c12uww

Search URL Search Domain Scan URL

URL: https://g.page/r/CT3VQPrQMP-bEAg/review

Search URL Search Domain Scan URL

URL: http://www.google.com/url?q=http%3A%2F%2Flinkedin.com%2Fcompany%2Fntapsinc&sa=D&sntz=1&usg=AFQjCNEcSSxu-_GSGg7O0840jdOzIvPJgA

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https%3A%2F%2Ffirmvid.resourcesforclients.com%2F24zcXGYaGJQh&sa=D&sntz=1&usg=AFQjCNGtLa6unbieOQYrue9QxjKIgOWz_g
Title: NTAPS Inc.: Firm VideoThe Deep End: Peace of mind or hassle with tax code... There is help. Just a click away.

Search URL Search Domain Scan URL

URL: https://www.google.com/url?q=https%3A%2F%2Fwww3.mydocsonline.com%2Fcuploadcustom.aspx%3Fid%3Drefund&sa=D&sntz=1&usg=AFQjCNH_XyYUXvB0HYtkhCbFkiFbol_-Gg
Title: Upload Documents

Search URL Search Domain Scan URL

URL: http://www.google.com/url?q=http%3A%2F%2Fcash.app%2F%24brendasuenichols&sa=D&sntz=1&usg=AFQjCNFajecDMOPK187pYY1LJZb3UYe9GQ
Title: CASH APP

Search URL Search Domain Scan URL

URL: http://www.google.com/url?q=http%3A%2F%2Fwww.freshbooks.com&sa=D&sntz=1&usg=AFQjCNGyblASIJ7dzjKjKxVAfObGotoSng
Title: Account Log In

Search URL Search Domain Scan URL

URL: http://www.google.com/url?q=http%3A%2F%2Fwww.gusto.com&sa=D&sntz=1&usg=AFQjCNHYC3u0wwynd4qzG5NGUYGtYPTXlQ
Title: Employee Log In

Search URL Search Domain Scan URL

URL: https://www.google.com/policies/technologies/cookies/
Title: Learn more

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.nicholstaxservice.com/ 87 KB
17 KB 256ms
184ms Document
text/html 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nicholstaxservice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3b7324ea3ca092b7253ecee80cfd1e9b16766832816b18324f37eb8f5646bab3

Security Headers

Name	Value
Content-Security-Policy	base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-ddcFFhLe4yN0vTAH8pxEeA' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.nicholstaxservice.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 20 Aug 2021 22:55:11 GMT
content-security-policy: base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-ddcFFhLe4yN0vTAH8pxEeA' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
referrer-policy: strict-origin-when-cross-origin
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
content-encoding: gzip

GET
H2 200 css
fonts.googleapis.com/ 7 KB
789 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat%3A400%2C700%7CBitter%3A400%2C700&display=swap

Requested by

Host: www.nicholstaxservice.com
URL: https://www.nicholstaxservice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5428ad914b27b7f73e24c680f1b109344b6d47dcbe96be249bf219fc22ed4ccb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.nicholstaxservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 22:55:11 GMT
server: ESF
date: Fri, 20 Aug 2021 22:55:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Aug 2021 22:55:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 16 KB
1 KB 19ms
18ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap

Requested by

Host: www.nicholstaxservice.com
URL: https://www.nicholstaxservice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3fec95990c1c40e6e40b4ff79f016733cc50d45730338e25f7e675703c94994

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.nicholstaxservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 20:58:39 GMT
server: ESF
date: Fri, 20 Aug 2021 22:55:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Aug 2021 22:55:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
960 B 29ms
28ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Amatic%20SC%3Ai%2Cbi%2C700%2C400%7CBitter%3Ai%2Cbi%2C700%2C400%7CDancing%20Script%3Ai%2Cbi%2C700%2C400&display=swap

Requested by

Host: www.nicholstaxservice.com
URL: https://www.nicholstaxservice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d8c00612ad389d50b09dc5b8e7e9239a034b2d025041195a54db03394cacff91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.nicholstaxservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 22:55:11 GMT
server: ESF
date: Fri, 20 Aug 2021 22:55:11 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 20 Aug 2021 22:55:11 GMT

GET
H2 200 rs=AGEqA5l_ER5V5zjKJkO-mEFmU1HMjkf-kg
www.gstatic.com/_/atari/_/ss/k=atari.vw.nYFsnlmEynw.L.W.O/d=1/ 535 KB
82 KB 7ms
7ms Stylesheet
text/css 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/ss/k=atari.vw.nYFsnlmEynw.L.W.O/d=1/rs=AGEqA5l_ER5V5zjKJkO-mEFmU1HMjkf-kg

Requested by

Host: www.nicholstaxservice.com
URL: https://www.nicholstaxservice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aaaf6a9a9aef8fa013a99f4f7b62a38ace0c670894693abf70d03dc703baa290

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nicholstaxservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 16:47:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194849
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83724
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 12:38:13 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 16:47:42 GMT

GET
H2 200 client.js Show response
apis.google.com/js/ 13 KB
5 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/client.js?onload=gapiLoaded

Requested by

Host: www.nicholstaxservice.com
URL: https://www.nicholstaxservice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f203e6b9cfb235fde8176f0c5bb4eff8e67b23071b888c9f8cd3e681b02313ec

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eMHwPX3eJy2Ak8k8Lr3ggA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.nicholstaxservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:55:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "ae5b2a2a94a79f80d224ff8075488e15"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-eMHwPX3eJy2Ak8k8Lr3ggA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Fri, 20 Aug 2021 22:55:11 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
40 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-199985514-1

Requested by

Host: www.nicholstaxservice.com
URL: https://www.nicholstaxservice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

073d6d465c3a1aac90711ec62fe58edf02a2c68451ee035f053a912ed7284421

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.nicholstaxservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:55:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41044
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 20 Aug 2021 22:55:11 GMT

GET
H2 200 GgIabfnl_Gl_KIFgTwT8E34qphV0xviJC1D9DrSTzyXN0Up4rOAZ3-8ahvqkbj7sqpqnN6bxArX-hqBTRvHSiiM=w16383
lh5.googleusercontent.com/ 64 KB
64 KB 207ms
196ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/GgIabfnl_Gl_KIFgTwT8E34qphV0xviJC1D9DrSTzyXN0Up4rOAZ3-8ahvqkbj7sqpqnN6bxArX-hqBTRvHSiiM=w16383

Requested by

Host: www.nicholstaxservice.com
URL: https://www.nicholstaxservice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

54c4202327610e345a131f5e24041c0d7d9615be8d93a1b9b9affa76e862a17f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nicholstaxservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:55:11 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Logo NTAPS.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65568
x-xss-protection: 0
expires: Sat, 21 Aug 2021 22:55:11 GMT

GET
H2 200 cbroXWpUBek2j7CEA0mD7xOLU-XWYRqIHQoviCe8xoiADBP7f3kZntbHcAgpumS0MSjsFLDv_0GOVMA85ExM19NPhgeEMCkvF4Wq1w3sy7sRVPGSAo1Tdh_DLqkuJqewcg=w1280
lh3.googleusercontent.com/ 170 KB
170 KB 165ms
154ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/cbroXWpUBek2j7CEA0mD7xOLU-XWYRqIHQoviCe8xoiADBP7f3kZntbHcAgpumS0MSjsFLDv_0GOVMA85ExM19NPhgeEMCkvF4Wq1w3sy7sRVPGSAo1Tdh_DLqkuJqewcg=w1280

Requested by

Host: www.nicholstaxservice.com
URL: https://www.nicholstaxservice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4dc75c2fa32bf07432856aacfeadf412e837c25e872d628b3e9099d080f000a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nicholstaxservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:55:11 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="kaboompics_2021 planner - organizer - calendar - money - calculator.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 174272
x-xss-protection: 0
expires: Sat, 21 Aug 2021 22:55:11 GMT

GET
H2 200 SaJ5lasKqg6bdb1sMbTfdAWSpMhF7M4tbKtQVgZNmZiiEODoidFtCJgObEHmA_mU31BZJ8hggzrqH_T3NvO61Zh51LLz7A6mPfl_A5x5g12KdQqSgw0hqoeEWF-ewaQgyw=w1280
lh3.googleusercontent.com/ 64 KB
64 KB 239ms
229ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/SaJ5lasKqg6bdb1sMbTfdAWSpMhF7M4tbKtQVgZNmZiiEODoidFtCJgObEHmA_mU31BZJ8hggzrqH_T3NvO61Zh51LLz7A6mPfl_A5x5g12KdQqSgw0hqoeEWF-ewaQgyw=w1280

Requested by

Host: www.nicholstaxservice.com
URL: https://www.nicholstaxservice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3c894c2e1b6d7b8e163e99b46b06689d10acbe5e3688152745890f8c7c817adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nicholstaxservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:55:11 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Logo NTAPS.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65554
x-xss-protection: 0
expires: Sat, 21 Aug 2021 22:55:11 GMT

GET
H2 200 uXLx-FW151QMT9aYHLxQMM4rjQZhAtx6KoZ3VGC3cXIQhCMfX3QHAIARdx8K7AV9ZytxZGKWLH_dg6PMvMi_pddoXTp8ywrfJ_xM14yGEBlznZu4oU5wUTLMOb8GgpivnA=w1280
lh3.googleusercontent.com/ 292 KB
293 KB 258ms
247ms Image
image/jpeg 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/uXLx-FW151QMT9aYHLxQMM4rjQZhAtx6KoZ3VGC3cXIQhCMfX3QHAIARdx8K7AV9ZytxZGKWLH_dg6PMvMi_pddoXTp8ywrfJ_xM14yGEBlznZu4oU5wUTLMOb8GgpivnA=w1280

Requested by

Host: www.nicholstaxservice.com
URL: https://www.nicholstaxservice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ac3136273dfafb59fa824e02c6618cb1def68fe3c725771ff806427de8e6ac62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nicholstaxservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:55:11 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="kaboompics_School supplies used in math class, geometry or science.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 299474
x-xss-protection: 0
expires: Sat, 21 Aug 2021 22:55:11 GMT

GET
H2 200 KASgyLfStnHztU429oM3hSuccSsDZECs2JLTKRzoBwls2hwclO2GBnZO6vASK5WOYLdqTW7ntZjvh-jXhdP8K2VYzEVXHmbfIwIwokOMm8tduCAgvPZhfYrt7kmW2tDwZg=w1280
lh4.googleusercontent.com/ 14 KB
14 KB 207ms
196ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/KASgyLfStnHztU429oM3hSuccSsDZECs2JLTKRzoBwls2hwclO2GBnZO6vASK5WOYLdqTW7ntZjvh-jXhdP8K2VYzEVXHmbfIwIwokOMm8tduCAgvPZhfYrt7kmW2tDwZg=w1280

Requested by

Host: www.nicholstaxservice.com
URL: https://www.nicholstaxservice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

94e72fcfc7bffc99bd50a4a86b8d645bcc39269a85247c2f8d9b8457f06d3f67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nicholstaxservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:55:11 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="WhatsApp_Business_icon.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14329
x-xss-protection: 0
expires: Sat, 21 Aug 2021 22:55:11 GMT

GET
H2 200 d2I59MtRXcq3o_fCTCAFuSXLQMns84jRM_Ovg_DrwhjvZbwo9Q23AnN80zRtlv7354joRiCeU8fpf26bE2_o4OzWR0h0MzJnhrCH3fYb0mrMzd1Vyc5iNPHLTFdGE9q6zg=w1280
lh3.googleusercontent.com/ 18 KB
18 KB 276ms
266ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/d2I59MtRXcq3o_fCTCAFuSXLQMns84jRM_Ovg_DrwhjvZbwo9Q23AnN80zRtlv7354joRiCeU8fpf26bE2_o4OzWR0h0MzJnhrCH3fYb0mrMzd1Vyc5iNPHLTFdGE9q6zg=w1280

Requested by

Host: www.nicholstaxservice.com
URL: https://www.nicholstaxservice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

266a9da93ad98f5b3d67b5ab23be412fd9e43ebb756fdb703fc8ac7a946ef636

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nicholstaxservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:55:11 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="993px-Facebook_Thumb_icon.svg.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18258
x-xss-protection: 0
expires: Sat, 21 Aug 2021 22:55:11 GMT

GET
H2 200 GmHaWC98P5fFQJU53zm3Ke-2gLomgfw_ytoZcZf_vG2DmAtkbh4eGJXC8Aevkhm6rFeem7youjX5q20Ch3EH35Mk773uepxCiRyEMEcWUjuMtshRabJbBAlGLFwZQszFCg=w1280
lh5.googleusercontent.com/ 100 KB
100 KB 160ms
150ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/GmHaWC98P5fFQJU53zm3Ke-2gLomgfw_ytoZcZf_vG2DmAtkbh4eGJXC8Aevkhm6rFeem7youjX5q20Ch3EH35Mk773uepxCiRyEMEcWUjuMtshRabJbBAlGLFwZQszFCg=w1280

Requested by

Host: www.nicholstaxservice.com
URL: https://www.nicholstaxservice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fc9b382729550d6a6d0d4e9f5ae657405fa51d570fba4adca83c1a1c38cc3063

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nicholstaxservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:55:11 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="1280px-Yelp_Logo.svg.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102111
x-xss-protection: 0
expires: Sat, 21 Aug 2021 22:55:11 GMT

GET
H2 200 hjcWrsJZ9dqP9zCayNX2rp881xSjIN4cZKJ62H0lylDRkvB2giqEeLKkLbKNgcqlrEl8pT-IZegjHaUmT3YDUSXzhXawErzCwkf5kKWldh0smq6a-m9AZQnalz952QfGGg=w1280
lh6.googleusercontent.com/ 70 KB
70 KB 207ms
197ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh6.googleusercontent.com/hjcWrsJZ9dqP9zCayNX2rp881xSjIN4cZKJ62H0lylDRkvB2giqEeLKkLbKNgcqlrEl8pT-IZegjHaUmT3YDUSXzhXawErzCwkf5kKWldh0smq6a-m9AZQnalz952QfGGg=w1280

Requested by

Host: www.nicholstaxservice.com
URL: https://www.nicholstaxservice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

281093fa0cfff361f3f29d7b2129906f88b8feae7f9fd56bd5cb99b1d64a4799

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nicholstaxservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:55:11 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="google-2172744_960_720.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71587
x-xss-protection: 0
expires: Sat, 21 Aug 2021 22:55:11 GMT

GET
H2 200 oRNDJEAJ5PjuMROo1XNCazRbcQltt1zeMJmS9P4_KpQY6CZ4Q8uO-wvIJab1gGcDdjZm9sb-fCXEySCWt4LJb0FKp0Fe_OZOOYLZcrdUUUoDBLBtztdk0vG2gQ6rdbr4PQ=w1280
lh4.googleusercontent.com/ 8 KB
8 KB 227ms
218ms Image
image/png 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/oRNDJEAJ5PjuMROo1XNCazRbcQltt1zeMJmS9P4_KpQY6CZ4Q8uO-wvIJab1gGcDdjZm9sb-fCXEySCWt4LJb0FKp0Fe_OZOOYLZcrdUUUoDBLBtztdk0vG2gQ6rdbr4PQ=w1280

Requested by

Host: www.nicholstaxservice.com
URL: https://www.nicholstaxservice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6e957a4f7bf818215dbc64f681303dca66772b9ba8116d5e82d7c7f55d969401

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nicholstaxservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:55:11 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="LinkedIn_logo_initials.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8203
x-xss-protection: 0
expires: Sat, 21 Aug 2021 22:55:11 GMT

GET
H2 200 wM-CxNay-IOZn6ubikojyzpaWm-JTNaqktPdhxq9SUWmFyYCfqFM_8SIOLWmfpUe6EjISgVhWpCJ93j66vGnTLbmB5RSae0anktLAsivqNkuHXQwwiZPe2FQGVjU
lh5.googleusercontent.com/proxy/ 184 KB
185 KB 18ms
17ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/proxy/wM-CxNay-IOZn6ubikojyzpaWm-JTNaqktPdhxq9SUWmFyYCfqFM_8SIOLWmfpUe6EjISgVhWpCJ93j66vGnTLbmB5RSae0anktLAsivqNkuHXQwwiZPe2FQGVjU

Requested by

Host: www.nicholstaxservice.com
URL: https://www.nicholstaxservice.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

544fe3e44455fe319cf8ebe59c346442735149460d6a1e325cdb1b4dcdb3cf20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nicholstaxservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:55:11 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 188887
x-xss-protection: 0
expires: Sat, 21 Aug 2021 22:55:11 GMT

GET
H3-29 200 -h4c8-9xGJumX5yXgR6frjoYz8iTHf-2ED1ZLT2aZmiWey45Amq-pxPpR6d3gzbBMBoq4TFu0p8g7yMYKEDsbrY=w16383
lh4.googleusercontent.com/ 1 MB
1 MB 188ms
168ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/-h4c8-9xGJumX5yXgR6frjoYz8iTHf-2ED1ZLT2aZmiWey45Amq-pxPpR6d3gzbBMBoq4TFu0p8g7yMYKEDsbrY=w16383

Requested by

Host: www.nicholstaxservice.com
URL: https://www.nicholstaxservice.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3f9f824665f42da041cd3431e7272c3af19142ce1b16526fa77d9fd0fc6ca9b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nicholstaxservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:55:11 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="imgbin_customer-service-representative-technical-support-png.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1463544
x-xss-protection: 0
expires: Sat, 21 Aug 2021 22:55:11 GMT

GET
H3-29 200 0oxz82Mt-mBu2hxG6_oeyavOmO42bde_yoEj240AE6zRjz-YarQSwA24nwwdVmLztIg9PyyzTqRYw_U4gwgddoc=w16383
lh4.googleusercontent.com/ 307 KB
307 KB 248ms
228ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/0oxz82Mt-mBu2hxG6_oeyavOmO42bde_yoEj240AE6zRjz-YarQSwA24nwwdVmLztIg9PyyzTqRYw_U4gwgddoc=w16383

Requested by

Host: www.nicholstaxservice.com
URL: https://www.nicholstaxservice.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

d05c294679ece9813cb8d6c94772cd5775eb015b5cae4604bbfc148e7cf27938

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nicholstaxservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:55:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="imgbin_customer-service-representative-stock-photography-call-centre-png.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313900
x-xss-protection: 0
expires: Sat, 21 Aug 2021 22:55:12 GMT

GET
H3-29 200 8MjVSrZRG7XCaTvT7DzyfuUZFwHijWG9kg4jvtdvHGVRr7r9GbBrPLpQZXLQjtle1qKAvTrEdhzOLRKS07IRaaE=w16383
lh4.googleusercontent.com/ 3 MB
3 MB 2291ms
2271ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh4.googleusercontent.com/8MjVSrZRG7XCaTvT7DzyfuUZFwHijWG9kg4jvtdvHGVRr7r9GbBrPLpQZXLQjtle1qKAvTrEdhzOLRKS07IRaaE=w16383

Requested by

Host: www.nicholstaxservice.com
URL: https://www.nicholstaxservice.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b8c96a08fc8a5bbda6a433a03cc35ae86de131e88559b6c667c306eee6aa5765

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nicholstaxservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:55:14 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="imgbin_telephone-call-mobile-phones-my-international-family-microphone-png.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3005501
x-xss-protection: 0
expires: Sat, 21 Aug 2021 22:55:14 GMT

GET
H3-29 200 r4Iq0IL60j_e3_FoNF7Qhhm2giCY2xp6dGtia5WjIREcWUHCqWFvCfWf30-c8lZ9L2eFud1COhud4sI4BvexaA=w16383
lh5.googleusercontent.com/ 529 KB
529 KB 244ms
224ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/r4Iq0IL60j_e3_FoNF7Qhhm2giCY2xp6dGtia5WjIREcWUHCqWFvCfWf30-c8lZ9L2eFud1COhud4sI4BvexaA=w16383

Requested by

Host: www.nicholstaxservice.com
URL: https://www.nicholstaxservice.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b85bc775708921669d66fdcb6c88ca0c57803fad4a43aaeee66adc6202c23a1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nicholstaxservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:55:12 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="imgbin_customer-service-representative-technical-support-png (2).png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 541195
x-xss-protection: 0
expires: Sat, 21 Aug 2021 22:55:12 GMT

GET
H3-29 200 m=view Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.J4lr_7vv6-w.O/d=1/rs=AGEqA5mOPtLQYReHOtfkDolm9HjloBT73g/ 492 KB
166 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.J4lr_7vv6-w.O/d=1/rs=AGEqA5mOPtLQYReHOtfkDolm9HjloBT73g/m=view

Requested by

Host: www.nicholstaxservice.com
URL: https://www.nicholstaxservice.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e37128de6210ed94b78c26b6a2e10f1916097883648ecb92fa31748ee84ea8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nicholstaxservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 06:18:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146188
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170223
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 12:38:13 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 06:18:43 GMT

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/ 312 KB
106 KB 21ms
15ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/cb=gapi.loaded_0?le=ili,ipu

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d52aa5614f8b75142f9fee208d69dad6a137508c23cc56026ed9f71d04231106

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nicholstaxservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 08:48:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 137227
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108601
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 13:43:54 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 08:48:04 GMT

GET
H3-29 200 N3hQUZ8Iv3xsb-MgGVgXNkfN1yLOF5t94veDvIs8L3pCO31K5WeEdiAG16sjDJbhF3kSArtCVU3wunGRUmi6fnQ=w16383
lh5.googleusercontent.com/ 246 KB
246 KB 195ms
175ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/N3hQUZ8Iv3xsb-MgGVgXNkfN1yLOF5t94veDvIs8L3pCO31K5WeEdiAG16sjDJbhF3kSArtCVU3wunGRUmi6fnQ=w16383

Requested by

Host: www.nicholstaxservice.com
URL: https://www.nicholstaxservice.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

5a63a10e8a8e5d4f239826cfd2f1d2f3a2bb76fd777f28df1749917f0d939b04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nicholstaxservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:55:11 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="15025908560_0d5fccf946_b.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 251505
x-xss-protection: 0
expires: Sat, 21 Aug 2021 22:55:11 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 9ms
5ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.nicholstaxservice.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 18:26:24 GMT
x-content-type-options: nosniff
age: 361727
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 18:26:24 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 19 KB
19 KB 14ms
12ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C700%7CBitter%3A400%2C700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.nicholstaxservice.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 00:32:15 GMT
x-content-type-options: nosniff
age: 339776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19844
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:10 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 00:32:15 GMT

GET
H2 200 rax8HiqOu8IVPmn7f4xp.woff2
fonts.gstatic.com/s/bitter/v19/ 30 KB
30 KB 13ms
11ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bitter/v19/rax8HiqOu8IVPmn7f4xp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C700%7CBitter%3A400%2C700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebb47fd79ee856806fec5c85f947b3a908cbe3cfef92099fa4c9b481f092f6f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.nicholstaxservice.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 19:36:19 GMT
x-content-type-options: nosniff
age: 271132
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30792
x-xss-protection: 0
last-modified: Tue, 29 Jun 2021 23:04:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 19:36:19 GMT

GET
H2 200 TUZ3zwprpvBS1izr_vOMscGKfrUC.woff2
fonts.gstatic.com/s/amaticsc/v16/ 25 KB
25 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/amaticsc/v16/TUZ3zwprpvBS1izr_vOMscGKfrUC.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Amatic%20SC%3Ai%2Cbi%2C700%2C400%7CBitter%3Ai%2Cbi%2C700%2C400%7CDancing%20Script%3Ai%2Cbi%2C700%2C400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ebc98833e016145f284909f23e1ed94b58b07899d6fe98e09a2df95e90323a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.nicholstaxservice.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 09:36:42 GMT
x-content-type-options: nosniff
age: 307109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25784
x-xss-protection: 0
last-modified: Wed, 24 Mar 2021 17:43:32 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 09:36:42 GMT

GET
H2 200 If2RXTr6YS-zF4S-kcSWSVi_szLgiuE.woff2
fonts.gstatic.com/s/dancingscript/v16/ 42 KB
42 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dancingscript/v16/If2RXTr6YS-zF4S-kcSWSVi_szLgiuE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Amatic%20SC%3Ai%2Cbi%2C700%2C400%7CBitter%3Ai%2Cbi%2C700%2C400%7CDancing%20Script%3Ai%2Cbi%2C700%2C400&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

761b9d059d3eb80fd96d0535cbdd8d4fbb051191f7b797bf205810414c9db18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.nicholstaxservice.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 16 Aug 2021 17:54:55 GMT
x-content-type-options: nosniff
age: 363616
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42500
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 22:44:08 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 Aug 2022 17:54:55 GMT

GET
H3-29 200 KrePJ9Q-WMCAHhotz6nGQo7VSgnqa4FGRIoeI9EKvyiZMW8xSOPK_n53K5vJYo23XcPxenXehCW93lxg6SaHw2Q=w16383
lh5.googleusercontent.com/ 187 KB
187 KB 182ms
162ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh5.googleusercontent.com/KrePJ9Q-WMCAHhotz6nGQo7VSgnqa4FGRIoeI9EKvyiZMW8xSOPK_n53K5vJYo23XcPxenXehCW93lxg6SaHw2Q=w16383

Requested by

Host: www.nicholstaxservice.com
URL: https://www.nicholstaxservice.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

938544bcf8e17edf762c41a16217f651b2ea2625263e2efcb93551f77edb6fcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nicholstaxservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:55:11 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="XB1MQdOjVCu86xGOdq0Tt9qYQTMCZHNSe8FBicFzHd5weWUuolIXTZsMZkkHyn9-l5KvWctQ6c0=s0.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191639
x-xss-protection: 0
expires: Sat, 21 Aug 2021 22:55:11 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ 16 KB
16 KB 10ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans:400,500|Roboto:300,400,500,700|Source+Code+Pro:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.nicholstaxservice.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 17:17:27 GMT
x-content-type-options: nosniff
age: 279464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 17:17:27 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 20 KB
20 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat%3A400%2C700%7CBitter%3A400%2C700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.nicholstaxservice.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 00:31:26 GMT
x-content-type-options: nosniff
age: 339825
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20040
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:20:44 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 17 Aug 2022 00:31:26 GMT

POST
H2 200 logImpressions Show response
www.nicholstaxservice.com/_/view/ 16 B
199 B 182ms
182ms XHR
application/json 2a00:1450:4001:800::2013
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nicholstaxservice.com/_/view/logImpressions?authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.J4lr_7vv6-w.O/d=1/rs=AGEqA5mOPtLQYReHOtfkDolm9HjloBT73g/m=view

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-fetch-mode: cors
origin: https://www.nicholstaxservice.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
content-length: 2669
:path: /_/view/logImpressions?authuser=0
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded;charset=UTF-8
accept: */*
cache-control: no-cache
:authority: www.nicholstaxservice.com
referer: https://www.nicholstaxservice.com/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://www.nicholstaxservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 22:55:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m=MpJwZc,n73qwf,A4UTCb,qAKInc,syx,TGYpv,kbkrpd,X85Uvc,HIeYee,QxOCld,syp,YXyON,sy15,abQiW,W26a5e,syu,syz,syv,syw,syy,fuVYe,hJUyqe,NpD4ec,qEW1W,oNFsLb,ruhlUe,KUM7Z,syq,qkPXAf,sys,syt,zPx2U,YLQSd,sy2,... Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.J4lr_7vv6-w.O/d=0/rs=AGEqA5mOPtLQYReHOtfkDolm9HjloBT73g/ 1 MB
346 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.J4lr_7vv6-w.O/d=0/rs=AGEqA5mOPtLQYReHOtfkDolm9HjloBT73g/m=MpJwZc,n73qwf,A4UTCb,qAKInc,syx,TGYpv,kbkrpd,X85Uvc,HIeYee,QxOCld,syp,YXyON,sy15,abQiW,W26a5e,syu,syz,syv,syw,syy,fuVYe,hJUyqe,NpD4ec,qEW1W,oNFsLb,ruhlUe,KUM7Z,syq,qkPXAf,sys,syt,zPx2U,YLQSd,sy2,sy7,yyxWAc,sy2h,sy2i,sy2j,xQtZb,yf2Bs,PQmzu,rHjpXd,sy1a,fNFZH,Md9ENb,sy10,sy18,sy1r,sy1q,sy17,syn,syo,sy1w,NlqxW,sy19,sy1k,sy2x,sy38,sy1y,sy3,sy37,sy39,sy3a,sy3c,sy1x,sy35,sy3e,sy1u,sy1t,sy3b,sy3d,sy3f,sy36,sy3j,sy3g,T807ad,sy1v,ZDEHrf,sy26,sy3h,sy3i,sy1z,syf,Yr1Pcb,LUQjOd,J9ssyb,SB123c,UubMM,YoEZUb,JKfHhb,DJtOxf,pA2mAb,gypOCd,X4FC5,kYfebb,XMtvld,rrOIJc,ZdZQ6b,Euz7Lc,sAbmxd,sy16,sy1b,sy1c,sy1d,sy1e,sy1f,sy1g,UYjpC,vVEdxc,sy2g,SM1lmd,sy6,sy5,sym,RRzQxe,sy8,sya,sy9,RrXLpc,VYKRW,syr,CG0Qwb,syb,sy2n,syc,cgRV2c,syl,o1L5Wb,X4BaPc,zZvHmd,YV8yqd,RZ9OZ,N0NZx,szRU7e

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.J4lr_7vv6-w.O/d=1/rs=AGEqA5mOPtLQYReHOtfkDolm9HjloBT73g/m=view

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f9d0f15ff18a56f82533f44eb3487fa4e730c67277e168dd074e16f23b40d87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nicholstaxservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 07:30:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 314662
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 354046
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 12:38:13 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Aug 2022 07:30:50 GMT

GET
H3-29 200 m=pB6Zqd,sy29,IZT63,SF3gsd,vfuNJf,sy25,sy23,sy2a,O8k1Cd,sy2k,siKnQd,sy24,sy28,sy2e,YNjGDd,sy2d,sy2f,PrPYRd,xs1Gy,hc6Ubd,o02Jie,SpsfSb,sy14,sy20,sy2l,zbML3c Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.J4lr_7vv6-w.O/d=0/rs=AGEqA5mOPtLQYReHOtfkDolm9HjloBT73g/ 26 KB
9 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.J4lr_7vv6-w.O/d=0/rs=AGEqA5mOPtLQYReHOtfkDolm9HjloBT73g/m=pB6Zqd,sy29,IZT63,SF3gsd,vfuNJf,sy25,sy23,sy2a,O8k1Cd,sy2k,siKnQd,sy24,sy28,sy2e,YNjGDd,sy2d,sy2f,PrPYRd,xs1Gy,hc6Ubd,o02Jie,SpsfSb,sy14,sy20,sy2l,zbML3c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.J4lr_7vv6-w.O/d=1/rs=AGEqA5mOPtLQYReHOtfkDolm9HjloBT73g/m=view

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8874ca998746e2309084735b33c531a28f0d513d867dc02f26701ced5d67ef81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nicholstaxservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 18 Aug 2021 19:52:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183752
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9659
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 12:38:13 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 18 Aug 2022 19:52:40 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 12ms
8ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-199985514-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nicholstaxservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 4718
date: Fri, 20 Aug 2021 21:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Fri, 20 Aug 2021 23:36:34 GMT

GET
H3-29 200 m=Y9atKf,NTMZac,sy2y,gJzDyc,sy31,uY3Nvd,syh,syj,HYv29e Show response
www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.J4lr_7vv6-w.O/d=0/rs=AGEqA5mOPtLQYReHOtfkDolm9HjloBT73g/ 19 KB
7 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.J4lr_7vv6-w.O/d=0/rs=AGEqA5mOPtLQYReHOtfkDolm9HjloBT73g/m=Y9atKf,NTMZac,sy2y,gJzDyc,sy31,uY3Nvd,syh,syj,HYv29e

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.J4lr_7vv6-w.O/d=1/rs=AGEqA5mOPtLQYReHOtfkDolm9HjloBT73g/m=view

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb21b7a9ab772feadc0180a1ce5715de567225eee752e4c20882da2dee898bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nicholstaxservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 17 Aug 2021 07:30:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 314662
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7087
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 12:38:13 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Aug 2022 07:30:50 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 13ms
13ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=92811791&t=pageview&_s=1&dl=https%3A%2F%2Fwww.nicholstaxservice.com%2F&ul=en-us&de=UTF-8&dt=NTAPSINC.COM&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1185135823&gjid=1136006657&cid=712134204.1629500112&tid=UA-199985514-1&_gid=683107080.1629500112&_r=1&gtm=2ou8i0&did=dZWRiYj&z=1654060091

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nicholstaxservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 20 Aug 2021 22:55:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.nicholstaxservice.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/ 214 B
506 B 6ms
6ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=gapi_rpc/exm=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/cb=gapi.loaded_1?le=ili,ipu

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gapiLoaded

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96570ac50bb0a1b9a4a2d45575b98c1ede2ab78c6ad5932d1517d3b4f961aecb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nicholstaxservice.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:56:19 GMT
vary: Accept-Encoding, Origin
last-modified: Wed, 07 Jul 2021 13:43:54 GMT
server: sffe
x-content-type-options: nosniff
age: 122333
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 214
x-xss-protection: 0
expires: Fri, 19 Aug 2022 12:56:19 GMT

GET
H2 200 intermediate-frame-minified.html Show response
www.gstatic.com/atari/embeds/5de913a2354e93acf4d43c4db53928e5/ Frame B889 2 KB
1 KB 66ms
48ms Document
text/html 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/atari/embeds/5de913a2354e93acf4d43c4db53928e5/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__&r=103811847

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.J4lr_7vv6-w.O/d=1/rs=AGEqA5mOPtLQYReHOtfkDolm9HjloBT73g/m=view

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8436deda167997143cf3a97b1fc3077530530f0df46f28b7dc4da849b066be4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.gstatic.com
:scheme: https
:path: /atari/embeds/5de913a2354e93acf4d43c4db53928e5/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__&r=103811847
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nicholstaxservice.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.nicholstaxservice.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 967
date: Fri, 20 Aug 2021 22:55:12 GMT
expires: Sat, 20 Aug 2022 22:55:12 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 20 Aug 2021 12:28:12 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 intermediate-frame-minified.html Show response
www.gstatic.com/atari/embeds/5de913a2354e93acf4d43c4db53928e5/ Frame EFFA 2 KB
1 KB 59ms
49ms Document
text/html 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/atari/_/js/k=atari.vw.en_US.J4lr_7vv6-w.O/d=1/rs=AGEqA5mOPtLQYReHOtfkDolm9HjloBT73g/m=view

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8436deda167997143cf3a97b1fc3077530530f0df46f28b7dc4da849b066be4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.gstatic.com
:scheme: https
:path: /atari/embeds/5de913a2354e93acf4d43c4db53928e5/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__&r=766027443
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.nicholstaxservice.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.nicholstaxservice.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 967
date: Fri, 20 Aug 2021 22:55:12 GMT
expires: Sat, 20 Aug 2022 22:55:12 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 20 Aug 2021 12:28:12 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 api.js Show response
apis.google.com/js/ Frame B889 13 KB
5 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js?checkCookie=1

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/5de913a2354e93acf4d43c4db53928e5/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__&r=103811847

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

69b048aad39501367ac74056ac24390b7d7dc941aa6cb26f0a3592c93ab2ba6d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TDNPjXtrLrPBGtsHtUYE6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:55:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "4181f9f591e91ab50320036c553de5db"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-TDNPjXtrLrPBGtsHtUYE6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Fri, 20 Aug 2021 22:55:12 GMT

GET
H3-29 403 api.js
apis.google.com/js/ Frame EFFA 0
0 525ms
524ms Script
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apis.google.com/js/api.js?checkCookie=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/atari/embeds/5de913a2354e93acf4d43c4db53928e5/intermediate-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__&r=766027443
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/ Frame B889 43 KB
15 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/cb=gapi.loaded_0?le=ili,ipu

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef030af54dfe95ff6a88c9b558c3ecc39dfe7af4e7e899b7665dde117c4e2282

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122305
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15508
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 13:43:54 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 12:56:47 GMT

GET
H2 200 inner-frame-minified.html Show response
1056765279-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/ Frame EDA5 2 KB
1 KB 48ms
14ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1056765279-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80e142904c9feeca9d8c64af55dabfda8032b2ac29fc26ca11d59aa1abddc6ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 1056765279-atari-embeds.googleusercontent.com
:scheme: https
:path: /embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gstatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.gstatic.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 915
date: Fri, 20 Aug 2021 22:55:12 GMT
expires: Sat, 20 Aug 2022 22:55:12 GMT
cache-control: public, max-age=31536000
last-modified: Fri, 20 Aug 2021 12:28:12 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 api.js Show response
apis.google.com/js/ Frame EDA5 13 KB
5 KB 432ms
431ms Script
application/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/api.js?checkCookie=1

Requested by

Host: 1056765279-atari-embeds.googleusercontent.com
URL: https://1056765279-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

69b048aad39501367ac74056ac24390b7d7dc941aa6cb26f0a3592c93ab2ba6d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FGmFoPBn5TER6czO4U5sdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://1056765279-atari-embeds.googleusercontent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:55:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "4181f9f591e91ab50320036c553de5db"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-FGmFoPBn5TER6czO4U5sdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Fri, 20 Aug 2021 22:55:13 GMT

GET
H3-29 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/ Frame EDA5 43 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=gapi_rpc/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/cb=gapi.loaded_0?le=ili,ipu

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/api.js?checkCookie=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef030af54dfe95ff6a88c9b558c3ecc39dfe7af4e7e899b7665dde117c4e2282

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1056765279-atari-embeds.googleusercontent.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 19 Aug 2021 12:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122306
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15508
x-xss-protection: 0
last-modified: Wed, 07 Jul 2021 13:43:54 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Aug 2022 12:56:47 GMT

GET
H2 200 rating-widget Show response
cdn.ageras.com/api/ Frame CC99 4 KB
1 KB 282ms
158ms Document
text/html 3.66.205.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ageras.com/api/rating-widget?partner_id=226605&review_count=undefined&width=220&height=190
Requested by: Host: 1056765279-atari-embeds.googleusercontent.com
URL: https://1056765279-atari-embeds.googleusercontent.com/embeds/16cb204cf3a9d4d223a0a3fd8b0eec5d/inner-frame-minified.html?jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.205.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-205-101.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3a0ec1b47bd94c217195e1303e5039ac54f5994cc2e58df97ec8793941e33d1d

Request headers

:method: GET
:authority: cdn.ageras.com
:scheme: https
:path: /api/rating-widget?partner_id=226605&review_count=undefined&width=220&height=190
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://1056765279-atari-embeds.googleusercontent.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://1056765279-atari-embeds.googleusercontent.com/

Response headers

date: Fri, 20 Aug 2021 22:55:13 GMT
content-type: text/html; charset=UTF-8
server: nginx
cache-control: no-cache, private
access-control-allow-origin: *
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-encoding: gzip

GET
H2 200 bootstrap.min.css
cdn.ageras.com/assets/css/ Frame CC99 89 KB
19 KB 58ms
57ms Stylesheet
text/css 3.66.205.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ageras.com/assets/css/bootstrap.min.css
Requested by: Host: cdn.ageras.com
URL: https://cdn.ageras.com/api/rating-widget?partner_id=226605&review_count=undefined&width=220&height=190
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.205.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-205-101.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a07235b10886a769f5adcd0bd11fa28ca5469e6bebedb49c6874fa319cbc44ff

Request headers

Referer: https://cdn.ageras.com/api/rating-widget?partner_id=226605&review_count=undefined&width=220&height=190
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:55:13 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 09:42:02 GMT
server: nginx
etag: W/"611e276a-16422"
content-type: text/css

GET
H2 200 font-awesome.min.css
cdn.ageras.com/assets/css/ Frame CC99 27 KB
7 KB 82ms
81ms Stylesheet
text/css 3.66.205.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ageras.com/assets/css/font-awesome.min.css
Requested by: Host: cdn.ageras.com
URL: https://cdn.ageras.com/api/rating-widget?partner_id=226605&review_count=undefined&width=220&height=190
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.205.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-205-101.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

Request headers

Referer: https://cdn.ageras.com/api/rating-widget?partner_id=226605&review_count=undefined&width=220&height=190
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:55:13 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 09:42:02 GMT
server: nginx
etag: W/"611e276a-6b4a"
content-type: text/css

GET
H2 200 custom.css
cdn.ageras.com/assets/css/ Frame CC99 8 KB
2 KB 40ms
39ms Stylesheet
text/css 3.66.205.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ageras.com/assets/css/custom.css
Requested by: Host: cdn.ageras.com
URL: https://cdn.ageras.com/api/rating-widget?partner_id=226605&review_count=undefined&width=220&height=190
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.205.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-205-101.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c24b02af004d18f857c3ce609f638d68c6fc81cb8495ad288214994d65a61f35

Request headers

Referer: https://cdn.ageras.com/api/rating-widget?partner_id=226605&review_count=undefined&width=220&height=190
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:55:13 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 09:42:02 GMT
server: nginx
etag: W/"611e276a-1e49"
content-type: text/css

GET
H2 200 jquery-1.11.1.js Show response
cdn.ageras.com/assets/js/ Frame CC99 276 KB
101 KB 70ms
69ms Script
application/javascript 3.66.205.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ageras.com/assets/js/jquery-1.11.1.js
Requested by: Host: cdn.ageras.com
URL: https://cdn.ageras.com/api/rating-widget?partner_id=226605&review_count=undefined&width=220&height=190
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.205.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-205-101.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc

Request headers

Referer: https://cdn.ageras.com/api/rating-widget?partner_id=226605&review_count=undefined&width=220&height=190
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:55:13 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 09:42:02 GMT
server: nginx
etag: W/"611e276a-4508e"
content-type: application/javascript; charset=utf-8

GET
H2 200 bootstrap.min.js Show response
cdn.ageras.com/assets/js/ Frame CC99 28 KB
9 KB 87ms
87ms Script
application/javascript 3.66.205.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ageras.com/assets/js/bootstrap.min.js
Requested by: Host: cdn.ageras.com
URL: https://cdn.ageras.com/api/rating-widget?partner_id=226605&review_count=undefined&width=220&height=190
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.205.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-205-101.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7139d8b43b314fc6764a4d2e6bdfe3ff341b4e027cf67505515a09fcd349556f

Request headers

Referer: https://cdn.ageras.com/api/rating-widget?partner_id=226605&review_count=undefined&width=220&height=190
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:55:13 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 09:42:02 GMT
server: nginx
etag: W/"611e276a-71ed"
content-type: application/javascript; charset=utf-8

GET
H2 200 ageras-logo.svg
cdn.ageras.com/assets/images/widget/ Frame CC99 5 KB
2 KB 40ms
40ms Image
image/svg+xml 3.66.205.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.ageras.com/assets/images/widget/ageras-logo.svg
Requested by: Host: cdn.ageras.com
URL: https://cdn.ageras.com/api/rating-widget?partner_id=226605&review_count=undefined&width=220&height=190
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.205.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-205-101.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c4dfa857d9f8f4cd7cc4ccda23577a4b8f85d98693d79ec706472c8cb40e7994

Request headers

Referer: https://cdn.ageras.com/api/rating-widget?partner_id=226605&review_count=undefined&width=220&height=190
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:55:13 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 09:42:02 GMT
server: nginx
etag: W/"611e276a-125d"
content-type: image/svg+xml

GET
H2 200 fontawesome-webfont.woff2
cdn.ageras.com/assets/fonts/ Frame CC99 65 KB
65 KB 43ms
41ms Font
font/woff2 3.66.205.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ageras.com/assets/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by: Host: cdn.ageras.com
URL: https://cdn.ageras.com/assets/css/font-awesome.min.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.205.101 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-205-101.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Origin: https://cdn.ageras.com
Referer: https://cdn.ageras.com/assets/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 20 Aug 2021 22:55:13 GMT
last-modified: Thu, 19 Aug 2021 09:42:02 GMT
server: nginx
accept-ranges: bytes
etag: "611e276a-10440"
content-length: 66624
content-type: font/woff2

Verdicts & Comments Add Verdict or Comment

60 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	base-uri 'self';object-src 'none';report-uri /_/view/cspreport;script-src 'report-sample' 'nonce-ddcFFhLe4yN0vTAH8pxEeA' 'unsafe-inline' 'unsafe-eval';worker-src 'self';frame-ancestors https://google-admin.corp.google.com/
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1056765279-atari-embeds.googleusercontent.com
apis.google.com
cdn.ageras.com
fonts.googleapis.com
fonts.gstatic.com
lh3.googleusercontent.com
lh4.googleusercontent.com
lh5.googleusercontent.com
lh6.googleusercontent.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.nicholstaxservice.com
2a00:1450:4001:800::2013
2a00:1450:4001:802::2001
2a00:1450:4001:809::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:828::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200a
3.66.205.101
073d6d465c3a1aac90711ec62fe58edf02a2c68451ee035f053a912ed7284421
0ebc98833e016145f284909f23e1ed94b58b07899d6fe98e09a2df95e90323a0
266a9da93ad98f5b3d67b5ab23be412fd9e43ebb756fdb703fc8ac7a946ef636
281093fa0cfff361f3f29d7b2129906f88b8feae7f9fd56bd5cb99b1d64a4799
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
3029834a820c79c154c377f52e2719fc3ff2a27600a07ae089ea7fde9087f6bc
3a0ec1b47bd94c217195e1303e5039ac54f5994cc2e58df97ec8793941e33d1d
3b7324ea3ca092b7253ecee80cfd1e9b16766832816b18324f37eb8f5646bab3
3c894c2e1b6d7b8e163e99b46b06689d10acbe5e3688152745890f8c7c817adb
3f9f824665f42da041cd3431e7272c3af19142ce1b16526fa77d9fd0fc6ca9b5
49e37128de6210ed94b78c26b6a2e10f1916097883648ecb92fa31748ee84ea8
4dc75c2fa32bf07432856aacfeadf412e837c25e872d628b3e9099d080f000a7
4f9d0f15ff18a56f82533f44eb3487fa4e730c67277e168dd074e16f23b40d87
5428ad914b27b7f73e24c680f1b109344b6d47dcbe96be249bf219fc22ed4ccb
544fe3e44455fe319cf8ebe59c346442735149460d6a1e325cdb1b4dcdb3cf20
54c4202327610e345a131f5e24041c0d7d9615be8d93a1b9b9affa76e862a17f
5a63a10e8a8e5d4f239826cfd2f1d2f3a2bb76fd777f28df1749917f0d939b04
69b048aad39501367ac74056ac24390b7d7dc941aa6cb26f0a3592c93ab2ba6d
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e957a4f7bf818215dbc64f681303dca66772b9ba8116d5e82d7c7f55d969401
7139d8b43b314fc6764a4d2e6bdfe3ff341b4e027cf67505515a09fcd349556f
761b9d059d3eb80fd96d0535cbdd8d4fbb051191f7b797bf205810414c9db18f
80e142904c9feeca9d8c64af55dabfda8032b2ac29fc26ca11d59aa1abddc6ab
8874ca998746e2309084735b33c531a28f0d513d867dc02f26701ced5d67ef81
8d47b4a1cc0393424720bded5988a28f4e9146fd265ecb416b79cf0d6ac81f6d
938544bcf8e17edf762c41a16217f651b2ea2625263e2efcb93551f77edb6fcd
94e72fcfc7bffc99bd50a4a86b8d645bcc39269a85247c2f8d9b8457f06d3f67
96570ac50bb0a1b9a4a2d45575b98c1ede2ab78c6ad5932d1517d3b4f961aecb
a07235b10886a769f5adcd0bd11fa28ca5469e6bebedb49c6874fa319cbc44ff
aaaf6a9a9aef8fa013a99f4f7b62a38ace0c670894693abf70d03dc703baa290
ac3136273dfafb59fa824e02c6618cb1def68fe3c725771ff806427de8e6ac62
b8436deda167997143cf3a97b1fc3077530530f0df46f28b7dc4da849b066be4
b85bc775708921669d66fdcb6c88ca0c57803fad4a43aaeee66adc6202c23a1e
b8c96a08fc8a5bbda6a433a03cc35ae86de131e88559b6c667c306eee6aa5765
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c24b02af004d18f857c3ce609f638d68c6fc81cb8495ad288214994d65a61f35
c4dfa857d9f8f4cd7cc4ccda23577a4b8f85d98693d79ec706472c8cb40e7994
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d05c294679ece9813cb8d6c94772cd5775eb015b5cae4604bbfc148e7cf27938
d52aa5614f8b75142f9fee208d69dad6a137508c23cc56026ed9f71d04231106
d8c00612ad389d50b09dc5b8e7e9239a034b2d025041195a54db03394cacff91
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
e3fec95990c1c40e6e40b4ff79f016733cc50d45730338e25f7e675703c94994
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
eb21b7a9ab772feadc0180a1ce5715de567225eee752e4c20882da2dee898bcc
ebb47fd79ee856806fec5c85f947b3a908cbe3cfef92099fa4c9b481f092f6f7
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ef030af54dfe95ff6a88c9b558c3ecc39dfe7af4e7e899b7665dde117c4e2282
f203e6b9cfb235fde8176f0c5bb4eff8e67b23071b888c9f8cd3e681b02313ec
fc9b382729550d6a6d0d4e9f5ae657405fa51d570fba4adca83c1a1c38cc3063
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.nicholstaxservice.com Open in urlscan Pro 2a00:1450:4001:800::2013 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

55 Requests

100 %HTTPS

90 %IPv6

8 Domains

13 Subdomains

10 IPs

1 Countries

7840 kBTransfer

10146 kBSize

0 Cookies

10 Outgoing links

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.nicholstaxservice.com Open in urlscan Pro
2a00:1450:4001:800::2013 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

100 %
HTTPS

90 %
IPv6

8
Domains

13
Subdomains

10
IPs

1
Countries

7840 kB
Transfer

10146 kB
Size

0
Cookies

55 HTTP transactions
0 data transactions