portal.garciastaxservice.com Open in urlscan Pro
2600:9000:225a:a400:a:af64:6c80:93a1  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response portal.garciastaxservice.com/	3 KB 4 KB	703ms 270ms	Document text/html	2600:9000:225a:a400:a:af64:6c80:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://portal.garciastaxservice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225a:a400:a:af64:6c80:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9522e038ac9ed7ee977ede1660efe457eec918fc9305b663e207ae860a45c018 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers content-length 3311 content-type text/html date Thu, 28 Apr 2022 14:26:32 GMT etag "e1e0142cd5aefdd3855be21ea6f86ebc" last-modified Wed, 16 Feb 2022 01:19:37 GMT server AmazonS3 via 1.1 58637526ee1dcfa09d08745fe18a9062.cloudfront.net (CloudFront) x-amz-cf-id mqq-xvINM4W6pDdM_Y7Nfz7Q2G_wy68MhNA8v3LNpKiUVBYPPyxB3w== x-amz-cf-pop TXL50-P1 x-cache Miss from cloudfront
GET H2	200	api.js Show response apis.google.com/js/	14 KB 6 KB	146ms 58ms	Script text/javascript	2a00:1450:4001:813::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://apis.google.com/js/api.js Requested by Host: portal.garciastaxservice.com URL: https://portal.garciastaxservice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a901d90ba255bf03338f50786eb7f56033a915131982e08ab8473e4817105adb Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://portal.garciastaxservice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers content-security-policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5541 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="gapi-team" date Thu, 28 Apr 2022 14:26:31 GMT vary Accept-Encoding report-to {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]} content-type text/javascript access-control-allow-origin * cache-control private, max-age=1800, stale-while-revalidate=1800 etag "d9fb14b7bd505434" accept-ranges bytes timing-allow-origin * expires Thu, 28 Apr 2022 14:26:31 GMT
GET H2	200	2.b90bc75f.chunk.css clients.taxaroo.com/static/css/	752 KB 753 KB	556ms 436ms	Stylesheet text/css	18.66.2.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://clients.taxaroo.com/static/css/2.b90bc75f.chunk.css Requested by Host: portal.garciastaxservice.com URL: https://portal.garciastaxservice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.2.118 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-2-118.txl50.r.cloudfront.net Software AmazonS3 / Resource Hash f84cd6222d2dc1ae1b7cdbf1147052f90a263312031e9f59d9bb15d3c053b145 Request headers accept-language de-DE,de;q=0.9 Referer https://portal.garciastaxservice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 28 Apr 2022 14:26:32 GMT via 1.1 88c4efc7a0d40cb6034579fa005452bc.cloudfront.net (CloudFront) last-modified Wed, 16 Feb 2022 01:19:37 GMT server AmazonS3 x-amz-cf-pop TXL50-P1 etag "c97823f334ece5c9fc5c0b8076bfc1a7" x-cache Miss from cloudfront content-type text/css content-length 769663 x-amz-cf-id JUtLp6yPZUpH4JA_AOMR3lBQ8mvSppCGaNU_Yy7XqfoUrCFE1CchZA==
GET H2	200	main.fa2a8d40.chunk.css clients.taxaroo.com/static/css/	39 KB 39 KB	555ms 436ms	Stylesheet text/css	18.66.2.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://clients.taxaroo.com/static/css/main.fa2a8d40.chunk.css Requested by Host: portal.garciastaxservice.com URL: https://portal.garciastaxservice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.2.118 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-2-118.txl50.r.cloudfront.net Software AmazonS3 / Resource Hash ecc4d4d00fa51a05dd32c9a6aabe1c08c9792d59fffd4c1119cc2ef223ac184d Request headers accept-language de-DE,de;q=0.9 Referer https://portal.garciastaxservice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 28 Apr 2022 14:26:32 GMT via 1.1 88c4efc7a0d40cb6034579fa005452bc.cloudfront.net (CloudFront) last-modified Wed, 16 Feb 2022 01:19:37 GMT server AmazonS3 x-amz-cf-pop TXL50-P1 etag "1391299fe94d883c728b505cbedbfa40" x-cache Miss from cloudfront content-type text/css content-length 39565 x-amz-cf-id ZLRVvYtdAT-eVlj0NuYjgNBN_99C7rgW8TUUOBvw8D7Oh0DMj_7mHQ==
GET H2	200	/ Show response js.stripe.com/v3/	301 KB 71 KB	59ms 7ms	Script application/javascript	151.101.64.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/ Requested by Host: portal.garciastaxservice.com URL: https://portal.garciastaxservice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 1402fe43c86f3346d9d90bdd3f97d19a137b2fc17a1480923599fd44d19816e1 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://portal.garciastaxservice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff age 24 x-cache HIT content-length 72043 etag "ed4af3a64ab5cb9bd5c656cf429b7e2a" x-request-id 028274db-e0cf-4d1e-ac0a-8adffd682dde x-served-by cache-hhn4029-HHN access-control-allow-origin * last-modified Wed, 27 Apr 2022 22:38:13 GMT server Fastly date Thu, 28 Apr 2022 14:26:31 GMT vary Accept-Encoding content-type application/javascript; charset=utf-8 via 1.1 varnish cache-control max-age=60 accept-ranges bytes timing-allow-origin * x-cache-hits 6
GET H2	200	2.c6961973.chunk.js Show response clients.taxaroo.com/static/js/	4 MB 4 MB	300ms 181ms	Script application/javascript	18.66.2.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://clients.taxaroo.com/static/js/2.c6961973.chunk.js Requested by Host: portal.garciastaxservice.com URL: https://portal.garciastaxservice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.2.118 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-2-118.txl50.r.cloudfront.net Software AmazonS3 / Resource Hash cc3b065a88f20c7fb90c011500f46afe988f9a41c87c1fd2bed843ba42337861 Request headers accept-language de-DE,de;q=0.9 Referer https://portal.garciastaxservice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Wed, 27 Apr 2022 23:55:22 GMT via 1.1 88c4efc7a0d40cb6034579fa005452bc.cloudfront.net (CloudFront) last-modified Wed, 16 Feb 2022 01:19:37 GMT server AmazonS3 age 52270 etag "4348894b5a3899aba0caf3d8c87562c5" x-cache Hit from cloudfront content-type application/javascript x-amz-cf-pop TXL50-P1 content-length 4582190 x-amz-cf-id 76xjf2Vu3LnCnhJFUwTAfl68SOa12dxPwNawlXAa2TlVVOnwKFrhyA==
GET H2	200	main.a418a0b8.chunk.js Show response clients.taxaroo.com/static/js/	387 KB 387 KB	167ms 48ms	Script application/javascript	18.66.2.118 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://clients.taxaroo.com/static/js/main.a418a0b8.chunk.js Requested by Host: portal.garciastaxservice.com URL: https://portal.garciastaxservice.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.2.118 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-2-118.txl50.r.cloudfront.net Software AmazonS3 / Resource Hash 1ab146158945444820fd4d7f7f538a921732149d6a4f7818f58301e1734c5fcc Request headers accept-language de-DE,de;q=0.9 Referer https://portal.garciastaxservice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Thu, 28 Apr 2022 14:26:31 GMT via 1.1 88c4efc7a0d40cb6034579fa005452bc.cloudfront.net (CloudFront) last-modified Wed, 16 Feb 2022 01:19:37 GMT server AmazonS3 age 29736 etag "5882f2f2cbe482c3d0944aa56fcb7231" x-cache Hit from cloudfront content-type application/javascript x-amz-cf-pop TXL50-P1 content-length 395909 x-amz-cf-id XQSNfGunKTi4ESptT13g3S6eECabVar9k9tBx7KbKUV6JhYlU8t1KA==
GET H2	200	controller-0874a2c43b5d2457b7b3a6d2a5d02bd7.html Show response js.stripe.com/v3/ Frame 3C3E	349 B 606 B	26ms 25ms	Document text/html	151.101.64.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/controller-0874a2c43b5d2457b7b3a6d2a5d02bd7.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash aef24cb9adefb156f67ce5d1ac88e2c82a1eb773c6a5f25912441548cb54a960 Security Headers Name Value Content-Security-Policy default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://portal.garciastaxservice.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 28 cache-control max-age=60 content-encoding br content-length 167 content-security-policy default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src 'self'; img-src 'self' https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Thu, 28 Apr 2022 14:26:32 GMT etag "0874a2c43b5d2457b7b3a6d2a5d02bd7" last-modified Wed, 27 Apr 2022 22:25:37 GMT server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 varnish x-cache HIT x-cache-hits 6 x-content-type-options nosniff x-request-id 87a0d824-c3e1-4fa5-a5a5-8773d40dc113 x-served-by cache-hhn4029-HHN
OPTIONS H/1.1	204 No Content	logout app.taxaroo.com/ Frame	0 0	637ms 99ms	Preflight	34.193.78.37 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.taxaroo.com/logout?isOldClientSession=true Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.78.37 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-78-37.compute-1.amazonaws.com Software nginx/1.20.0 / Express Resource Hash Request headers Accept */* Access-Control-Request-Headers x-requested-with Access-Control-Request-Method GET Origin https://portal.garciastaxservice.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers x-requested-with Access-Control-Allow-Methods GET,HEAD,PUT,PATCH,POST,DELETE Access-Control-Allow-Origin https://portal.garciastaxservice.com Connection keep-alive Content-Length 0 Date Thu, 28 Apr 2022 14:26:33 GMT Server nginx/1.20.0 Vary Origin, Access-Control-Request-Headers X-Powered-By Express
OPTIONS H/1.1	204 No Content	logout app.taxaroo.com/ Frame	0 0	627ms 98ms	Preflight	34.193.78.37 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.taxaroo.com/logout?isOldClientSession=true Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.78.37 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-78-37.compute-1.amazonaws.com Software nginx/1.20.0 / Express Resource Hash Request headers Accept */* Access-Control-Request-Headers x-requested-with Access-Control-Request-Method GET Origin https://portal.garciastaxservice.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers x-requested-with Access-Control-Allow-Methods GET,HEAD,PUT,PATCH,POST,DELETE Access-Control-Allow-Origin https://portal.garciastaxservice.com Connection keep-alive Content-Length 0 Date Thu, 28 Apr 2022 14:26:33 GMT Server nginx/1.20.0 Vary Origin, Access-Control-Request-Headers X-Powered-By Express
GET H/1.1	200 OK	logout Show response app.taxaroo.com/	2 B 728 B	481ms 157ms	XHR text/plain	34.193.78.37 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.taxaroo.com/logout?isOldClientSession=true Requested by Host: clients.taxaroo.com URL: https://clients.taxaroo.com/static/js/2.c6961973.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.78.37 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-78-37.compute-1.amazonaws.com Software nginx/1.20.0 / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Security Headers Name Value Strict-Transport-Security max-age=31536000000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://portal.garciastaxservice.com/ x-requested-with XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Thu, 28 Apr 2022 14:26:33 GMT Strict-Transport-Security max-age=31536000000; includeSubDomains; preload X-Content-Type-Options nosniff Server nginx/1.20.0 ETag W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc" X-Download-Options noopen X-Frame-Options SAMEORIGIN Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin https://portal.garciastaxservice.com Access-Control-Allow-Credentials true Connection keep-alive Vary Origin, Accept-Encoding Content-Length 2 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	logout Show response app.taxaroo.com/	2 B 732 B	470ms 150ms	XHR text/plain	34.193.78.37 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.taxaroo.com/logout?isOldClientSession=true Requested by Host: clients.taxaroo.com URL: https://clients.taxaroo.com/static/js/2.c6961973.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.78.37 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-78-37.compute-1.amazonaws.com Software nginx/1.20.0 / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Security Headers Name Value Strict-Transport-Security max-age=31536000000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://portal.garciastaxservice.com/ x-requested-with XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Thu, 28 Apr 2022 14:26:33 GMT Strict-Transport-Security max-age=31536000000; includeSubDomains; preload X-Content-Type-Options nosniff Server nginx/1.20.0 ETag W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc" X-Download-Options noopen X-Frame-Options SAMEORIGIN Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin https://portal.garciastaxservice.com Access-Control-Allow-Credentials true Connection keep-alive Vary Origin, Accept-Encoding Content-Length 2 X-XSS-Protection 1; mode=block
GET H2	200	m-outer-23335cd0c833d03926d94e8fb5cb0381.html Show response js.stripe.com/v3/ Frame 05AD	240 B 531 B	22ms 21ms	Document text/html	151.101.64.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-23335cd0c833d03926d94e8fb5cb0381.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash a112f8f0717d42ab09edf17e6583b29dc651b7cda4b474e413a3558d0f16ad67 Security Headers Name Value Content-Security-Policy default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://portal.garciastaxservice.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 1369708 cache-control max-age=31536000 content-encoding br content-length 140 content-security-policy default-src 'self'; base-uri 'none'; form-action 'none'; connect-src 'self' https://r.stripe.com; script-src 'self'; style-src 'self'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none'; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Thu, 28 Apr 2022 14:26:32 GMT etag "23335cd0c833d03926d94e8fb5cb0381" last-modified Tue, 05 Apr 2022 17:50:14 GMT server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 varnish x-cache HIT x-cache-hits 98979 x-content-type-options nosniff x-request-id 3bf23b5c-1529-4ce3-be6f-3455af0054db x-served-by cache-hhn4029-HHN
POST H2	200	csp-report q.stripe.com/ Frame 3C3E	0 346 B	551ms 171ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: portal.garciastaxservice.com URL: https://portal.garciastaxservice.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/csp-report Response headers date Thu, 28 Apr 2022 14:26:33 GMT server nginx access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://js.stripe.com access-control-expose-headers Server, Range, Content-Type x-envoy-upstream-service-time 2 access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token content-length 0
GET H2	200	shared-8bb52ed6cfa5aba8111c702d3b3430f2.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 3C3E	211 KB 53 KB	20ms 20ms	Script application/javascript	151.101.64.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/shared-8bb52ed6cfa5aba8111c702d3b3430f2.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/controller-0874a2c43b5d2457b7b3a6d2a5d02bd7.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash a7cfe4a1a276a0ceb0fda6a6ca3f960eb05434d6627a53c7bcc4ff8cc8246d41 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/controller-0874a2c43b5d2457b7b3a6d2a5d02bd7.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff age 58 x-cache HIT content-length 54050 etag "ec9a3a04700d5361b313ef51b818e1f0" x-request-id d4be1dbc-cb59-4cd3-a2a2-56391c7c0180 x-served-by cache-hhn4029-HHN access-control-allow-origin * last-modified Wed, 27 Apr 2022 22:25:15 GMT server Fastly date Thu, 28 Apr 2022 14:26:32 GMT vary Accept-Encoding content-type application/javascript; charset=utf-8 via 1.1 varnish cache-control max-age=60 accept-ranges bytes timing-allow-origin * x-cache-hits 11
GET H2	200	controller-5fc05a8ec7258f58b8567f8fed2fcbe7.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 3C3E	376 KB 93 KB	26ms 25ms	Script application/javascript	151.101.64.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/controller-5fc05a8ec7258f58b8567f8fed2fcbe7.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/controller-0874a2c43b5d2457b7b3a6d2a5d02bd7.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 3c517dcb77f89332b58a2c26ed6ea80e8b40b02d11e25659c5d09736389c1ded Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/controller-0874a2c43b5d2457b7b3a6d2a5d02bd7.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff age 26 x-cache HIT content-length 94527 etag "334ea66cff99832f71abcc8a53554666" x-request-id 875dfd6e-3ff8-444b-8f63-6b579775e06d x-served-by cache-hhn4029-HHN access-control-allow-origin * last-modified Wed, 27 Apr 2022 22:25:16 GMT server Fastly date Thu, 28 Apr 2022 14:26:32 GMT vary Accept-Encoding content-type application/javascript; charset=utf-8 via 1.1 varnish cache-control max-age=60 accept-ranges bytes timing-allow-origin * x-cache-hits 5
POST H2	200	csp-report q.stripe.com/ Frame 05AD	0 347 B	511ms 171ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: portal.garciastaxservice.com URL: https://portal.garciastaxservice.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/csp-report Response headers date Thu, 28 Apr 2022 14:26:33 GMT server nginx access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://js.stripe.com access-control-expose-headers Server, Range, Content-Type x-envoy-upstream-service-time 1 access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token content-length 0
GET H2	200	m-outer-8828f6fcad654313f23d9a7d1f1eb715.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 05AD	1 KB 796 B	30ms 30ms	Script application/javascript	151.101.64.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/m-outer-8828f6fcad654313f23d9a7d1f1eb715.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/m-outer-23335cd0c833d03926d94e8fb5cb0381.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/m-outer-23335cd0c833d03926d94e8fb5cb0381.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff age 52 x-cache HIT content-length 645 etag "d0c7e21ec457b6a134a496f107c3ca93" x-request-id b1232bf2-ffdc-4066-b998-d6d916fa51ff x-served-by cache-hhn4029-HHN access-control-allow-origin * last-modified Tue, 05 Apr 2022 17:50:29 GMT server Fastly date Thu, 28 Apr 2022 14:26:32 GMT vary Accept-Encoding content-type application/javascript; charset=utf-8 via 1.1 varnish cache-control max-age=60 accept-ranges bytes timing-allow-origin * x-cache-hits 78
POST H2	200	0 Show response r.stripe.com/ Frame 3C3E	0 127 B	551ms 172ms	XHR text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-8bb52ed6cfa5aba8111c702d3b3430f2.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin https://js.stripe.com date Thu, 28 Apr 2022 14:26:33 GMT access-control-allow-credentials true server nginx content-length 0 content-type text/plain
POST H2	200	0 Show response r.stripe.com/ Frame 3C3E	0 128 B	547ms 170ms	XHR text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-8bb52ed6cfa5aba8111c702d3b3430f2.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin https://js.stripe.com date Thu, 28 Apr 2022 14:26:33 GMT access-control-allow-credentials true server nginx content-length 0 content-type text/plain
POST H2	200	0 Show response r.stripe.com/ Frame 3C3E	0 127 B	714ms 338ms	XHR text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-8bb52ed6cfa5aba8111c702d3b3430f2.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin https://js.stripe.com date Thu, 28 Apr 2022 14:26:33 GMT access-control-allow-credentials true server nginx content-length 0 content-type text/plain
POST H2	200	0 Show response r.stripe.com/ Frame 3C3E	0 127 B	714ms 338ms	XHR text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-8bb52ed6cfa5aba8111c702d3b3430f2.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin https://js.stripe.com date Thu, 28 Apr 2022 14:26:33 GMT access-control-allow-credentials true server nginx content-length 0 content-type text/plain
POST H2	200	0 Show response r.stripe.com/ Frame 3C3E	0 127 B	713ms 338ms	XHR text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-8bb52ed6cfa5aba8111c702d3b3430f2.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin https://js.stripe.com date Thu, 28 Apr 2022 14:26:33 GMT access-control-allow-credentials true server nginx content-length 0 content-type text/plain
GET H2	200	inner.html Show response m.stripe.network/ Frame E91A	930 B 1 KB	28ms 8ms	Document text/html	151.101.64.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/inner.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8828f6fcad654313f23d9a7d1f1eb715.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 257 cache-control max-age=300, public content-encoding gzip content-length 527 content-security-policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Thu, 28 Apr 2022 14:26:32 GMT server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload vary Accept-Encoding, Origin via 1.1 varnish x-cache HIT x-cache-hits 402 x-content-type-options nosniff x-request-id 056fb9e9-b38b-42d6-bd6a-c3138255a145 x-served-by cache-hhn4029-HHN x-timer S1651155993.885601,VS0,VE0
POST H2	200	csp-report q.stripe.com/ Frame E91A	0 120 B	441ms 171ms	Other text/plain	54.187.159.182 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: portal.garciastaxservice.com URL: https://portal.garciastaxservice.com/ Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-159-182.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload Request headers Referer https://m.stripe.network/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/csp-report Response headers date Thu, 28 Apr 2022 14:26:33 GMT x-envoy-upstream-service-time 2 server nginx content-length 0 strict-transport-security max-age=31556926; includeSubDomains; preload
GET H2	200	out-4.5.42.js Show response m.stripe.network/ Frame E91A	86 KB 16 KB	9ms 9ms	Script text/javascript	151.101.64.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/out-4.5.42.js Requested by Host: m.stripe.network URL: https://m.stripe.network/inner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.64.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://m.stripe.network/inner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 281 x-cache HIT content-length 16031 x-request-id a8831d53-07ff-4080-acb1-b01973bb03d6 x-served-by cache-hhn4029-HHN server Fastly x-timer S1651155993.899383,VS0,VE0 date Thu, 28 Apr 2022 14:26:32 GMT vary Accept-Encoding, Origin content-type text/javascript; charset=utf-8 via 1.1 varnish cache-control max-age=300, public accept-ranges bytes x-cache-hits 415
POST H2	200	6 Show response m.stripe.com/ Frame E91A	156 B 523 B	539ms 181ms	XHR application/json	35.162.3.11 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.42.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.162.3.11 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-35-162-3-11.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 20353c3bad3ee3e9385b00a0b4f328946501444b888fef485d4ec05fb5c9c5da Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Thu, 28 Apr 2022 14:26:33 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=31556926; includeSubDomains; preload content-type application/json;charset=utf-8 access-control-allow-origin https://m.stripe.network access-control-allow-credentials true access-control-allow-headers Content-Type content-length 156
POST H2	200	0 Show response r.stripe.com/ Frame 3C3E	0 127 B	514ms 338ms	XHR text/plain	54.186.23.98 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-8bb52ed6cfa5aba8111c702d3b3430f2.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-186-23-98.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin https://js.stripe.com date Thu, 28 Apr 2022 14:26:33 GMT access-control-allow-credentials true server nginx content-length 0 content-type text/plain
POST H/1.1	201 Created	branding Show response api.taxaroo.com/whitelabel/	312 B 585 B	152ms 152ms	XHR application/json	52.22.46.2 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.taxaroo.com/whitelabel/branding Requested by Host: clients.taxaroo.com URL: https://clients.taxaroo.com/static/js/2.c6961973.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.22.46.2 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-22-46-2.compute-1.amazonaws.com Software nginx/1.20.0 / Express Resource Hash 24e5693874dbd66ac2024c005d2542546b5dedd5bea5096ff3e9183d4a6ae813 Request headers Accept application/json, text/plain, */* Referer https://portal.garciastaxservice.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Content-Type application/json Response headers Date Thu, 28 Apr 2022 14:26:34 GMT Server nginx/1.20.0 X-Powered-By Express ETag W/"138-pFlNDvA1LatBSRQHs0SvxAbzitw" Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Connection keep-alive Content-Length 312
OPTIONS H/1.1	204 No Content	branding api.taxaroo.com/whitelabel/ Frame	0 0	556ms 100ms	Preflight	52.22.46.2 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.taxaroo.com/whitelabel/branding Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.22.46.2 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-22-46-2.compute-1.amazonaws.com Software nginx/1.20.0 / Express Resource Hash Request headers Accept */* Access-Control-Request-Headers content-type Access-Control-Request-Method POST Origin https://portal.garciastaxservice.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Access-Control-Allow-Headers content-type Access-Control-Allow-Methods GET,HEAD,PUT,PATCH,POST,DELETE Access-Control-Allow-Origin * Connection keep-alive Content-Length 0 Date Thu, 28 Apr 2022 14:26:34 GMT Server nginx/1.20.0 Vary Access-Control-Request-Headers X-Powered-By Express
GET H/1.1	200 OK	logout Show response app.taxaroo.com/	2 B 728 B	120ms 119ms	XHR text/plain	34.193.78.37 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.taxaroo.com/logout?isOldClientSession=true Requested by Host: clients.taxaroo.com URL: https://clients.taxaroo.com/static/js/2.c6961973.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.78.37 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-78-37.compute-1.amazonaws.com Software nginx/1.20.0 / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Security Headers Name Value Strict-Transport-Security max-age=31536000000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://portal.garciastaxservice.com/ x-requested-with XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Thu, 28 Apr 2022 14:26:34 GMT Strict-Transport-Security max-age=31536000000; includeSubDomains; preload X-Content-Type-Options nosniff Server nginx/1.20.0 ETag W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc" X-Download-Options noopen X-Frame-Options SAMEORIGIN Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin https://portal.garciastaxservice.com Access-Control-Allow-Credentials true Connection keep-alive Vary Origin, Accept-Encoding Content-Length 2 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	undefined.png Show response api.taxaroo.com/files/2294/logo/preparers/9bed3ff2-9d83-4dba-a1df-65004a4dbbe3/undefined/preparer/logo/	295 B 563 B	171ms 171ms	XHR application/json	52.22.46.2 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.taxaroo.com/files/2294/logo/preparers/9bed3ff2-9d83-4dba-a1df-65004a4dbbe3/undefined/preparer/logo/undefined.png Requested by Host: clients.taxaroo.com URL: https://clients.taxaroo.com/static/js/2.c6961973.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.22.46.2 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-22-46-2.compute-1.amazonaws.com Software nginx/1.20.0 / Express Resource Hash c5d4b09017ef39701877a9d320137fb2d1f21539ea01a987cfad0f888720131b Request headers Accept application/json, text/plain, */* Referer https://portal.garciastaxservice.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Thu, 28 Apr 2022 14:26:34 GMT Server nginx/1.20.0 X-Powered-By Express ETag W/"127-qidF0gAQYLGHZoGLrnzYGHNG340" Content-Type application/json; charset=utf-8 Access-Control-Allow-Origin * Connection keep-alive Content-Length 295
OPTIONS H/1.1	204 No Content	logout app.taxaroo.com/ Frame	0 0	110ms 109ms	Preflight	34.193.78.37 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.taxaroo.com/logout?isOldClientSession=true Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.78.37 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-78-37.compute-1.amazonaws.com Software nginx/1.20.0 / Express Resource Hash Request headers Accept */* Access-Control-Request-Headers x-requested-with Access-Control-Request-Method GET Origin https://portal.garciastaxservice.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers x-requested-with Access-Control-Allow-Methods GET,HEAD,PUT,PATCH,POST,DELETE Access-Control-Allow-Origin https://portal.garciastaxservice.com Connection keep-alive Content-Length 0 Date Thu, 28 Apr 2022 14:26:34 GMT Server nginx/1.20.0 Vary Origin, Access-Control-Request-Headers X-Powered-By Express
OPTIONS H/1.1	204 No Content	logout app.taxaroo.com/ Frame	0 0	99ms 99ms	Preflight	34.193.78.37 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.taxaroo.com/logout?isOldClientSession=true Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.78.37 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-78-37.compute-1.amazonaws.com Software nginx/1.20.0 / Express Resource Hash Request headers Accept */* Access-Control-Request-Headers x-requested-with Access-Control-Request-Method GET Origin https://portal.garciastaxservice.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers x-requested-with Access-Control-Allow-Methods GET,HEAD,PUT,PATCH,POST,DELETE Access-Control-Allow-Origin https://portal.garciastaxservice.com Connection keep-alive Content-Length 0 Date Thu, 28 Apr 2022 14:26:34 GMT Server nginx/1.20.0 Vary Origin, Access-Control-Request-Headers X-Powered-By Express
GET H/1.1	200 OK	logout Show response app.taxaroo.com/	2 B 728 B	126ms 126ms	XHR text/plain	34.193.78.37 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.taxaroo.com/logout?isOldClientSession=true Requested by Host: clients.taxaroo.com URL: https://clients.taxaroo.com/static/js/2.c6961973.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.78.37 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-78-37.compute-1.amazonaws.com Software nginx/1.20.0 / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Security Headers Name Value Strict-Transport-Security max-age=31536000000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://portal.garciastaxservice.com/ x-requested-with XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Thu, 28 Apr 2022 14:26:34 GMT Strict-Transport-Security max-age=31536000000; includeSubDomains; preload X-Content-Type-Options nosniff Server nginx/1.20.0 ETag W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc" X-Download-Options noopen X-Frame-Options SAMEORIGIN Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin https://portal.garciastaxservice.com Access-Control-Allow-Credentials true Connection keep-alive Vary Origin, Accept-Encoding Content-Length 2 X-XSS-Protection 1; mode=block
GET H/1.1	200 OK	undefined.png taxaroo1.s3.amazonaws.com/preparers/9bed3ff2-9d83-4dba-a1df-65004a4dbbe3/undefined/preparer/logo/	19 KB 19 KB	659ms 172ms	Image image/png	54.231.165.129 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://taxaroo1.s3.amazonaws.com/preparers/9bed3ff2-9d83-4dba-a1df-65004a4dbbe3/undefined/preparer/logo/undefined.png?AWSAccessKeyId=AKIAVS7FB4XQQI4DHQGP&Expires=1651156004&Signature=wb%2FRsaC4FZzVYXyE4cY6NZvoMPg%3D&response-content-disposition=inline%3Bfilename%3D%22GarciaTax.png%22 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.231.165.129 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash dee98500038ab62f3c376a441cc48d82373ed5ac693d91b5393269a50314d2b7 Request headers accept-language de-DE,de;q=0.9 Referer https://portal.garciastaxservice.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers x-amz-server-side-encryption AES256 x-amz-meta-original-file-name GarciaTax.png Date Thu, 28 Apr 2022 14:26:36 GMT Last-Modified Sat, 18 Dec 2021 22:11:14 GMT Server AmazonS3 x-amz-request-id 02R59K0875KZZ4DS ETag "d7457ed632303934dc23d58e5608519c" x-amz-version-id m_UZqkEYzqT_.79NMzSEigz5NS_xdVpX Content-Disposition inline;filename="GarciaTax.png" Accept-Ranges bytes Content-Type image/png Content-Length 19355 x-amz-id-2 00/9/wIW+Ey/0E1UbEQVekM5gbmH6i33e5WkJ0/tXbOrbrw8hnVZHjxIXG9DAt2EJl/n0WE8Dss=
GET H/1.1	200 OK	logout Show response app.taxaroo.com/	2 B 728 B	123ms 122ms	XHR text/plain	34.193.78.37 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.taxaroo.com/logout?isOldClientSession=true Requested by Host: clients.taxaroo.com URL: https://clients.taxaroo.com/static/js/2.c6961973.chunk.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.78.37 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-78-37.compute-1.amazonaws.com Software nginx/1.20.0 / Resource Hash 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3 Security Headers Name Value Strict-Transport-Security max-age=31536000000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json, text/plain, */* Referer https://portal.garciastaxservice.com/ x-requested-with XMLHttpRequest accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Thu, 28 Apr 2022 14:26:34 GMT Strict-Transport-Security max-age=31536000000; includeSubDomains; preload X-Content-Type-Options nosniff Server nginx/1.20.0 ETag W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc" X-Download-Options noopen X-Frame-Options SAMEORIGIN Content-Type text/plain; charset=utf-8 Access-Control-Allow-Origin https://portal.garciastaxservice.com Access-Control-Allow-Credentials true Connection keep-alive Vary Origin, Accept-Encoding Content-Length 2 X-XSS-Protection 1; mode=block
OPTIONS H/1.1	204 No Content	logout app.taxaroo.com/ Frame	0 0	100ms 100ms	Preflight	34.193.78.37 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://app.taxaroo.com/logout?isOldClientSession=true Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.193.78.37 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-193-78-37.compute-1.amazonaws.com Software nginx/1.20.0 / Express Resource Hash Request headers Accept */* Access-Control-Request-Headers x-requested-with Access-Control-Request-Method GET Origin https://portal.garciastaxservice.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Access-Control-Allow-Credentials true Access-Control-Allow-Headers x-requested-with Access-Control-Allow-Methods GET,HEAD,PUT,PATCH,POST,DELETE Access-Control-Allow-Origin https://portal.garciastaxservice.com Connection keep-alive Content-Length 0 Date Thu, 28 Apr 2022 14:26:34 GMT Server nginx/1.20.0 Vary Origin, Access-Control-Request-Headers X-Powered-By Express

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| gapi object| ___jsl object| __webpackStripeJSv3Jsonp function| Stripe object| webpackJsonptaxaroo-clients object| __SENTRY__ object| regeneratorRuntime object| __SECRET_EMOTION__ function| Pusher function| saveAs object| __ARTC__ object| __localeData__

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			m.stripe.com/	1970-01-20 20:10:27	Name: m Value: 926b7375-7b80-4efd-b816-50b3a80bc61313838e
			.portal.garciastaxservice.com/	1970-01-20 11:24:51	Name: __stripe_mid Value: 9e0ba1bf-2cf0-44b1-9494-0924e9839699fdd58e
			.portal.garciastaxservice.com/	1970-01-20 02:39:17	Name: __stripe_sid Value: 81d1c973-c225-4c11-823a-82a0b88c51b765e17a
			app.taxaroo.com/	1970-01-20 02:43:35	Name: connect.sid Value: s%3AJNphRHGY13VRzzj_3RKh8bv6DIgqj6ri.rEZ33EA7gpE55TkH2dDZ1VTt5Pg6qepjAghcrIfD828

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.taxaroo.com
apis.google.com
app.taxaroo.com
clients.taxaroo.com
js.stripe.com
m.stripe.com
m.stripe.network
portal.garciastaxservice.com
q.stripe.com
r.stripe.com
taxaroo1.s3.amazonaws.com
151.101.64.176
18.66.2.118
2600:9000:225a:a400:a:af64:6c80:93a1
2a00:1450:4001:813::200e
34.193.78.37
35.162.3.11
52.22.46.2
54.186.23.98
54.187.159.182
54.231.165.129
1402fe43c86f3346d9d90bdd3f97d19a137b2fc17a1480923599fd44d19816e1
1ab146158945444820fd4d7f7f538a921732149d6a4f7818f58301e1734c5fcc
20353c3bad3ee3e9385b00a0b4f328946501444b888fef485d4ec05fb5c9c5da
24e5693874dbd66ac2024c005d2542546b5dedd5bea5096ff3e9183d4a6ae813
3c517dcb77f89332b58a2c26ed6ea80e8b40b02d11e25659c5d09736389c1ded
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
9522e038ac9ed7ee977ede1660efe457eec918fc9305b663e207ae860a45c018
990a970d0b13f02acfecc901ef01c6d8fd87b05fbb7173e2a1ecb5ffbc3ef514
a112f8f0717d42ab09edf17e6583b29dc651b7cda4b474e413a3558d0f16ad67
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a7cfe4a1a276a0ceb0fda6a6ca3f960eb05434d6627a53c7bcc4ff8cc8246d41
a901d90ba255bf03338f50786eb7f56033a915131982e08ab8473e4817105adb
aef24cb9adefb156f67ce5d1ac88e2c82a1eb773c6a5f25912441548cb54a960
c5d4b09017ef39701877a9d320137fb2d1f21539ea01a987cfad0f888720131b
cc3b065a88f20c7fb90c011500f46afe988f9a41c87c1fd2bed843ba42337861
dee98500038ab62f3c376a441cc48d82373ed5ac693d91b5393269a50314d2b7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecc4d4d00fa51a05dd32c9a6aabe1c08c9792d59fffd4c1119cc2ef223ac184d
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f84cd6222d2dc1ae1b7cdbf1147052f90a263312031e9f59d9bb15d3c053b145