urlscan.io logo urlscan.io
SecurityTrails logo

gctaxhelp.com Open in urlscan Pro
34.205.42.6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://m00pfj9dhz.freedomsoftsites.com/
Effective URL: https://gctaxhelp.com/
Submission: On July 13 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 8 domains to perform 24 HTTP transactions. The main IP is 34.205.42.6, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is gctaxhelp.com.
TLS certificate: Issued by R3 on July 13th 2023. Valid for: 3 months.
This is the only time gctaxhelp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 34.205.42.6 14618 (AMAZON-AES)
3 13.225.231.123 16509 (AMAZON-02)
5 52.216.114.117 16509 (AMAZON-02)
1 2 54.211.103.28 14618 (AMAZON-AES)
2 162.159.138.60 13335 (CLOUDFLAR...)
8 146.75.34.109 54113 (FASTLY)
3 2607:f8b0:400... 15169 (GOOGLE)
1 34.120.202.204 396982 (GOOGLE-CL...)
24 8
2    34.205.42.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-42-6.compute-1.amazonaws.com
m00pfj9dhz.freedomsoftsites.com
gctaxhelp.com
3    13.225.231.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-231-123.jfk51.r.cloudfront.net
ddazrdkhbg01e.cloudfront.net
5    52.216.114.117 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
2    54.211.103.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-103-28.compute-1.amazonaws.com
my.freedomsoft.com
2    162.159.138.60 (None, )

ASN13335 (CLOUDFLARENET, US)
player.vimeo.com
vimeo.com
8    146.75.34.109 (Ashburn, United States)

ASN54113 (FASTLY, US)
f.vimeocdn.com
i.vimeocdn.com
3    2607:f8b0:4006:824::2003 (Flushing, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    34.120.202.204 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 204.202.120.34.bc.googleusercontent.com
fresnel.vimeocdn.com
Apex Domain
Subdomains		 Transfer
9 vimeocdn.com
f.vimeocdn.com — Cisco Umbrella Rank: 3676
i.vimeocdn.com — Cisco Umbrella Rank: 3598
fresnel.vimeocdn.com — Cisco Umbrella Rank: 3683
297 KB
5 amazonaws.com
s3.amazonaws.com
2 MB
3 gstatic.com
www.gstatic.com
30 KB
3 cloudfront.net
ddazrdkhbg01e.cloudfront.net
565 KB
2 vimeo.com
player.vimeo.com — Cisco Umbrella Rank: 2033
vimeo.com — Cisco Umbrella Rank: 1887
10 KB
2 freedomsoft.com
my.freedomsoft.com
4 KB
1 gctaxhelp.com
gctaxhelp.com
4 KB
1 freedomsoftsites.com
m00pfj9dhz.freedomsoftsites.com
243 B
24 8
Domain Requested by
5 s3.amazonaws.com gctaxhelp.com
4 i.vimeocdn.com player.vimeo.com
gctaxhelp.com
f.vimeocdn.com
4 f.vimeocdn.com player.vimeo.com
3 www.gstatic.com f.vimeocdn.com
www.gstatic.com
3 ddazrdkhbg01e.cloudfront.net gctaxhelp.com
2 my.freedomsoft.com 1 redirects gctaxhelp.com
1 vimeo.com f.vimeocdn.com
1 fresnel.vimeocdn.com f.vimeocdn.com
1 player.vimeo.com gctaxhelp.com
1 gctaxhelp.com
1 m00pfj9dhz.freedomsoftsites.com 1 redirects
24 11

This site contains links to these domains. Also see Links.

Domain
www.freedomsoft.com
Subject Issuer Validity Valid
gctaxhelp.com
R3		 2023-07-13 -
2023-10-11		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2023-04-11 -
2023-12-20		 8 months crt.sh
*.freedomsoft.com
Amazon RSA 2048 M01		 2023-03-24 -
2024-04-21		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-01 -
2024-02-29		 a year crt.sh
*.vimeocdn.com
GlobalSign Atlas R3 DV TLS CA 2023 Q1		 2023-02-18 -
2024-03-21		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
fresnel.vimeocdn.com
GTS CA 1D4		 2023-05-17 -
2023-08-15		 3 months crt.sh
vimeo.com
Cloudflare Inc ECC CA-3		 2022-09-21 -
2023-09-20		 a year crt.sh

This page contains 2 frames:

Primary Page: https://gctaxhelp.com/
Frame ID: EAC6D6BFA5F72F0B06C972CE8E903C20
Requests: 10 HTTP requests in this frame

Frame: https://player.vimeo.com/video/470210023?h=24a7e77f5d&badge=0&autopause=0&player_id=0&app_id=58479
Frame ID: 5CF7679FEEDF579E25BCCD6592DFFDA4
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Greater Cleveland Tax Help Welcome Page

Page URL History Show full URLs

  1. https://m00pfj9dhz.freedomsoftsites.com/ HTTP 302
    https://gctaxhelp.com/ Page URL

Page Statistics

24
Requests

96 %
HTTPS

13 %
IPv6

8
Domains

11
Subdomains

8
IPs

2
Countries

3117 kB
Transfer

4080 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://m00pfj9dhz.freedomsoftsites.com/ HTTP 302
    https://gctaxhelp.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://my.freedomsoft.com/forms/public.js HTTP 302
  • https://ddazrdkhbg01e.cloudfront.net/assets/forms-d430586839d884c47ce09b4259a4dbd0fe57f3b274d1d8edf54b2929398d57f3.js

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
gctaxhelp.com/
Redirect Chain
  • https://m00pfj9dhz.freedomsoftsites.com/
  • https://gctaxhelp.com/
10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gctaxhelp.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.205.42.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-42-6.compute-1.amazonaws.com
Software
nginx/1.17.6 + Phusion Passenger 6.0.4 / Phusion Passenger 6.0.4
Resource Hash
28534d87a0494dab59ec5ac2ddb91eecfa99b84e79321b46809ba812eea079ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Thu, 13 Jul 2023 06:33:26 GMT
ETag
W/"28534d87a0494dab59ec5ac2ddb91eec"
Link
<https://gctaxhelp.com/>; rel="canonical"
Referrer-Policy
strict-origin-when-cross-origin
Server
nginx/1.17.6 + Phusion Passenger 6.0.4
Status
200 OK
Strict-Transport-Security
max-age=31536000; includeSubDomains
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Download-Options
noopen
X-Frame-Options
SAMEORIGIN
X-Permitted-Cross-Domain-Policies
none
X-Powered-By
Phusion Passenger 6.0.4
X-Request-Id
dd9c66e8-2b04-4332-bd6d-1c2f339cbab5
X-Runtime
0.016075
X-XSS-Protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
14
Date
Thu, 13 Jul 2023 06:33:25 GMT
Location
https://gctaxhelp.com/
Server
nginx/1.17.6 + Phusion Passenger 6.0.4
Status
302 Found
X-Powered-By
Phusion Passenger 6.0.4
theme-224904b3e10454f8fda1cac755b84c09efae64bfbbc3a36c8c47ebc8ab43a348.css
ddazrdkhbg01e.cloudfront.net/assets/websites/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ddazrdkhbg01e.cloudfront.net/assets/websites/theme-224904b3e10454f8fda1cac755b84c09efae64bfbbc3a36c8c47ebc8ab43a348.css
Requested by
Host: gctaxhelp.com
URL: https://gctaxhelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.231.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-231-123.jfk51.r.cloudfront.net
Software
nginx/1.17.6 /
Resource Hash
224904b3e10454f8fda1cac755b84c09efae64bfbbc3a36c8c47ebc8ab43a348

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gctaxhelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 14:00:34 GMT
content-encoding
gzip
via
1.1 2e7e64e85275c7c3d580e9eab0385c02.cloudfront.net (CloudFront)
last-modified
Mon, 23 Dec 2019 17:07:37 GMT
server
nginx/1.17.6
x-amz-cf-pop
JFK51-C1
age
59571
etag
W/"5e00f459-1f5f"
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
JcCKVjpTcZeajmk2fjQXAhx82kVZWinwVrNi0d4QuFX1-1CR_33hYA==
sites-10656d822ce7bd34ec591c97eb804b7800632484b409a3bdabc396b2c815f854.js
ddazrdkhbg01e.cloudfront.net/assets/ 		474 KB
475 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ddazrdkhbg01e.cloudfront.net/assets/sites-10656d822ce7bd34ec591c97eb804b7800632484b409a3bdabc396b2c815f854.js
Requested by
Host: gctaxhelp.com
URL: https://gctaxhelp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.231.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-231-123.jfk51.r.cloudfront.net
Software
nginx/1.17.6 /
Resource Hash
10656d822ce7bd34ec591c97eb804b7800632484b409a3bdabc396b2c815f854

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gctaxhelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 16:50:23 GMT
via
1.1 2e7e64e85275c7c3d580e9eab0385c02.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 22:47:17 GMT
server
nginx/1.17.6
x-amz-cf-pop
JFK51-C1
age
49383
etag
"6376b9f5-7688a"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
485514
x-amz-cf-id
bP3zMU3C0H4gPU9J5yVVZlDIwjIkBZV_pueKcUqelvJYSKfwiG30xw==
Kristin.png
s3.amazonaws.com/com.freedomsoft.production/site/media/files/159740/original/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/com.freedomsoft.production/site/media/files/159740/original/Kristin.png
Requested by
Host: gctaxhelp.com
URL: https://gctaxhelp.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.114.117 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
412d043194097892b57d7a021647becc74d76232a80b1231613262d6046ca0b1

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gctaxhelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 06:33:28 GMT
Last-Modified
Wed, 12 Jul 2023 20:49:17 GMT
Server
AmazonS3
x-amz-request-id
0X1KSM9CYXGXPKH7
ETag
"d21a49c79784e087a649a0f5d78036ce"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
73177
x-amz-id-2
s53GoRjLmFUI3gXIADsI4pNpzt/0SokOv0CB2WRIAb+qWp6LiKy7bIyTrk5I65b6fQVZJ0ZeR6Q=
fs_img1.jpeg
s3.amazonaws.com/com.freedomsoft.production/site/media/files/159721/original/ 		216 KB
216 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/com.freedomsoft.production/site/media/files/159721/original/fs_img1.jpeg
Requested by
Host: gctaxhelp.com
URL: https://gctaxhelp.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.114.117 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b107d6b1845e2d91e95a2ce1cc8a6f960972173e3f0a981aa16b7fd7ffd7dd2d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gctaxhelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 06:33:28 GMT
Last-Modified
Wed, 12 Jul 2023 20:47:40 GMT
Server
AmazonS3
x-amz-request-id
0X1HHEPGJSZFXM53
ETag
"02113f936a290f3f2037babb4c3e90a0"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
220829
x-amz-id-2
5b/fP4hR5G4GUky+csENqtP/JF7JyrpaQRPMH7xnDrGlO7ovK6MG5aezq118v7xDlPvdTQgvZGk=
fs_img_2.jpeg
s3.amazonaws.com/com.freedomsoft.production/site/media/files/159722/original/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/com.freedomsoft.production/site/media/files/159722/original/fs_img_2.jpeg
Requested by
Host: gctaxhelp.com
URL: https://gctaxhelp.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.114.117 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
061881f9e26a2b78510135063e07fda8919739a8ab227caf69eff759abf7032b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gctaxhelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 06:33:28 GMT
Last-Modified
Wed, 12 Jul 2023 20:47:40 GMT
Server
AmazonS3
x-amz-request-id
0X1ZEHCK3SSSCFAP
ETag
"832f4cda23cab4d3f9844cb47646d33f"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
47619
x-amz-id-2
luycD8YHrRVUc/5bPfhZl/BE8HOI9kWkyHanFbJMUsdASShVsjEdz4TurcrSZjgw4+kIi74ESms=
fs_img_3.jpeg
s3.amazonaws.com/com.freedomsoft.production/site/media/files/159723/original/ 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/com.freedomsoft.production/site/media/files/159723/original/fs_img_3.jpeg
Requested by
Host: gctaxhelp.com
URL: https://gctaxhelp.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.114.117 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
4f391782eb0ab821b8bdaa1e4d3f81b318a1eeb1412898e55bfde8bf6c163173

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gctaxhelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 06:33:28 GMT
Last-Modified
Wed, 12 Jul 2023 20:47:40 GMT
Server
AmazonS3
x-amz-request-id
0X1ZSZPAYXMS1K7T
ETag
"b5c3248a15bcb1e923536a2f75d43301"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
72665
x-amz-id-2
T5Jt2uyt6Y+mchpH4hAV9OBjOqzzxDOix6feiS2jnjOkRWT7FatQFCuyJJr2ZjxKhH9Uf2aAVu8=
ADAActoyhvI5eg.js
my.freedomsoft.com/forms/public/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my.freedomsoft.com/forms/public/ADAActoyhvI5eg.js
Requested by
Host: gctaxhelp.com
URL: https://gctaxhelp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.103.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-103-28.compute-1.amazonaws.com
Software
nginx/1.17.6 + Phusion Passenger 6.0.4 / Phusion Passenger 6.0.4
Resource Hash
ffdcf307d432a13d21055d016f7300f36e1c2f13b8e59f77a7165791513128cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gctaxhelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 06:33:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-permitted-cross-domain-policies
none
x-powered-by
Phusion Passenger 6.0.4
status
200 OK
x-xss-protection
1; mode=block
x-request-id
a9f3adc2-95a8-4ae4-b283-aa3a761b1b76
pragma
no-cache
x-runtime
0.017454
referrer-policy
strict-origin-when-cross-origin
x-pjax-version
1dd5866da125c9058b5c7f7edc25a3b1417c5d6942c7900d00ecd89919f2617d127e6c1db881e30480bae41c47e800832b2251362f54e371dc1060d0093e7159d1b6db6f46fde7d7f37f308cb1a5a19ecfd2f8e9ba59b450c97f3f371401a823
server
nginx/1.17.6 + Phusion Passenger 6.0.4
etag
W/"ffdcf307d432a13d21055d016f7300f3"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
no-cache, no-store
expires
Thu, 01 Jan 1970 00:00:00 GMT
470210023
player.vimeo.com/video/ Frame 5CF7 		21 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/470210023?h=24a7e77f5d&badge=0&autopause=0&player_id=0&app_id=58479
Requested by
Host: gctaxhelp.com
URL: https://gctaxhelp.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9c29db06114116784e47bd8e3e9f13cfe750368fc947f0616c2821f6a5fc1c5
Security Headers
Name Value
Content-Security-Policy default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://*.ci.vimeows.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://gctaxhelp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Age
0
CF-Cache-Status
DYNAMIC
CF-RAY
7e5f7e9b7ff12594-MIA
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Thu, 13 Jul 2023 06:33:27 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
Via
1.1 varnish
X-Cache
MISS
X-Cache-Hits
0
X-Served-By
cache-mia-kmia1760046-MIA
X-Timer
S1689230008.609145,VS0,VE70
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy
default-src 'none'; script-src 'self' 'unsafe-inline' https://*.vimeocdn.com 'unsafe-eval' blob: resource: https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://cdn.kollective.app/ https://wirewax.s3.eu-west-1.amazonaws.com https://edge-assets.wirewax.com https://embedder-sdk.wirewax.com https://embedder-sdk.wirewax.tv; style-src 'self' 'unsafe-inline' https://*.vimeocdn.com https://fonts.googleapis.com https://edge-assets.wirewax.com; connect-src 'self' ws: wss: https://vimeo.com https://api.vimeo.com https://csi.gstatic.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://*.dna-delivery.com https://*.kollective.app https://*.kollective.app:31015 https://*.kollectivecd.com https://*.hivestreaming.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://*.wirewax.tv https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com https://sqs.eu-west-1.amazonaws.com https://s3-eu-west-1.amazonaws.com https://cognito-identity.us-east-1.amazonaws.com https://cognito-identity.eu-west-1.amazonaws.com; font-src data: https://edge-assets.wirewax.com https://fonts.gstatic.com https://player.vimeo.com; img-src 'self' data: https://player.vimeo.com https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://*.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://*.ci.vimeows.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://edge-assets.wirewax.com https://maps.googleapis.com android-webview-video-poster:; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com; frame-src 'self' https://*; report-uri /_csp
expires
Fri, 15 Dec 1985 19:30:00 GMT
link
<https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-backend-server
player-backend-edge-entry
x-bapp-server
player-backend-544cb6dc9f-kn59f
x-content-type-options
nosniff
x-host
player-backend-544cb6dc9f-kn59f
x-player-backend
g
x-xss-protection
1; mode=block
forms-d430586839d884c47ce09b4259a4dbd0fe57f3b274d1d8edf54b2929398d57f3.js
ddazrdkhbg01e.cloudfront.net/assets/
Redirect Chain
  • https://my.freedomsoft.com/forms/public.js
  • https://ddazrdkhbg01e.cloudfront.net/assets/forms-d430586839d884c47ce09b4259a4dbd0fe57f3b274d1d8edf54b2929398d57f3.js
87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ddazrdkhbg01e.cloudfront.net/assets/forms-d430586839d884c47ce09b4259a4dbd0fe57f3b274d1d8edf54b2929398d57f3.js
Requested by
Host: gctaxhelp.com
URL: https://gctaxhelp.com/
Protocol
H2
Server
13.225.231.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-231-123.jfk51.r.cloudfront.net
Software
nginx/1.17.6 /
Resource Hash
d430586839d884c47ce09b4259a4dbd0fe57f3b274d1d8edf54b2929398d57f3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gctaxhelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 11:05:20 GMT
via
1.1 2e7e64e85275c7c3d580e9eab0385c02.cloudfront.net (CloudFront)
last-modified
Mon, 08 Mar 2021 21:32:44 GMT
server
nginx/1.17.6
x-amz-cf-pop
JFK51-C1
age
70087
etag
"604697fc-15cb8"
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
89272
x-amz-cf-id
l0RBQslJby1-EShgshcj0IUhM6m_J9-UgN8oXgKlH7H5d07YLYFODg==

Redirect headers

date
Thu, 13 Jul 2023 06:33:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-powered-by
Phusion Passenger 6.0.4
status
302 Found
x-xss-protection
1; mode=block
x-request-id
9b378e2a-dc2e-4a0d-b20c-702225aab069
pragma
no-cache
x-runtime
0.002516
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.17.6 + Phusion Passenger 6.0.4
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
location
//ddazrdkhbg01e.cloudfront.net/assets/forms-d430586839d884c47ce09b4259a4dbd0fe57f3b274d1d8edf54b2929398d57f3.js
cache-control
no-cache, no-store
expires
Thu, 01 Jan 1970 00:00:00 GMT
blurred-conference-room-background2.jpg
s3.amazonaws.com/com.freedomsoft.production/site/media/files/159729/original/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/com.freedomsoft.production/site/media/files/159729/original/blurred-conference-room-background2.jpg
Requested by
Host: gctaxhelp.com
URL: https://gctaxhelp.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.114.117 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
852a0ed8c8530ea2ea4c594cf3e64112203a22ef42c68da9780bc8120c08f925

Request headers

accept-language
en-US,en;q=0.9
Referer
https://gctaxhelp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Thu, 13 Jul 2023 06:33:28 GMT
Last-Modified
Wed, 12 Jul 2023 20:47:41 GMT
Server
AmazonS3
x-amz-request-id
0X1S92PXBZBBP4F1
ETag
"c084cc5ec48f59f866ce625e1bfe2388"
x-amz-server-side-encryption
AES256
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
1843976
x-amz-id-2
UYm5RgYVBoZRtFihar5mokHqpLv1fl4ER/KoW5/+BvcHsWJYtrz6Q9w5fSwoa3XAJ0fvMVJyHZs=
player.module.js
f.vimeocdn.com/p/4.24.13/js/ Frame 5CF7 		517 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/4.24.13/js/player.module.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/470210023?h=24a7e77f5d&badge=0&autopause=0&player_id=0&app_id=58479
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.34.109 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cedc131e8dd0e97e76357f04779c7adc7aa87283b3a24a1210b6ef89ec04732f

Request headers

Referer
https://player.vimeo.com/
Origin
https://player.vimeo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by
cache-iad-kjyo7100098-IAD
date
Thu, 13 Jul 2023 06:33:27 GMT
content-encoding
br
via
1.1 varnish
age
32568
x-timer
S1689230008.911790,VS0,VE0
vary
Accept-Encoding,x-http-method-override
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
content-length
127189
x-cache-hits
3650
vendor.module.js
f.vimeocdn.com/p/4.24.13/js/ Frame 5CF7 		395 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/4.24.13/js/vendor.module.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/470210023?h=24a7e77f5d&badge=0&autopause=0&player_id=0&app_id=58479
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.34.109 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1acca90963a0895f09b6d76f440dc9168ab1d4c13260eee938056e992105376e

Request headers

Referer
https://player.vimeo.com/
Origin
https://player.vimeo.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by
cache-iad-kjyo7100098-IAD
date
Thu, 13 Jul 2023 06:33:27 GMT
content-encoding
br
via
1.1 varnish
age
32568
x-timer
S1689230008.911778,VS0,VE0
vary
Accept-Encoding,x-http-method-override
x-cache
HIT
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
content-length
97707
x-cache-hits
3812
player.css
f.vimeocdn.com/p/4.24.13/css/ Frame 5CF7 		207 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/4.24.13/css/player.css
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/470210023?h=24a7e77f5d&badge=0&autopause=0&player_id=0&app_id=58479
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.34.109 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7ce3d2adfdca34cc141dc6fc2f4a3db16f05caad3f1d0ea616a47aef3b053efe

Request headers

accept-language
en-US,en;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by
cache-iad-kjyo7100115-IAD
date
Thu, 13 Jul 2023 06:33:27 GMT
content-encoding
br
via
1.1 varnish
age
32569
x-timer
S1689230008.911964,VS0,VE0
vary
Accept-Encoding,x-http-method-override
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
content-length
21544
x-cache-hits
4014
978712683-9334a97763d0f03b72c6ebba1dc954a7b9e0a33a140317d688e2febf96ff48e3-d.jpg
i.vimeocdn.com/video/ Frame 5CF7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/978712683-9334a97763d0f03b72c6ebba1dc954a7b9e0a33a140317d688e2febf96ff48e3-d.jpg?mw=80&q=85
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/470210023?h=24a7e77f5d&badge=0&autopause=0&player_id=0&app_id=58479
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.34.109 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
70b65be30dc7952e000866f425c5bb49255e1b797b5a8b1a584e5b1e135688d5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 06:33:27 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
2560466
x-viewmaster-lossless-format
lossy
x-cache
miss, HIT, HIT
x-backend-server
varnish
content-length
1692
viewmaster-server
viewmaster-us-central1-ccnr
x-served-by
cache-dfw-kdfw8210123-DFW, cache-iad-kjyo7100152-IAD
x-timer
S1689230008.912946,VS0,VE2
etag
5e360847ae9ab9a9dde7ef046360511c
access-control-max-age
86400
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Viewmaster-Status
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
175, 1
vuid.min.js
f.vimeocdn.com/js_opt/modules/utils/ Frame 5CF7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/470210023?h=24a7e77f5d&badge=0&autopause=0&player_id=0&app_id=58479
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.34.109 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

x-served-by
cache-iad-kjyo7100115-IAD
date
Thu, 13 Jul 2023 06:33:28 GMT
content-encoding
gzip
via
1.1 varnish
age
1561621
x-timer
S1689230008.332632,VS0,VE0
vary
Accept-Encoding,x-http-method-override
x-cache
HIT
content-type
application/javascript
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
content-length
985
x-cache-hits
142158
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 5CF7 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.24.13/js/vendor.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 06:33:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 13 Jul 2023 06:33:28 GMT
978712683-9334a97763d0f03b72c6ebba1dc954a7b9e0a33a140317d688e2febf96ff48e3-d
i.vimeocdn.com/video/ Frame 5CF7 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/978712683-9334a97763d0f03b72c6ebba1dc954a7b9e0a33a140317d688e2febf96ff48e3-d?mw=800&mh=450
Requested by
Host: gctaxhelp.com
URL: https://gctaxhelp.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.34.109 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3dc36a922c51f2a42bb5a1f3f4d89e83a8e5e0bf6f097524d980266518fa0a13

Request headers

accept-language
en-US,en;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 06:33:28 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
809381
x-viewmaster-lossless-format
automatic
x-cache
miss, HIT, HIT
x-backend-server
varnish
content-length
25971
viewmaster-server
viewmaster-us-central1-j14g
x-served-by
cache-dfw-kdfw8210021-DFW, cache-iad-kjyo7100152-IAD
x-timer
S1689230008.442288,VS0,VE4
etag
b7920a2a32738b76608cf4839d7800d5
access-control-max-age
86400
vary
Accept
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
X-Viewmaster-Status
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
147, 1
player-stats
fresnel.vimeocdn.com/add/ Frame 5CF7 		0
143 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=f91074c000961b2d6f10c4cb9257b703a7950d2b1689230007
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.24.13/js/vendor.module.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Thu, 13 Jul 2023 06:33:28 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
vuid
vimeo.com/ablincoln/ Frame 5CF7 		0
900 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vimeo.com/ablincoln/vuid?pid=f91074c000961b2d6f10c4cb9257b703a7950d2b1689230007
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.159.138.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

expires
Wed, 12 Jul 2023 18:33:28 GMT
Date
Thu, 13 Jul 2023 06:33:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
CF-Cache-Status
DYNAMIC
Via
1.1 varnish, 1.1 varnish
content-security-policy-report-only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache
MISS, MISS
Connection
keep-alive
x-xss-protection
1; mode=block
X-Served-By
cache-iad-kiad7000116-IAD, cache-mia-kmia1760038-MIA
x-ua-compatible
IE=edge
x-vimeo-device
d
Server
cloudflare
X-Timer
S1689230009.598163,VS0,VE62
x-backend-proxy
webproxy17
x-frame-options
sameorigin
Vary
User-Agent
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-bapp-server
pweb-bdf98464-6g7nz
Accept-Ranges
bytes
CF-RAY
7e5f7ea1ab6b287a-MIA
X-Cache-Hits
0, 0
978712683-9334a97763d0f03b72c6ebba1dc954a7b9e0a33a140317d688e2febf96ff48e3-d
i.vimeocdn.com/video/ Frame 5CF7 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/978712683-9334a97763d0f03b72c6ebba1dc954a7b9e0a33a140317d688e2febf96ff48e3-d?mw=800&mh=450
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.34.109 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3dc36a922c51f2a42bb5a1f3f4d89e83a8e5e0bf6f097524d980266518fa0a13

Request headers

accept-language
en-US,en;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 06:33:28 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
809381
x-viewmaster-lossless-format
automatic
x-cache
miss, HIT, HIT
x-backend-server
varnish
content-length
25971
viewmaster-server
viewmaster-us-central1-j14g
x-served-by
cache-dfw-kdfw8210021-DFW, cache-iad-kjyo7100152-IAD
x-timer
S1689230009.589095,VS0,VE0
etag
b7920a2a32738b76608cf4839d7800d5
access-control-max-age
86400
vary
Accept
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
X-Viewmaster-Status
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
147, 2
978712683-9334a97763d0f03b72c6ebba1dc954a7b9e0a33a140317d688e2febf96ff48e3-d.jpg
i.vimeocdn.com/video/ Frame 5CF7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/978712683-9334a97763d0f03b72c6ebba1dc954a7b9e0a33a140317d688e2febf96ff48e3-d.jpg?mw=80&q=85
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/4.24.13/js/vendor.module.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.34.109 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
70b65be30dc7952e000866f425c5bb49255e1b797b5a8b1a584e5b1e135688d5

Request headers

accept-language
en-US,en;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 06:33:28 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
2560467
x-viewmaster-lossless-format
lossy
x-cache
miss, HIT, HIT
x-backend-server
varnish
content-length
1692
viewmaster-server
viewmaster-us-central1-ccnr
x-served-by
cache-dfw-kdfw8210123-DFW, cache-iad-kjyo7100152-IAD
x-timer
S1689230009.671212,VS0,VE0
etag
5e360847ae9ab9a9dde7ef046360511c
access-control-max-age
86400
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-Viewmaster-Status
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
175, 2
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame 5CF7 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 06:33:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12197
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 23:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="chrome-dongle"
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
expires
Thu, 13 Jul 2023 06:33:29 GMT
cast_sender.js
www.gstatic.com/eureka/clank/114/ Frame 5CF7 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/114/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:824::2003 Flushing, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
184de53a881ec8e4e218974c548e2fc8e0da4b8ddaff2e7bdc6267c6e70a8636
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 12 Jul 2023 14:16:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58645
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15225
x-xss-protection
0
last-modified
Mon, 17 Apr 2023 15:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 13 Jul 2023 14:16:04 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend function| $ function| jQuery object| Colors function| currencyFormat function| module function| uniqueId function| commaize function| numberToCurrency function| constructorName function| stubDate object| image_paths function| image_path function| image_url object| Observations object| Sites object| formHelper

3 Cookies

Domain/Path Name / Value
gctaxhelp.com/ Name: timezone
Value: 0
.vimeo.com/ Name: __cf_bm
Value: ugrDvzUcp_CYmcgPNwa6ue7qOPnS69_fJkUwsEcwKTM-1689230007-0-AbEsr+bEF2kXuDu7l9Tcq9z6WWlMrPYEF9eQUhQ6cgB4id6atxCpCVerdnc5AH4Ckh3A+sVCks1vXcmTTcijhF0=
.vimeo.com/ Name: vuid
Value: pl2052426892.249317056

1 Console Messages

Source Level URL
Text
other warning URL: https://gctaxhelp.com/(Line 136)
Message:
Allow attribute will take precedence over 'allowfullscreen'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ddazrdkhbg01e.cloudfront.net
f.vimeocdn.com
fresnel.vimeocdn.com
gctaxhelp.com
i.vimeocdn.com
m00pfj9dhz.freedomsoftsites.com
my.freedomsoft.com
player.vimeo.com
s3.amazonaws.com
vimeo.com
www.gstatic.com
13.225.231.123
146.75.34.109
162.159.138.60
2607:f8b0:4006:824::2003
34.120.202.204
34.205.42.6
52.216.114.117
54.211.103.28
061881f9e26a2b78510135063e07fda8919739a8ab227caf69eff759abf7032b
10656d822ce7bd34ec591c97eb804b7800632484b409a3bdabc396b2c815f854
184de53a881ec8e4e218974c548e2fc8e0da4b8ddaff2e7bdc6267c6e70a8636
1acca90963a0895f09b6d76f440dc9168ab1d4c13260eee938056e992105376e
224904b3e10454f8fda1cac755b84c09efae64bfbbc3a36c8c47ebc8ab43a348
28534d87a0494dab59ec5ac2ddb91eecfa99b84e79321b46809ba812eea079ab
3dc36a922c51f2a42bb5a1f3f4d89e83a8e5e0bf6f097524d980266518fa0a13
412d043194097892b57d7a021647becc74d76232a80b1231613262d6046ca0b1
4f391782eb0ab821b8bdaa1e4d3f81b318a1eeb1412898e55bfde8bf6c163173
70b65be30dc7952e000866f425c5bb49255e1b797b5a8b1a584e5b1e135688d5
7ce3d2adfdca34cc141dc6fc2f4a3db16f05caad3f1d0ea616a47aef3b053efe
852a0ed8c8530ea2ea4c594cf3e64112203a22ef42c68da9780bc8120c08f925
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
b107d6b1845e2d91e95a2ce1cc8a6f960972173e3f0a981aa16b7fd7ffd7dd2d
c051b8b5eb2a0aef699780f15a449491868faa6f8b39b684b5ae8f64f345b94a
c9c29db06114116784e47bd8e3e9f13cfe750368fc947f0616c2821f6a5fc1c5
cedc131e8dd0e97e76357f04779c7adc7aa87283b3a24a1210b6ef89ec04732f
d430586839d884c47ce09b4259a4dbd0fe57f3b274d1d8edf54b2929398d57f3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ffdcf307d432a13d21055d016f7300f36e1c2f13b8e59f77a7165791513128cc