efile1099now.efile1.com Open in urlscan Pro
40.79.154.192 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://efile1099now.efile1.com/Recipient/RecipientSignUp.aspx
Submission Tags: falconsandbox
Submission: On October 10 via api (October 10th 2021, 9:24:18 pm UTC) from US — Scanned from DE

Summary HTTP 47 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 12 IPs in 4 countries across 10 domains to perform 47 HTTP transactions. The main IP is 40.79.154.192, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is efile1099now.efile1.com.
TLS certificate: Issued by GeoTrust TLS RSA CA G1 on September 20th 2019. Valid for: 2 years.

This is the only time efile1099now.efile1.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	40.79.154.192 40.79.154.192	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	142.250.184.234 142.250.184.234	15169 (GOOGLE) (GOOGLE)
1	104.16.114.53 104.16.114.53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.16.136 172.217.16.136	15169 (GOOGLE) (GOOGLE)
1	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
1	18.66.112.119 18.66.112.119	16509 (AMAZON-02) (AMAZON-02)
1	35.201.112.186 35.201.112.186	15169 (GOOGLE) (GOOGLE)
5	104.111.238.11 104.111.238.11	16625 (AKAMAI-AS) (AKAMAI-AS)
3	142.250.185.163 142.250.185.163	15169 (GOOGLE) (GOOGLE)
11	93.184.220.42 93.184.220.42	15133 (EDGECAST) (EDGECAST)
4	34.96.127.16 34.96.127.16	15169 (GOOGLE) (GOOGLE)
47	12

12 40.79.154.192 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

efile1099now.efile1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adminapi.formstax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
excaliburapi.formstax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.114.53 (None, )

ASN13335 (CLOUDFLARENET, US)

js.recurly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.119 (United States)

ASN16509 (AMAZON-02, US)

cdn.pendo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.112.186 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 186.112.201.35.bc.googleusercontent.com

edge.fullstory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.111.238.11 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-238-11.deploy.static.akamaitechnologies.com

cdn.formstax.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 93.184.220.42 (London, United Kingdom)

ASN15133 (EDGECAST, US)

static.olark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.96.127.16 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 16.127.96.34.bc.googleusercontent.com

nrpc.olark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.olark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
log.olark.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	olark.com static.olark.com nrpc.olark.com api.olark.com log.olark.com	637 KB
11	formstax.com adminapi.formstax.com excaliburapi.formstax.com cdn.formstax.com	64 KB
6	efile1.com efile1099now.efile1.com	2 MB
3	gstatic.com fonts.gstatic.com	51 KB
2	googleapis.com fonts.googleapis.com	2 KB
1	fullstory.com edge.fullstory.com rs.fullstory.com Failed	64 KB
1	pendo.io cdn.pendo.io app.pendo.io Failed	134 KB
1	google-analytics.com www.google-analytics.com	20 KB
1	googletagmanager.com www.googletagmanager.com	57 KB
1	recurly.com js.recurly.com	71 KB
47	10

	Domain	Requested by
11	static.olark.com	efile1099now.efile1.com static.olark.com
6	efile1099now.efile1.com	efile1099now.efile1.com
5	cdn.formstax.com
4	excaliburapi.formstax.com	efile1099now.efile1.com
3	fonts.gstatic.com	fonts.googleapis.com
2	log.olark.com
2	adminapi.formstax.com	efile1099now.efile1.com
2	fonts.googleapis.com	efile1099now.efile1.com
1	api.olark.com	static.olark.com
1	nrpc.olark.com	static.olark.com
1	edge.fullstory.com	efile1099now.efile1.com
1	cdn.pendo.io	efile1099now.efile1.com
1	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	www.googletagmanager.com	efile1099now.efile1.com
1	js.recurly.com	efile1099now.efile1.com
0	app.pendo.io Failed	efile1099now.efile1.com
0	rs.fullstory.com Failed	edge.fullstory.com
47	17

This site contains links to these domains. Also see Links.

Domain
efile1.zendesk.com

Subject Issuer	Validity	Valid
*.efile1.com GeoTrust TLS RSA CA G1	`2019-09-20` - `2021-11-18`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.recurly.com DigiCert SHA2 High Assurance Server CA	`2020-04-21` - `2022-06-03`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
cdn.pendo.io Amazon	`2021-08-29` - `2022-09-27`	a year	crt.sh
edge.fullstory.com GTS CA 1D4	`2021-08-22` - `2021-11-20`	3 months	crt.sh
*.formstax.com GeoTrust RSA CA 2018	`2020-06-17` - `2022-07-22`	2 years	crt.sh
www.taylortechservices.com GeoTrust RSA CA 2018	`2021-04-23` - `2021-11-06`	7 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
s2.wac.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2020-11-17` - `2021-11-23`	a year	crt.sh
*.olark.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-09-20` - `2022-10-21`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://efile1099now.efile1.com/Recipient/RecipientSignUp.aspx
Frame ID: EC4310BBCBAEDB536E66F1004ED2FC56
Requests: 34 HTTP requests in this frame

Frame: https://static.olark.com/jsclient/loader0.js
Frame ID: 8DB3700CBA0E210A1E313C22EB7EA818
Requests: 1 HTTP requests in this frame

Frame: https://static.olark.com/jsclient/app.js
Frame ID: 2E6658533FA0B604113348379EE42C8F
Requests: 7 HTTP requests in this frame

Frame: https://static.olark.com/jsclient-bucket3/storage.html?v=1633544683874
Frame ID: E594FB91580011C988FCF102B4FE58AE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Efile1099NowOlark launch button clip pathEnvelope IconOlark Logo

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

Recurly (Payment processors) Expand

Overall confidence: 100%
Detected patterns

js\.recurly\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

47
Requests

89 %
HTTPS

0 %
IPv6

10
Domains

17
Subdomains

12
IPs

4
Countries

3208 kB
Transfer

12113 kB
Size

20
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://efile1.zendesk.com/hc/en-us
Title: E-File Support Page

Search URL Search Domain Scan URL

URL: https://efile1.zendesk.com/hc/en-us/articles/209842593-I-can-t-Print-Forms-how-to-Disable-the-pop-up-blocker-to-allow-forms-to-print
Title: *Can't Print?

Search URL Search Domain Scan URL

URL: https://efile1.zendesk.com/hc/en-us/articles/209842093-Which-forms-are-available-to-e-file-on-the-site-
Title: *What Forms can I e-file here?

Search URL Search Domain Scan URL

URL: https://efile1.zendesk.com/hc/en-us/articles/217097806-Direct-to-State-Filing
Title: *Can I file Direct to States here?

Search URL Search Domain Scan URL

URL: https://efile1.zendesk.com/hc/en-us/articles/209842453-How-can-I-determine-when-my-forms-were-e-filed-
Title: *Form e-file Status

Search URL Search Domain Scan URL

URL: https://efile1.zendesk.com/hc/en-us/requests/new
Title: Here

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set RecipientSignUp.aspx Show response
efile1099now.efile1.com/Recipient/ 2 KB
3 KB 700ms
100ms Document
text/html 40.79.154.192
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://efile1099now.efile1.com/Recipient/RecipientSignUp.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.154.192 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

833a6dee555c754a5fcc35643b4c74512a886f11a3aafda5845e735ec310867d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-src 'self' https: static.olark.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com static.olark.com js.recurly.com; script-src-elem data: 'unsafe-inline' 'self' https: www.googletagmanager.com www.google-analytics.com .olark.com; style-src 'self' 'unsafe-inline' fonts.gstatic.com fonts.googleapis.com .olark.com; font-src fonts.gstatic.com fonts.googleapis.com 'self' static.olark.com data:; img-src 'self' .blob.core.windows.net cdn0.iconfinder.com cdn.formstaxqa.com cdn.formstax.com www.googletagmanager.com .olark.com data:; connect-src 'self' wss: devformstaxsignalr.service.signalr.net qaformstaxsignalr.service.signalr.net prodformstaxsignalr.service.signalr.net .azurewebsites.net .formstax.crdev.inet .formstaxqa.com .formstax.com api.recurly.com .olark.com; object-src 'none'; media-src .olark.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: efile1099now.efile1.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Transfer-Encoding: chunked
Content-Type: text/html
Content-Encoding: gzip
Expires: 0
Last-Modified: Wed, 22 Sep 2021 18:37:10 GMT
Accept-Ranges: bytes
ETag: "1d7afe0da41c9dd"
Vary: Accept-Encoding
Set-Cookie: TiPMix=10.4177604012274; path=/; HttpOnly; Domain=efile1099now.efile1.com; Max-Age=3600; Secure x-ms-routing-name=self; path=/; HttpOnly; Domain=efile1099now.efile1.com; Max-Age=3600; Secure ARRAffinity=dfef65d5d005decdf16ca6c5670ca470d3b3147889c1170e73f46a07f21ca5ae;Path=/;HttpOnly;Secure;Domain=efile1099now.efile1.com ARRAffinitySameSite=dfef65d5d005decdf16ca6c5670ca470d3b3147889c1170e73f46a07f21ca5ae;Path=/;HttpOnly;SameSite=None;Secure;Domain=efile1099now.efile1.com
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Permissions-Policy: fullscreen=(self), gyroscope=(), microphone=(), display-capture=(), camera=(), geolocation=(), sync-xhr=(self), accelerometer=(), autoplay=(), display-capture=(), document-domain=(), encrypted-media=(), magnetometer=(), midi=(), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), usb=(self),screen-wake-lock=(), web-share=(self), xr-spatial-tracking=()
Content-Security-Policy: default-src 'none'; frame-src 'self' https: static.olark.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com static.olark.com js.recurly.com; script-src-elem data: 'unsafe-inline' 'self' https: www.googletagmanager.com www.google-analytics.com *.olark.com; style-src 'self' 'unsafe-inline' fonts.gstatic.com fonts.googleapis.com *.olark.com; font-src fonts.gstatic.com fonts.googleapis.com 'self' static.olark.com data:; img-src 'self' *.blob.core.windows.net cdn0.iconfinder.com cdn.formstaxqa.com cdn.formstax.com www.googletagmanager.com *.olark.com data:; connect-src 'self' wss: devformstaxsignalr.service.signalr.net qaformstaxsignalr.service.signalr.net prodformstaxsignalr.service.signalr.net *.azurewebsites.net *.formstax.crdev.inet *.formstaxqa.com *.formstax.com api.recurly.com *.olark.com; object-src 'none'; media-src *.olark.com;
Date: Sun, 10 Oct 2021 21:24:11 GMT

GET
H2 200 icon
fonts.googleapis.com/ 2 KB
1 KB 86ms
30ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material%20Icons%7CMaterial%20Icons%20Outlined%7CMaterial%20Icons%20Round

Requested by

Host: efile1099now.efile1.com
URL: https://efile1099now.efile1.com/Recipient/RecipientSignUp.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

21fae116067a67057fff4ec278e3c9842e860bdd2f34eb743f7ff4c6bcff648e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efile1099now.efile1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 10 Oct 2021 21:24:11 GMT
server: ESF
date: Sun, 10 Oct 2021 21:24:11 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sun, 10 Oct 2021 21:24:11 GMT

GET
H2 200 css
fonts.googleapis.com/ 17 KB
978 B 87ms
31ms Stylesheet
text/css 142.250.184.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700,800,900%7CNunito:300,400,600,700&display=swap

Requested by

Host: efile1099now.efile1.com
URL: https://efile1099now.efile1.com/Recipient/RecipientSignUp.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f10.1e100.net

Software

ESF /

Resource Hash

42d34b28a07a0a7ee6503c32b184bcb3558f50137ea39d8b59ca7926e1c938c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efile1099now.efile1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 10 Oct 2021 21:24:11 GMT
server: ESF
date: Sun, 10 Oct 2021 21:24:11 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sun, 10 Oct 2021 21:24:11 GMT

GET
H2 200 recurly.js Show response
js.recurly.com/v4/ 273 KB
71 KB 56ms
23ms Script
application/javascript 104.16.114.53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.recurly.com/v4/recurly.js

Requested by

Host: efile1099now.efile1.com
URL: https://efile1099now.efile1.com/Recipient/RecipientSignUp.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.114.53 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

abaa7b12d171fb6e0c9a3f6431157f77d9b3d1f875657769e2cd6191e88b7e8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efile1099now.efile1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 21:24:11 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 12404
last-modified: Fri, 27 Aug 2021 14:38:16 GMT
server: cloudflare
etag: W/"6128f8d8-4448f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 google
cache-control: public, max-age=14400
access-control-allow-credentials: false
cf-ray: 69c2ea05680221c3-DUS
expires: Mon, 11 Oct 2021 01:24:11 GMT

GET
H/1.1 200
OK styles.abe35849937195ad9bd7.css
efile1099now.efile1.com/ 284 KB
75 KB 95ms
95ms Stylesheet
text/css 40.79.154.192
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://efile1099now.efile1.com/styles.abe35849937195ad9bd7.css

Requested by

Host: efile1099now.efile1.com
URL: https://efile1099now.efile1.com/Recipient/RecipientSignUp.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.154.192 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

9163271baedd6654d9a673dff1d6c94c7f8d3d48ace4ed61b3f21bc0f098263d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-src 'self' https: static.olark.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com static.olark.com js.recurly.com; script-src-elem data: 'unsafe-inline' 'self' https: www.googletagmanager.com www.google-analytics.com .olark.com; style-src 'self' 'unsafe-inline' fonts.gstatic.com fonts.googleapis.com .olark.com; font-src fonts.gstatic.com fonts.googleapis.com 'self' static.olark.com data:; img-src 'self' .blob.core.windows.net cdn0.iconfinder.com cdn.formstaxqa.com cdn.formstax.com www.googletagmanager.com .olark.com data:; connect-src 'self' wss: devformstaxsignalr.service.signalr.net qaformstaxsignalr.service.signalr.net prodformstaxsignalr.service.signalr.net .azurewebsites.net .formstax.crdev.inet .formstaxqa.com .formstax.com api.recurly.com .olark.com; object-src 'none'; media-src .olark.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: efile1099now.efile1.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://efile1099now.efile1.com/Recipient/RecipientSignUp.aspx
Cookie: TiPMix=10.4177604012274; x-ms-routing-name=self; ARRAffinity=dfef65d5d005decdf16ca6c5670ca470d3b3147889c1170e73f46a07f21ca5ae; ARRAffinitySameSite=dfef65d5d005decdf16ca6c5670ca470d3b3147889c1170e73f46a07f21ca5ae
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://efile1099now.efile1.com/Recipient/RecipientSignUp.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 22 Sep 2021 18:37:10 GMT
Date: Sun, 10 Oct 2021 21:24:11 GMT
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: no-cache, no-store, must-revalidate
Permissions-Policy: fullscreen=(self), gyroscope=(), microphone=(), display-capture=(), camera=(), geolocation=(), sync-xhr=(self), accelerometer=(), autoplay=(), display-capture=(), document-domain=(), encrypted-media=(), magnetometer=(), midi=(), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), usb=(self),screen-wake-lock=(), web-share=(self), xr-spatial-tracking=()
ETag: "1d7afe0da45be0d"
Content-Security-Policy: default-src 'none'; frame-src 'self' https: static.olark.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com static.olark.com js.recurly.com; script-src-elem data: 'unsafe-inline' 'self' https: www.googletagmanager.com www.google-analytics.com *.olark.com; style-src 'self' 'unsafe-inline' fonts.gstatic.com fonts.googleapis.com *.olark.com; font-src fonts.gstatic.com fonts.googleapis.com 'self' static.olark.com data:; img-src 'self' *.blob.core.windows.net cdn0.iconfinder.com cdn.formstaxqa.com cdn.formstax.com www.googletagmanager.com *.olark.com data:; connect-src 'self' wss: devformstaxsignalr.service.signalr.net qaformstaxsignalr.service.signalr.net prodformstaxsignalr.service.signalr.net *.azurewebsites.net *.formstax.crdev.inet *.formstaxqa.com *.formstax.com api.recurly.com *.olark.com; object-src 'none'; media-src *.olark.com;
Accept-Ranges: bytes
Expires: 0

GET
H/1.1 200
OK runtime.7d9d4678f9511567f211.js Show response
efile1099now.efile1.com/ 1 KB
3 KB 282ms
93ms Script
application/javascript 40.79.154.192
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://efile1099now.efile1.com/runtime.7d9d4678f9511567f211.js

Requested by

Host: efile1099now.efile1.com
URL: https://efile1099now.efile1.com/Recipient/RecipientSignUp.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.154.192 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6c5acbb82a46a4971660f65131241dffcc28828f4dbd76b8ec7bab0b468250f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-src 'self' https: static.olark.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com static.olark.com js.recurly.com; script-src-elem data: 'unsafe-inline' 'self' https: www.googletagmanager.com www.google-analytics.com .olark.com; style-src 'self' 'unsafe-inline' fonts.gstatic.com fonts.googleapis.com .olark.com; font-src fonts.gstatic.com fonts.googleapis.com 'self' static.olark.com data:; img-src 'self' .blob.core.windows.net cdn0.iconfinder.com cdn.formstaxqa.com cdn.formstax.com www.googletagmanager.com .olark.com data:; connect-src 'self' wss: devformstaxsignalr.service.signalr.net qaformstaxsignalr.service.signalr.net prodformstaxsignalr.service.signalr.net .azurewebsites.net .formstax.crdev.inet .formstaxqa.com .formstax.com api.recurly.com .olark.com; object-src 'none'; media-src .olark.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: efile1099now.efile1.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://efile1099now.efile1.com/Recipient/RecipientSignUp.aspx
Cookie: TiPMix=10.4177604012274; x-ms-routing-name=self; ARRAffinity=dfef65d5d005decdf16ca6c5670ca470d3b3147889c1170e73f46a07f21ca5ae; ARRAffinitySameSite=dfef65d5d005decdf16ca6c5670ca470d3b3147889c1170e73f46a07f21ca5ae
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://efile1099now.efile1.com/Recipient/RecipientSignUp.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 22 Sep 2021 18:37:10 GMT
Date: Sun, 10 Oct 2021 21:24:11 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache, no-store, must-revalidate
Permissions-Policy: fullscreen=(self), gyroscope=(), microphone=(), display-capture=(), camera=(), geolocation=(), sync-xhr=(self), accelerometer=(), autoplay=(), display-capture=(), document-domain=(), encrypted-media=(), magnetometer=(), midi=(), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), usb=(self),screen-wake-lock=(), web-share=(self), xr-spatial-tracking=()
ETag: "1d7afe0da41cacd"
Content-Security-Policy: default-src 'none'; frame-src 'self' https: static.olark.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com static.olark.com js.recurly.com; script-src-elem data: 'unsafe-inline' 'self' https: www.googletagmanager.com www.google-analytics.com *.olark.com; style-src 'self' 'unsafe-inline' fonts.gstatic.com fonts.googleapis.com *.olark.com; font-src fonts.gstatic.com fonts.googleapis.com 'self' static.olark.com data:; img-src 'self' *.blob.core.windows.net cdn0.iconfinder.com cdn.formstaxqa.com cdn.formstax.com www.googletagmanager.com *.olark.com data:; connect-src 'self' wss: devformstaxsignalr.service.signalr.net qaformstaxsignalr.service.signalr.net prodformstaxsignalr.service.signalr.net *.azurewebsites.net *.formstax.crdev.inet *.formstaxqa.com *.formstax.com api.recurly.com *.olark.com; object-src 'none'; media-src *.olark.com;
Accept-Ranges: bytes
Expires: 0

GET
H/1.1 200
OK polyfills.b1ce7a0814935c76afc7.js Show response
efile1099now.efile1.com/ 348 KB
146 KB 362ms
100ms Script
application/javascript 40.79.154.192
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://efile1099now.efile1.com/polyfills.b1ce7a0814935c76afc7.js

Requested by

Host: efile1099now.efile1.com
URL: https://efile1099now.efile1.com/Recipient/RecipientSignUp.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.154.192 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

989bb90fd51b49f2db648560a36ac7b01327e796872df241432fdb4993b54b80

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-src 'self' https: static.olark.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com static.olark.com js.recurly.com; script-src-elem data: 'unsafe-inline' 'self' https: www.googletagmanager.com www.google-analytics.com .olark.com; style-src 'self' 'unsafe-inline' fonts.gstatic.com fonts.googleapis.com .olark.com; font-src fonts.gstatic.com fonts.googleapis.com 'self' static.olark.com data:; img-src 'self' .blob.core.windows.net cdn0.iconfinder.com cdn.formstaxqa.com cdn.formstax.com www.googletagmanager.com .olark.com data:; connect-src 'self' wss: devformstaxsignalr.service.signalr.net qaformstaxsignalr.service.signalr.net prodformstaxsignalr.service.signalr.net .azurewebsites.net .formstax.crdev.inet .formstaxqa.com .formstax.com api.recurly.com .olark.com; object-src 'none'; media-src .olark.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: efile1099now.efile1.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://efile1099now.efile1.com/Recipient/RecipientSignUp.aspx
Cookie: TiPMix=10.4177604012274; x-ms-routing-name=self; ARRAffinity=dfef65d5d005decdf16ca6c5670ca470d3b3147889c1170e73f46a07f21ca5ae; ARRAffinitySameSite=dfef65d5d005decdf16ca6c5670ca470d3b3147889c1170e73f46a07f21ca5ae
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://efile1099now.efile1.com/Recipient/RecipientSignUp.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 22 Sep 2021 18:37:10 GMT
Date: Sun, 10 Oct 2021 21:24:11 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache, no-store, must-revalidate
Permissions-Policy: fullscreen=(self), gyroscope=(), microphone=(), display-capture=(), camera=(), geolocation=(), sync-xhr=(self), accelerometer=(), autoplay=(), display-capture=(), document-domain=(), encrypted-media=(), magnetometer=(), midi=(), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), usb=(self),screen-wake-lock=(), web-share=(self), xr-spatial-tracking=()
ETag: "1d7afe0da44be40"
Content-Security-Policy: default-src 'none'; frame-src 'self' https: static.olark.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com static.olark.com js.recurly.com; script-src-elem data: 'unsafe-inline' 'self' https: www.googletagmanager.com www.google-analytics.com *.olark.com; style-src 'self' 'unsafe-inline' fonts.gstatic.com fonts.googleapis.com *.olark.com; font-src fonts.gstatic.com fonts.googleapis.com 'self' static.olark.com data:; img-src 'self' *.blob.core.windows.net cdn0.iconfinder.com cdn.formstaxqa.com cdn.formstax.com www.googletagmanager.com *.olark.com data:; connect-src 'self' wss: devformstaxsignalr.service.signalr.net qaformstaxsignalr.service.signalr.net prodformstaxsignalr.service.signalr.net *.azurewebsites.net *.formstax.crdev.inet *.formstaxqa.com *.formstax.com api.recurly.com *.olark.com; object-src 'none'; media-src *.olark.com;
Accept-Ranges: bytes
Expires: 0

GET
H/1.1 200
OK main.fa8c41902a71a6aa6de5.js Show response
efile1099now.efile1.com/ 8 MB
2 MB 387ms
121ms Script
application/javascript 40.79.154.192
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://efile1099now.efile1.com/main.fa8c41902a71a6aa6de5.js

Requested by

Host: efile1099now.efile1.com
URL: https://efile1099now.efile1.com/Recipient/RecipientSignUp.aspx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.154.192 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ce22abc024cf9cbc9f01da43453972d3f975911b1a8f3b6b91b0211418df2875

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-src 'self' https: static.olark.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com static.olark.com js.recurly.com; script-src-elem data: 'unsafe-inline' 'self' https: www.googletagmanager.com www.google-analytics.com .olark.com; style-src 'self' 'unsafe-inline' fonts.gstatic.com fonts.googleapis.com .olark.com; font-src fonts.gstatic.com fonts.googleapis.com 'self' static.olark.com data:; img-src 'self' .blob.core.windows.net cdn0.iconfinder.com cdn.formstaxqa.com cdn.formstax.com www.googletagmanager.com .olark.com data:; connect-src 'self' wss: devformstaxsignalr.service.signalr.net qaformstaxsignalr.service.signalr.net prodformstaxsignalr.service.signalr.net .azurewebsites.net .formstax.crdev.inet .formstaxqa.com .formstax.com api.recurly.com .olark.com; object-src 'none'; media-src .olark.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: efile1099now.efile1.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://efile1099now.efile1.com/Recipient/RecipientSignUp.aspx
Cookie: TiPMix=10.4177604012274; x-ms-routing-name=self; ARRAffinity=dfef65d5d005decdf16ca6c5670ca470d3b3147889c1170e73f46a07f21ca5ae; ARRAffinitySameSite=dfef65d5d005decdf16ca6c5670ca470d3b3147889c1170e73f46a07f21ca5ae
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://efile1099now.efile1.com/Recipient/RecipientSignUp.aspx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Wed, 22 Sep 2021 18:37:10 GMT
Date: Sun, 10 Oct 2021 21:24:11 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: no-cache, no-store, must-revalidate
Permissions-Policy: fullscreen=(self), gyroscope=(), microphone=(), display-capture=(), camera=(), geolocation=(), sync-xhr=(self), accelerometer=(), autoplay=(), display-capture=(), document-domain=(), encrypted-media=(), magnetometer=(), midi=(), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), usb=(self),screen-wake-lock=(), web-share=(self), xr-spatial-tracking=()
ETag: "1d7afe0da3a5373"
Content-Security-Policy: default-src 'none'; frame-src 'self' https: static.olark.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com static.olark.com js.recurly.com; script-src-elem data: 'unsafe-inline' 'self' https: www.googletagmanager.com www.google-analytics.com *.olark.com; style-src 'self' 'unsafe-inline' fonts.gstatic.com fonts.googleapis.com *.olark.com; font-src fonts.gstatic.com fonts.googleapis.com 'self' static.olark.com data:; img-src 'self' *.blob.core.windows.net cdn0.iconfinder.com cdn.formstaxqa.com cdn.formstax.com www.googletagmanager.com *.olark.com data:; connect-src 'self' wss: devformstaxsignalr.service.signalr.net qaformstaxsignalr.service.signalr.net prodformstaxsignalr.service.signalr.net *.azurewebsites.net *.formstax.crdev.inet *.formstaxqa.com *.formstax.com api.recurly.com *.olark.com; object-src 'none'; media-src *.olark.com;
Accept-Ranges: bytes
Expires: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 167 KB
57 KB 87ms
44ms Script
application/javascript 172.217.16.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-52385F

Requested by

Host: efile1099now.efile1.com
URL: https://efile1099now.efile1.com/Recipient/RecipientSignUp.aspx

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

460b777222e77d36474366f96b521e7b0c10981013d5c121ae0ede035cf019b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efile1099now.efile1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 21:24:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58357
x-xss-protection: 0
last-modified: Sun, 10 Oct 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 10 Oct 2021 21:24:11 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 72ms
21ms Script
text/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52385F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efile1099now.efile1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 2235
date: Sun, 10 Oct 2021 20:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sun, 10 Oct 2021 22:46:57 GMT

GET
H/1.1 200
OK pendo.js Show response
cdn.pendo.io/agent/static/3e8a2ad7-4492-4712-4a37-0c39beeb1d44/ 431 KB
134 KB 188ms
134ms Script
application/javascript 18.66.112.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pendo.io/agent/static/3e8a2ad7-4492-4712-4a37-0c39beeb1d44/pendo.js
Requested by: Host: efile1099now.efile1.com
URL: https://efile1099now.efile1.com/Recipient/RecipientSignUp.aspx
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 5f13f9cfb62d13dc1e757cb507e017bf2f9735a77a8a9a15103ca909d734be03

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efile1099now.efile1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sun, 10 Oct 2021 21:24:12 GMT
Content-Encoding: gzip
X-Amz-Cf-Pop: FRA56-P5
X-GUploader-UploadID: ADPycdufFWHFIjYnifrmsY4BBOWp0rmekFrjXYQXFiABEuEnYopUQj8RDsV6CvupSYjcYUjwWzVeYPmCyVDpYbSheKI
X-Cache: RefreshHit from cloudfront
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: keep-alive
Content-Length: 136428
Access-Control-Allow-Origin: *
Last-Modified: Thu, 07 Oct 2021 18:14:09 GMT
Server: UploadServer
ETag: "86faeaabd38c91a8df0f9eb90928f09b"
Vary: Accept-Encoding
x-goog-hash: crc32c=0v8mTg==, md5=hvrqq9OMkajfD565CSjwmw==
x-goog-generation: 1633630449487778
Via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
Access-Control-Expose-Headers: *
Cache-Control: max-age=450
x-goog-stored-content-length: 136428
Accept-Ranges: bytes
Content-Type: application/javascript
X-Amz-Cf-Id: ZLz2UXV1rBKADZh5G5DkvIpqCAFlsrzRsOQdyN29NAV158GCbSpN3Q==
Expires: Sun, 10 Oct 2021 21:31:42 GMT

GET
H2 200 fs.js Show response
edge.fullstory.com/s/ 210 KB
64 KB 68ms
20ms Script
application/javascript 35.201.112.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.fullstory.com/s/fs.js
Requested by: Host: efile1099now.efile1.com
URL: https://efile1099now.efile1.com/Recipient/RecipientSignUp.aspx
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.112.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 186.112.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9456718fc26c849fed63242644edd3e100b5eec82089d8eac271efe6614db6c6

Request headers

Referer: https://efile1099now.efile1.com/
Origin: https://efile1099now.efile1.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 20:26:49 GMT
content-encoding: gzip
age: 3443
x-guploader-uploadid: ADPycdvu2pj_PAIc-XkFsWG0vpSGHLaU1lqRS4iW5OhMY9AO17e0sRfUTp2ThvrWEn56qmZIRem0argiaAlbGN8p5XI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 64528
last-modified: Thu, 30 Sep 2021 15:15:29 GMT
server: UploadServer
etag: "4292511c0df57722d38e68642d069012"
x-goog-hash: crc32c=Yrzbyw==, md5=QpJRHA31dyLTjmhkLQaQEg==
x-goog-generation: 1633014929798356
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600,no-transform
x-goog-stored-content-length: 64528
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 10 Oct 2021 21:26:49 GMT

POST collect
www.google-analytics.com/j/ 0
0

POST page
rs.fullstory.com/rec/ 0
0

GET
H/1.1 200
OK config Show response
efile1099now.efile1.com/ 449 B
2 KB 99ms
99ms XHR
application/json 40.79.154.192
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://efile1099now.efile1.com/config

Requested by

Host: efile1099now.efile1.com
URL: https://efile1099now.efile1.com/polyfills.b1ce7a0814935c76afc7.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.154.192 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

b65bfc616da7603da9ea2ed1f6cc95f674ffc90c3ad246f2bfc82a79672b1009

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-src 'self' https: static.olark.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com static.olark.com js.recurly.com; script-src-elem data: 'unsafe-inline' 'self' https: www.googletagmanager.com www.google-analytics.com .olark.com; style-src 'self' 'unsafe-inline' fonts.gstatic.com fonts.googleapis.com .olark.com; font-src fonts.gstatic.com fonts.googleapis.com 'self' static.olark.com data:; img-src 'self' .blob.core.windows.net cdn0.iconfinder.com cdn.formstaxqa.com cdn.formstax.com www.googletagmanager.com .olark.com data:; connect-src 'self' wss: devformstaxsignalr.service.signalr.net qaformstaxsignalr.service.signalr.net prodformstaxsignalr.service.signalr.net .azurewebsites.net .formstax.crdev.inet .formstaxqa.com .formstax.com api.recurly.com .olark.com; object-src 'none'; media-src .olark.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: efile1099now.efile1.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors
Accept: application/json, text/plain, */*
Cache-Control: no-cache
Sec-Fetch-Dest: empty
Referer: https://efile1099now.efile1.com/Recipient/RecipientSignUp.aspx
Cookie: TiPMix=10.4177604012274; x-ms-routing-name=self; ARRAffinity=dfef65d5d005decdf16ca6c5670ca470d3b3147889c1170e73f46a07f21ca5ae; ARRAffinitySameSite=dfef65d5d005decdf16ca6c5670ca470d3b3147889c1170e73f46a07f21ca5ae; _gcl_au=1.1.1285208577.1633901052; _ga=GA1.3.1293708971.1633901052; _gid=GA1.3.1467997732.1633901052; _gat_UA-36027206-7=1; _ga=GA1.2.1293708971.1633901052; _gid=GA1.2.1467997732.1633901052; _gat_UA-36027206-2=1
Connection: keep-alive
Accept: application/json, text/plain, */*
Referer: https://efile1099now.efile1.com/Recipient/RecipientSignUp.aspx
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
Referrer-Policy: strict-origin-when-cross-origin
Date: Sun, 10 Oct 2021 21:24:12 GMT
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate
Permissions-Policy: fullscreen=(self), gyroscope=(), microphone=(), display-capture=(), camera=(), geolocation=(), sync-xhr=(self), accelerometer=(), autoplay=(), display-capture=(), document-domain=(), encrypted-media=(), magnetometer=(), midi=(), payment=(self), picture-in-picture=(self), publickey-credentials-get=(self), usb=(self),screen-wake-lock=(), web-share=(self), xr-spatial-tracking=()
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'none'; frame-src 'self' https: static.olark.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com static.olark.com js.recurly.com; script-src-elem data: 'unsafe-inline' 'self' https: www.googletagmanager.com www.google-analytics.com *.olark.com; style-src 'self' 'unsafe-inline' fonts.gstatic.com fonts.googleapis.com *.olark.com; font-src fonts.gstatic.com fonts.googleapis.com 'self' static.olark.com data:; img-src 'self' *.blob.core.windows.net cdn0.iconfinder.com cdn.formstaxqa.com cdn.formstax.com www.googletagmanager.com *.olark.com data:; connect-src 'self' wss: devformstaxsignalr.service.signalr.net qaformstaxsignalr.service.signalr.net prodformstaxsignalr.service.signalr.net *.azurewebsites.net *.formstax.crdev.inet *.formstaxqa.com *.formstax.com api.recurly.com *.olark.com; object-src 'none'; media-src *.olark.com;
Content-Length: 383
X-XSS-Protection: 1; mode=block
Expires: 0

OPTIONS
H/1.1 204
No Content GetMessage
adminapi.formstax.com/api/siteMessage/ Frame 0
0 837ms
99ms Preflight 40.79.154.192
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://adminapi.formstax.com/api/siteMessage/GetMessage

Protocol

HTTP/1.1

Server

40.79.154.192 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,eventsessionid,partnerid,subjectid
Origin: https://efile1099now.efile1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Vary: Origin
Request-Context: appId=cid-v1:ac3472d6-965a-48c4-8c7a-cc759c9c30ca
Access-Control-Allow-Origin: https://efile1099now.efile1.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorization,content-type,eventsessionid,partnerid,subjectid
Access-Control-Allow-Methods: GET
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Permissions-Policy: fullscreen: 'self'; gyroscope: 'none'; legacy-image-formats: 'self'; layout-animations: 'self'; microphone 'none'; camera: 'none'; geolocation 'none'; sync-xhr: 'self'; usermedia 'self'; accelerometer 'none'; autoplay: 'none'; battery: 'none'; display-capture: 'none'; document-domain: 'none'; encrypted-media: 'none'; magnetometer: 'none'; midi: 'none'; oversied-images: 'self'; payment: 'self'; picture-in-picture: 'self'; publickey-credentials-get: 'self'; unoptimized-images: 'none'; unsized-media: 'self'; usb: 'self'; vibrate: 'none'; vr: 'none'; screen-wake-lock: 'none'; web-share: 'self'; xr-spatial-tracking: 'none'
Date: Sun, 10 Oct 2021 21:24:13 GMT

OPTIONS
H/1.1 204
No Content getpartnerinfo
excaliburapi.formstax.com/api/Account/ Frame 0
0 752ms
101ms Preflight 40.79.154.192
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excaliburapi.formstax.com/api/Account/getpartnerinfo

Protocol

HTTP/1.1

Server

40.79.154.192 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,eventsessionid,partnerid,subjectid
Origin: https://efile1099now.efile1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Vary: Origin
Request-Context: appId=cid-v1:8ee4fdd0-c866-4328-ab38-13ec82fa62d7
Access-Control-Allow-Origin: https://efile1099now.efile1.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorization,content-type,eventsessionid,partnerid,subjectid
Access-Control-Allow-Methods: GET
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Permissions-Policy: fullscreen: 'self'; gyroscope: 'none'; legacy-image-formats: 'self'; layout-animations: 'self'; microphone 'none'; camera: 'none'; geolocation 'none'; sync-xhr: 'self'; usermedia 'self'; accelerometer 'none'; autoplay: 'none'; battery: 'none'; display-capture: 'none'; document-domain: 'none'; encrypted-media: 'none'; magnetometer: 'none'; midi: 'none'; oversied-images: 'self'; payment: 'self'; picture-in-picture: 'self'; publickey-credentials-get: 'self'; unoptimized-images: 'none'; unsized-media: 'self'; usb: 'self'; vibrate: 'none'; vr: 'none'; screen-wake-lock: 'none'; web-share: 'self'; xr-spatial-tracking: 'none'
Date: Sun, 10 Oct 2021 21:24:13 GMT

GET
H/1.1 200
OK GetMessage Show response
adminapi.formstax.com/api/siteMessage/ 199 B
2 KB 452ms
163ms XHR
application/json 40.79.154.192
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://adminapi.formstax.com/api/siteMessage/GetMessage

Requested by

Host: efile1099now.efile1.com
URL: https://efile1099now.efile1.com/polyfills.b1ce7a0814935c76afc7.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.154.192 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

893d316be0cd79481f7231f33625056355c5aba4bb572cb49a2d6a0345aed3db

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

SubjectId
Accept-Language: de-DE,de;q=0.9
Authorization
Content-Type: application/json
Accept: application/json, text/plain, application/pdf
Referer: https://efile1099now.efile1.com/
EventSessionId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
PartnerId

Response headers

Strict-Transport-Security: max-age=2592000
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:ac3472d6-965a-48c4-8c7a-cc759c9c30ca
Pragma: no-cache,no-cache
Referrer-Policy: strict-origin-when-cross-origin
Date: Sun, 10 Oct 2021 21:24:14 GMT
Vary: Origin,Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://efile1099now.efile1.com
Cache-Control: no-store,no-cache,no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Permissions-Policy: fullscreen: 'self'; gyroscope: 'none'; legacy-image-formats: 'self'; layout-animations: 'self'; microphone 'none'; camera: 'none'; geolocation 'none'; sync-xhr: 'self'; usermedia 'self'; accelerometer 'none'; autoplay: 'none'; battery: 'none'; display-capture: 'none'; document-domain: 'none'; encrypted-media: 'none'; magnetometer: 'none'; midi: 'none'; oversied-images: 'self'; payment: 'self'; picture-in-picture: 'self'; publickey-credentials-get: 'self'; unoptimized-images: 'none'; unsized-media: 'self'; usb: 'self'; vibrate: 'none'; vr: 'none'; screen-wake-lock: 'none'; web-share: 'self'; xr-spatial-tracking: 'none'
Expires: 0

GET
H/1.1 200
OK getpartnerinfo Show response
excaliburapi.formstax.com/api/Account/ 396 B
2 KB 392ms
106ms XHR
application/json 40.79.154.192
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excaliburapi.formstax.com/api/Account/getpartnerinfo

Requested by

Host: efile1099now.efile1.com
URL: https://efile1099now.efile1.com/polyfills.b1ce7a0814935c76afc7.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.154.192 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5a835fa4dfbc956e18450b75d78fb942a770d12246ab17764ba645677edb539a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

SubjectId
Accept-Language: de-DE,de;q=0.9
Authorization
Content-Type: application/json
Accept: application/json, text/plain, application/pdf
Referer: https://efile1099now.efile1.com/
EventSessionId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
PartnerId

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:8ee4fdd0-c866-4328-ab38-13ec82fa62d7
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Date: Sun, 10 Oct 2021 21:24:13 GMT
Vary: Origin,Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://efile1099now.efile1.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Permissions-Policy: fullscreen: 'self'; gyroscope: 'none'; legacy-image-formats: 'self'; layout-animations: 'self'; microphone 'none'; camera: 'none'; geolocation 'none'; sync-xhr: 'self'; usermedia 'self'; accelerometer 'none'; autoplay: 'none'; battery: 'none'; display-capture: 'none'; document-domain: 'none'; encrypted-media: 'none'; magnetometer: 'none'; midi: 'none'; oversied-images: 'self'; payment: 'self'; picture-in-picture: 'self'; publickey-credentials-get: 'self'; unoptimized-images: 'none'; unsized-media: 'self'; usb: 'self'; vibrate: 'none'; vr: 'none'; screen-wake-lock: 'none'; web-share: 'self'; xr-spatial-tracking: 'none'
Expires: 0

GET
H2 200 hippa-training-badge10-orig.svg
cdn.formstax.com/images/logos/ 16 KB
6 KB 364ms
10ms Image
image/svg+xml 104.111.238.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.formstax.com/images/logos/hippa-training-badge10-orig.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-11.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ef92827a8d38cee72d2a9e74a769a0e626a2f183ad9185208d2638b79a786460

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efile1099now.efile1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 21:24:13 GMT
content-encoding: gzip
last-modified: Wed, 09 Dec 2020 12:51:04 GMT
server
x-powered-by
etag: "4258bff429ced61:0"
vary: Accept-Encoding
content-type: image/svg+xml
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 5507

GET
H2 200 socforserviceorganizationslogosos.jpg
cdn.formstax.com/images/logos/ 40 KB
41 KB 366ms
12ms Image
image/jpeg 104.111.238.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.formstax.com/images/logos/socforserviceorganizationslogosos.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-11.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2b5450152283298c088b3565fab45d392c6439ed6df9aac48c70840a524d65b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efile1099now.efile1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 21:24:13 GMT
last-modified: Wed, 09 Dec 2020 12:51:06 GMT
server
x-powered-by
etag: "b8f597f529ced61:0"
content-type: image/jpeg
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 41364

GET
H2 200 IRS-transmitter-badge-blue.svg
cdn.formstax.com/images/logos/ 10 KB
4 KB 370ms
16ms Image
image/svg+xml 104.111.238.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.formstax.com/images/logos/IRS-transmitter-badge-blue.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-11.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 81e491c1eaeddce07b633fd637b56bd24150ea377f4f3311f1935454f9cd8db5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efile1099now.efile1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 21:24:13 GMT
content-encoding: gzip
last-modified: Wed, 09 Dec 2020 12:51:05 GMT
server
x-powered-by
etag: "fe14f6f429ced61:0"
vary: Accept-Encoding
content-type: image/svg+xml
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 3449

GET
H2 200 paper_airplane_illustration.svg
cdn.formstax.com/images/backgrounds/ 5 KB
3 KB 361ms
8ms Image
image/svg+xml 104.111.238.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.formstax.com/images/backgrounds/paper_airplane_illustration.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-11.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 992cf84507758a509a2aacc0de182cf729378ebc18df7d8e7b2d2b88830b0eda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efile1099now.efile1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 21:24:13 GMT
content-encoding: gzip
last-modified: Sat, 07 Nov 2020 17:16:03 GMT
server
x-powered-by
etag: "ac4f92ab29b5d61:0"
vary: Accept-Encoding
content-type: image/svg+xml
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 2369

GET
H2 200 clouds_background.svg
cdn.formstax.com/images/backgrounds/ 29 KB
6 KB 349ms
8ms Image
image/svg+xml 104.111.238.11
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.formstax.com/images/backgrounds/clouds_background.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.238.11 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-238-11.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f66c3bae421cd93f64ff886e1a9cfaeb56ff4daf05baa88136df8eb425aefff5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efile1099now.efile1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 21:24:13 GMT
content-encoding: gzip
last-modified: Sat, 07 Nov 2020 17:16:00 GMT
server
x-powered-by
etag: "26aa10aa29b5d61:0"
vary: Accept-Encoding
content-type: image/svg+xml
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 5476

GET
H2 200 pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v8/ 16 KB
17 KB 74ms
20ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v8/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700,800,900%7CNunito:300,400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

0b125629b135235aea4609c07048a5a7671a9058910b632db5d69a0d09339ed4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://efile1099now.efile1.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 18:42:42 GMT
x-content-type-options: nosniff
age: 268891
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16840
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 18:18:54 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 07 Oct 2022 18:42:42 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8aBc5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v8/ 17 KB
17 KB 89ms
40ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v8/pe03MImSLYBIv1o4X1M8cc8aBc5tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700,800,900%7CNunito:300,400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

b913028cae336af75686538cf833779bac3d2e42701ac7800415dfe3d32a76d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://efile1099now.efile1.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 18:02:31 GMT
x-content-type-options: nosniff
age: 444102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17228
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 18:12:51 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Oct 2022 18:02:31 GMT

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v8/ 17 KB
17 KB 92ms
50ms Font
font/woff2 142.250.185.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v8/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:300,400,600,700,800,900%7CNunito:300,400,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f3.1e100.net

Software

sffe /

Resource Hash

abf55d853f3bbe3a244ea8f3b8ed9b4127f028a096fefc942020a3605433d99a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://efile1099now.efile1.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 18:02:31 GMT
x-content-type-options: nosniff
age: 444102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17108
x-xss-protection: 0
last-modified: Thu, 16 Sep 2021 18:12:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 05 Oct 2022 18:02:31 GMT

GET
H2 200 loader0.js Show response
static.olark.com/jsclient/ Frame 8DB3 9 KB
3 KB 69ms
7ms Script
application/javascript 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient/loader0.js
Requested by: Host: efile1099now.efile1.com
URL: https://efile1099now.efile1.com/unauthorized
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6794) /
Resource Hash: d60e77afc074077585fcc84cdb0a15cef2477cbf0f7d5db66524fd2670f2f422

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efile1099now.efile1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 21:24:13 GMT
content-encoding: gzip
last-modified: Tue, 05 Oct 2021 16:42:10 GMT
server: ECS (frb/6794)
age: 2417
etag: W/"615c8062-236b"
vary: Accept-Encoding
x-cache: HIT
p3p: CP='Olark does not have a P3P policy. Learn why here: http://olark.com/p3p'
via: 1.1 google
cache-control: max-age=2700
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 3211
expires: Sun, 10 Oct 2021 22:09:13 GMT

GET 3e8a2ad7-4492-4712-4a37-0c39beeb1d44
app.pendo.io/data/ptm.gif/ 0
0

GET 3e8a2ad7-4492-4712-4a37-0c39beeb1d44
app.pendo.io/data/guide.json/ 0
0

GET
H2 200 app.js Show response
static.olark.com/jsclient/ Frame 2E66 55 KB
18 KB 7ms
7ms Script
application/javascript 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient/app.js
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient/loader0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6762) /
Resource Hash: 9501d98188ad0547d88d6ad8d20420da3fc751b856cb9c7739508f125a2529f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efile1099now.efile1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 21:24:13 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 18:27:09 GMT
server: ECS (frb/6762)
age: 10549
etag: "615dea7d-dc41"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 18705
via: 1.1 google
expires: Mon, 11 Oct 2021 00:24:13 GMT

GET
H2 200 3176-841-10-8932.js Show response
static.olark.com/a/assets/v0/site/ Frame 2E66 16 KB
17 KB 8ms
7ms Script
application/javascript 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/a/assets/v0/site/3176-841-10-8932.js?cb=1633901053098
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6727) /
Resource Hash: 293ab24cc04989f0b37493d5ae60a05dfb9c5255f15c80f5762c6ecdab91be2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efile1099now.efile1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 21:24:13 GMT
via: 1.1 google
last-modified: Tue, 05 Oct 2021 17:59:20 GMT
server: ECS (frb/6727)
age: 444296
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 16815

GET
H2 200 c Show response
nrpc.olark.com/nrpc/ Frame 2E66 891 B
1 KB 163ms
122ms XHR
text/javascript 34.96.127.16
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://nrpc.olark.com/nrpc/c?c=create&s=3176-841-10-8932&v=HqmwDscWshbqmkyn2V8BM0PaAZbo46ja&i=kEUppW0alUkDoUhZ2V8BM0Paka4vEAbV&g=ALL&q=precache09666675607885324&j=o0&version=loader-precache&xhttp=1&u=https%3A%2F%2Fefile1099now.efile1.com%2Funauthorized&r=&ca=false&ru=false
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.127.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.127.96.34.bc.googleusercontent.com
Software: TwistedWeb/21.2.0 /
Resource Hash: e1d21df2482a1aa4e766d308a12c449788e345e6683e7ae08589d0341f5054f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efile1099now.efile1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Oct 2021 21:24:13 GMT
via: 1.1 google
last-modified: Sun, 10 Oct 2021 21:24:13 UTC
server: TwistedWeb/21.2.0
x-rpc: nrpc-http-6cbcb5f5f5-6wdzh
access-control-allow-origin: *
cache-control: post-check=0, pre-check=0
content-disposition: inline; filename="rpc.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: clear
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 application2.js Show response
static.olark.com/jsclient-bucket3/ Frame 2E66 2 MB
474 KB 7ms
7ms Script
application/javascript 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient-bucket3/application2.js?v=1633544683874
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient/app.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67D3) /
Resource Hash: 0e88f0522bff750c212e0e728dd0be8c87917dc95b3229a8596cd68d718b14f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efile1099now.efile1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 21:24:13 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 18:26:59 GMT
server: ECS (frb/67D3)
age: 8940
etag: W/"615dea73-1c0369"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 484954
via: 1.1 google
expires: Mon, 11 Oct 2021 00:24:13 GMT

GET
H2 200 storage.html Show response
static.olark.com/jsclient-bucket3/ Frame E594 180 B
271 B 7ms
6ms Document
text/html 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient-bucket3/storage.html?v=1633544683874
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient-bucket3/application2.js?v=1633544683874
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67E2) /
Resource Hash: 28e28320d3d276c9b30d1f1dc36f1151cd9ad8b0252a2ba6d81cf45772c028a9

Request headers

:method: GET
:authority: static.olark.com
:scheme: https
:path: /jsclient-bucket3/storage.html?v=1633544683874
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://efile1099now.efile1.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://efile1099now.efile1.com/

Response headers

content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 10516
cache-control: max-age=10800
content-type: text/html; charset=utf-8
date: Sun, 10 Oct 2021 21:24:13 GMT
etag: W/"615dea74-b4"
expires: Mon, 11 Oct 2021 00:24:13 GMT
last-modified: Wed, 06 Oct 2021 18:27:00 GMT
server: ECS (frb/67E2)
vary: Accept-Encoding
via: 1.1 google
x-cache: HIT
content-length: 157

GET
H2 200 storage.js Show response
static.olark.com/jsclient-bucket3/ Frame E594 88 KB
28 KB 7ms
7ms Script
application/javascript 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient-bucket3/storage.js?v=1633544683874
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient-bucket3/storage.html?v=1633544683874
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6752) /
Resource Hash: dab52b6a586ef7f9ca586988ec1ee1b728192db137cf3b2548b6bec69d2fde81

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://static.olark.com/jsclient-bucket3/storage.html?v=1633544683874
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 21:24:13 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 18:27:00 GMT
server: ECS (frb/6752)
age: 10516
etag: "615dea74-160b0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 28834
via: 1.1 google
expires: Mon, 11 Oct 2021 00:24:13 GMT

GET
H2 200 visits Show response
api.olark.com/2.0/sites/3176-841-10-8932/ Frame 2E66 112 B
382 B 162ms
124ms Script
application/json 34.96.127.16
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.olark.com/2.0/sites/3176-841-10-8932/visits?_callback=_olark_callback_640ead4f_b84a_45ce_96ad_cbe4514337b1&_method=POST&_data=%7B%22conversation_id%22%3A%22kEUppW0alUkDoUhZ2V8BM0Paka4vEAbV%22%2C%22cache%22%3A%220.20145455561056025%22%7D
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient-bucket3/application2.js?v=1633544683874
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.127.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.127.96.34.bc.googleusercontent.com
Software: NotARealServer/1.33.7 /
Resource Hash: 4b841313c31095a24743aeb2757b7123654d809e9bb030d6b5349ddf44361897

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efile1099now.efile1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 21:24:13 GMT
via: 1.1 google
server: NotARealServer/1.33.7
access-control-allow-headers: X-Access-Token, X-CSRF-Token, Content-Type, Authorization
access-control-max-age: 432000
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH
content-type: application/json
access-control-allow-origin: *
content-disposition: inline; filename="api.txt"
alt-svc: clear

GET
H2 200 jquery.js Show response
static.olark.com/jsclient/ Frame 2E66 92 KB
33 KB 7ms
7ms Script
application/javascript 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient/jquery.js
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient-bucket3/application2.js?v=1633544683874
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6724) /
Resource Hash: d8627e4cab88368fa35cf514910c6b868745b98620e25a2a577d2fe5d743ccef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efile1099now.efile1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 21:24:13 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 18:27:27 GMT
server: ECS (frb/6724)
age: 10537
etag: "615dea8f-170a0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 33211
via: 1.1 google
expires: Mon, 11 Oct 2021 00:24:13 GMT

GET
H2 206 olark-chimes.ogg
static.olark.com/jsclient/sounds/ Frame 2E66 11 KB
11 KB 7ms
7ms Media
audio/ogg 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient/sounds/olark-chimes.ogg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6731) /
Resource Hash: b1fa55944d393c97b9d9c938e639e532e95ccb046440b9adfffca4e1b0a2bcae

Request headers

Referer: https://efile1099now.efile1.com/
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Range: bytes=0-

Response headers

date: Sun, 10 Oct 2021 21:24:13 GMT
via: 1.1 google
last-modified: Wed, 06 Oct 2021 18:27:10 GMT
server: ECS (frb/6731)
age: 10515
etag: "615dea7e-2a35"
x-cache: HIT
content-type: audio/ogg
access-control-allow-origin: *
cache-control: max-age=10800
Content-Range: bytes 0-10804/10805
accept-ranges: bytes
Content-Length: 10805
expires: Mon, 11 Oct 2021 00:24:13 GMT

GET
H2 200 theme.css
static.olark.com/jsclient/styles/cryptic-capybara/ 165 KB
19 KB 7ms
7ms Stylesheet
text/css 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient/styles/cryptic-capybara/theme.css
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient-bucket3/application2.js?v=1633544683874
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67C1) /
Resource Hash: 176b0008478c0756400a5613cc1568f2e046c069457e8749dcce8a8ac3a26f20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efile1099now.efile1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 21:24:13 GMT
content-encoding: gzip
last-modified: Wed, 06 Oct 2021 18:27:10 GMT
server: ECS (frb/67C1)
age: 10538
etag: "615dea7e-294ad"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 19729
via: 1.1 google
expires: Mon, 11 Oct 2021 00:24:13 GMT

GET
H2 200 log.png
log.olark.com/jslog/ 2 B
75 B 132ms
120ms Image
text/plain 34.96.127.16
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.olark.com/jslog/log.png?version=-bucket3&location=https%3A%2F%2Fefile1099now.efile1.com%2Funauthorized&message=%23chatbox-size-md%20%23using_theme.cryptic_capybara%20%23using_theme%20&tabname=oktab07316418339310338&conversation_id=kEUppW0alUkDoUhZ2V8BM0Paka4vEAbV&visitor_id=HqmwDscWshbqmkyn2V8BM0PaAZbo46ja&site_id=3176-841-10-8932&bucket=bucket3&level=count&timestamp=1633901053829&properties=%7B%7D&recent_logs=%5B%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.127.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.127.96.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efile1099now.efile1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 21:24:13 GMT
via: 1.1 google
server: nginx
alt-svc: clear
content-length: 2
content-type: text/plain

GET
H2 200 noto-sans-v11-latin-700.woff2
static.olark.com/jsclient/fonts/ 16 KB
16 KB 27ms
7ms Font
application/octet-stream 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient/fonts/noto-sans-v11-latin-700.woff2
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient/styles/cryptic-capybara/theme.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669E) /
Resource Hash: 8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5

Request headers

Referer: https://static.olark.com/jsclient/styles/cryptic-capybara/theme.css
Origin: https://efile1099now.efile1.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 21:24:13 GMT
via: 1.1 google
last-modified: Wed, 06 Oct 2021 18:27:10 GMT
server: ECS (frb/669E)
age: 10530
etag: "615dea7e-3f34"
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 16180
expires: Mon, 11 Oct 2021 00:24:13 GMT

GET
H2 200 noto-sans-v11-latin-regular.woff2
static.olark.com/jsclient/fonts/ 16 KB
16 KB 28ms
7ms Font
application/octet-stream 93.184.220.42
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://static.olark.com/jsclient/fonts/noto-sans-v11-latin-regular.woff2
Requested by: Host: static.olark.com
URL: https://static.olark.com/jsclient/styles/cryptic-capybara/theme.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 93.184.220.42 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/675D) /
Resource Hash: 4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec

Request headers

Referer: https://static.olark.com/jsclient/styles/cryptic-capybara/theme.css
Origin: https://efile1099now.efile1.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 21:24:13 GMT
via: 1.1 google
last-modified: Wed, 06 Oct 2021 18:27:27 GMT
server: ECS (frb/675D)
age: 10548
etag: "615dea8f-3eb8"
x-cache: HIT
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 16056
expires: Mon, 11 Oct 2021 00:24:13 GMT

GET
H2 200 log.png
log.olark.com/jslog/ 2 B
60 B 120ms
119ms Image
text/plain 34.96.127.16
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.olark.com/jslog/log.png?version=-bucket3&location=https%3A%2F%2Fefile1099now.efile1.com%2Funauthorized&message=%23loaded_theme.cryptic_capybara%20%23loaded_theme%20&tabname=oktab07316418339310338&conversation_id=kEUppW0alUkDoUhZ2V8BM0Paka4vEAbV&visitor_id=HqmwDscWshbqmkyn2V8BM0PaAZbo46ja&site_id=3176-841-10-8932&bucket=bucket3&level=count&timestamp=1633901053871&properties=%7B%7D&recent_logs=%5B%5D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.127.16 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 16.127.96.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://efile1099now.efile1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 21:24:13 GMT
via: 1.1 google
server: nginx
alt-svc: clear
content-length: 2
content-type: text/plain

OPTIONS
H/1.1 204
No Content efile1099now
excaliburapi.formstax.com/api/Account/getpartnerfeaturebypartnerid/ Frame 0
0 103ms
102ms Preflight 40.79.154.192
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excaliburapi.formstax.com/api/Account/getpartnerfeaturebypartnerid/efile1099now

Protocol

HTTP/1.1

Server

40.79.154.192 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,eventsessionid,partnerid,subjectid
Origin: https://efile1099now.efile1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Vary: Origin
Request-Context: appId=cid-v1:8ee4fdd0-c866-4328-ab38-13ec82fa62d7
Access-Control-Allow-Origin: https://efile1099now.efile1.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: authorization,content-type,eventsessionid,partnerid,subjectid
Access-Control-Allow-Methods: GET
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Permissions-Policy: fullscreen: 'self'; gyroscope: 'none'; legacy-image-formats: 'self'; layout-animations: 'self'; microphone 'none'; camera: 'none'; geolocation 'none'; sync-xhr: 'self'; usermedia 'self'; accelerometer 'none'; autoplay: 'none'; battery: 'none'; display-capture: 'none'; document-domain: 'none'; encrypted-media: 'none'; magnetometer: 'none'; midi: 'none'; oversied-images: 'self'; payment: 'self'; picture-in-picture: 'self'; publickey-credentials-get: 'self'; unoptimized-images: 'none'; unsized-media: 'self'; usb: 'self'; vibrate: 'none'; vr: 'none'; screen-wake-lock: 'none'; web-share: 'self'; xr-spatial-tracking: 'none'
Date: Sun, 10 Oct 2021 21:24:14 GMT

GET
H/1.1 200
OK efile1099now Show response
excaliburapi.formstax.com/api/Account/getpartnerfeaturebypartnerid/ 5 KB
2 KB 124ms
123ms XHR
application/json 40.79.154.192
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://excaliburapi.formstax.com/api/Account/getpartnerfeaturebypartnerid/efile1099now

Requested by

Host: efile1099now.efile1.com
URL: https://efile1099now.efile1.com/polyfills.b1ce7a0814935c76afc7.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

40.79.154.192 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e60b6369ab83c3e1ac0377c21b0f34e29b45bf2d72c31585ad5afa098700d81f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

SubjectId
Accept-Language: de-DE,de;q=0.9
Authorization
Content-Type: application/json
Accept: application/json, text/plain, application/pdf
Referer: https://efile1099now.efile1.com/
EventSessionId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
PartnerId: efile1099now

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Request-Context: appId=cid-v1:8ee4fdd0-c866-4328-ab38-13ec82fa62d7
Pragma: no-cache
Referrer-Policy: strict-origin-when-cross-origin
Date: Sun, 10 Oct 2021 21:24:13 GMT
Vary: Origin,Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://efile1099now.efile1.com
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Permissions-Policy: fullscreen: 'self'; gyroscope: 'none'; legacy-image-formats: 'self'; layout-animations: 'self'; microphone 'none'; camera: 'none'; geolocation 'none'; sync-xhr: 'self'; usermedia 'self'; accelerometer 'none'; autoplay: 'none'; battery: 'none'; display-capture: 'none'; document-domain: 'none'; encrypted-media: 'none'; magnetometer: 'none'; midi: 'none'; oversied-images: 'self'; payment: 'self'; picture-in-picture: 'self'; publickey-credentials-get: 'self'; unoptimized-images: 'none'; unsized-media: 'self'; usb: 'self'; vibrate: 'none'; vr: 'none'; screen-wake-lock: 'none'; web-share: 'self'; xr-spatial-tracking: 'none'
Expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/j/collect?v=1&_v=j93&a=576644464&t=pageview&_s=1&dl=https%3A%2F%2Fefile1099now.efile1.com%2FRecipient%2FRecipientSignUp.aspx&ul=en-us&de=UTF-8&dt=Formstax&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACAABBAAAAC~&jid=10425834&gjid=1093757127&cid=1293708971.1633901052&tid=UA-36027206-7&_gid=1467997732.1633901052&_r=1&gtm=2wga6052385F&z=562439972

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/j/collect?v=1&_v=j93&a=576644464&t=pageview&_s=1&dl=https%3A%2F%2Fefile1099now.efile1.com%2FRecipient%2FRecipientSignUp.aspx&ul=en-us&de=UTF-8&dt=Formstax&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAAC~&jid=1909706923&gjid=394513311&cid=1293708971.1633901052&tid=UA-36027206-2&_gid=1467997732.1633901052&_r=1&gtm=2wga6052385F&z=1095591065

Domain: rs.fullstory.com
URL: https://rs.fullstory.com/rec/page

Domain: app.pendo.io
URL: https://app.pendo.io/data/ptm.gif/3e8a2ad7-4492-4712-4a37-0c39beeb1d44?v=2.109.0_prod&ct=1633901053014&jzb=eJy9km3v0jAUxb9LXy9bt8nDeIdBHtSIiX-C0ZimbB00bO3s7sRB-O7cApLJg4nRkPBi_Npz7-nJ-bojUBeC9IhMhAKZ1sQhC6M3pTAMZI4nfjsMI-rTVkhpyyE_ZClBGyYTFFUqEalUIkEVj2NdKbg9qEyGZAVQlD3PQ5wJn0aR0hv39MeNde5Vilew0kZuj6LC6KIkvR3RWcJ-28k-vvkwmLIXNoSpGXVH782ijQJ776GFvzW9dwjwxcTC2bv1a_1lPF4W8_U2mMxRlBqei-PhZNX5qfrDeqTT75-VemvDq0Gg8TBs751LuLkA_sdgO88P9rzPft5MFjmXdnaTGZ3ZpzSRwhyuUMbVsuJLi4Vis082yvMD7m66M6IEDtes4AaUMMfQmzw2goPUanAtwbWowUr3L8sRJadrPvXwF9DAt90QpsQJiAMX43Mpw4j-RwVaNGhUINPcGn5cge7zK2A9_XLSfRX9-5ODkO6_HQAbDG64

Domain: app.pendo.io
URL: https://app.pendo.io/data/guide.json/3e8a2ad7-4492-4712-4a37-0c39beeb1d44?jzb=eJxtkEFrwzAMRv-LzyN2cmtug112LjsXYWutIZaCInew0f9eeYMw3IIP9sPf-5B-3DVvWVnek5tdpYSfmTC5FwcxciV94FUWIxfVdZu9N7zgGA4H4q_h7zFELr4SVL2w5O_fUEGFBApu3gvbNfdyLJCb_j8TXrBDBKVHC9C5wrlhpNPH0d32EZ42PVFsCtqzFUQJH7cTBUEz01sfsVrLIOnrXm7IZm_fxuDtTGEaTXFF2cxgeBpsg0M4rcImuN0B42GHBw&v=2.109.0_prod&ct=1633901053017

Verdicts & Comments Add Verdict or Comment

181 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.efile1099now.efile1.com/	1970-01-19 21:51:44	Name: TiPMix Value: 10.4177604012274
.efile1099now.efile1.com/	1970-01-19 21:51:44	Name: x-ms-routing-name Value: self
.efile1099now.efile1.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: dfef65d5d005decdf16ca6c5670ca470d3b3147889c1170e73f46a07f21ca5ae
.efile1099now.efile1.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: dfef65d5d005decdf16ca6c5670ca470d3b3147889c1170e73f46a07f21ca5ae
.efile1.com/	1970-01-20 00:01:17	Name: _gcl_au Value: 1.1.1285208577.1633901052
.efile1099now.efile1.com/	1970-01-20 15:22:53	Name: _ga Value: GA1.3.1293708971.1633901052
.efile1099now.efile1.com/	1970-01-19 21:53:07	Name: _gid Value: GA1.3.1467997732.1633901052
.efile1099now.efile1.com/	1970-01-19 21:51:41	Name: _gat_UA-36027206-7 Value: 1
.efile1.com/	1970-01-20 15:22:53	Name: _ga Value: GA1.2.1293708971.1633901052
.efile1.com/	1970-01-19 21:53:07	Name: _gid Value: GA1.2.1467997732.1633901052
.efile1.com/	1970-01-19 21:51:41	Name: _gat_UA-36027206-2 Value: 1
efile1099now.efile1.com/	1969-12-31 23:59:59	Name: wcsid Value: kEUppW0alUkDoUhZ2V8BM0Paka4vEAbV
efile1099now.efile1.com/	1970-01-20 15:22:53	Name: hblid Value: HqmwDscWshbqmkyn2V8BM0PaAZbo46ja
efile1099now.efile1.com/	1969-12-31 23:59:59	Name: _oklv Value: 1633901053113%2CkEUppW0alUkDoUhZ2V8BM0Paka4vEAbV
efile1099now.efile1.com/	1969-12-31 23:59:59	Name: _okdetect Value: %7B%22token%22%3A%2216339010532160%22%2C%22proto%22%3A%22https%3A%22%2C%22host%22%3A%22efile1099now.efile1.com%22%7D
efile1099now.efile1.com/	1970-01-20 15:22:53	Name: olfsk Value: olfsk558122458786334
efile1099now.efile1.com/	1969-12-31 23:59:59	Name: _okbk Value: cd4%3Dtrue%2Cvi5%3D0%2Cvi4%3D1633901053331%2Cvi3%3Dactive%2Cvi2%3Dfalse%2Cvi1%3Dfalse%2Ccd8%3Dchat%2Ccd6%3D0%2Ccd5%3Daway%2Ccd3%3Dfalse%2Ccd2%3D0%2Ccd1%3D0%2C
efile1099now.efile1.com/	1969-12-31 23:59:59	Name: _ok Value: 3176-841-10-8932
.excaliburapi.formstax.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 33f4099eaa05b43c015defa1518395e2f73f42ab03c886b4e31385103a0c9ec9
.adminapi.formstax.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 8e9bb04484c7a1d3a7fa7fc4a2bf55a3f5a227797a4fab2f0bb84163eae89308

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'display-capture'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'web-share'.
security	error	URL: https://www.google-analytics.com/analytics.js(Line 38) Message: Refused to connect to 'https://www.google-analytics.com/j/collect?v=1&_v=j93&a=576644464&t=pageview&_s=1&dl=https%3A%2F%2Fefile1099now.efile1.com%2FRecipient%2FRecipientSignUp.aspx&ul=en-us&de=UTF-8&dt=Formstax&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACAABBAAAAC~&jid=10425834&gjid=1093757127&cid=1293708971.1633901052&tid=UA-36027206-7&_gid=1467997732.1633901052&_r=1&gtm=2wga6052385F&z=562439972' because it violates the following Content Security Policy directive: "connect-src 'self' wss: devformstaxsignalr.service.signalr.net qaformstaxsignalr.service.signalr.net prodformstaxsignalr.service.signalr.net .azurewebsites.net .formstax.crdev.inet .formstaxqa.com .formstax.com api.recurly.com *.olark.com".
security	error	URL: https://www.google-analytics.com/analytics.js(Line 38) Message: Refused to connect to 'https://www.google-analytics.com/j/collect?v=1&_v=j93&a=576644464&t=pageview&_s=1&dl=https%3A%2F%2Fefile1099now.efile1.com%2FRecipient%2FRecipientSignUp.aspx&ul=en-us&de=UTF-8&dt=Formstax&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAAC~&jid=1909706923&gjid=394513311&cid=1293708971.1633901052&tid=UA-36027206-2&_gid=1467997732.1633901052&_r=1&gtm=2wga6052385F&z=1095591065' because it violates the following Content Security Policy directive: "connect-src 'self' wss: devformstaxsignalr.service.signalr.net qaformstaxsignalr.service.signalr.net prodformstaxsignalr.service.signalr.net .azurewebsites.net .formstax.crdev.inet .formstaxqa.com .formstax.com api.recurly.com *.olark.com".
security	error	URL: https://edge.fullstory.com/s/fs.js(Line 2) Message: Refused to connect to 'https://rs.fullstory.com/rec/page' because it violates the following Content Security Policy directive: "connect-src 'self' wss: devformstaxsignalr.service.signalr.net qaformstaxsignalr.service.signalr.net prodformstaxsignalr.service.signalr.net .azurewebsites.net .formstax.crdev.inet .formstaxqa.com .formstax.com api.recurly.com *.olark.com".
security	error	URL: https://efile1099now.efile1.com/unauthorized Message: Refused to load the image 'https://app.pendo.io/data/ptm.gif/3e8a2ad7-4492-4712-4a37-0c39beeb1d44?v=2.109.0_prod&ct=1633901053014&jzb=eJy9km3v0jAUxb9LXy9bt8nDeIdBHtSIiX-C0ZimbB00bO3s7sRB-O7cApLJg4nRkPBi_Npz7-nJ-bojUBeC9IhMhAKZ1sQhC6M3pTAMZI4nfjsMI-rTVkhpyyE_ZClBGyYTFFUqEalUIkEVj2NdKbg9qEyGZAVQlD3PQ5wJn0aR0hv39MeNde5Vilew0kZuj6LC6KIkvR3RWcJ-28k-vvkwmLIXNoSpGXVH782ijQJ776GFvzW9dwjwxcTC2bv1a_1lPF4W8_U2mMxRlBqei-PhZNX5qfrDeqTT75-VemvDq0Gg8TBs751LuLkA_sdgO88P9rzPft5MFjmXdnaTGZ3ZpzSRwhyuUMbVsuJLi4Vis082yvMD7m66M6IEDtes4AaUMMfQmzw2goPUanAtwbWowUr3L8sRJadrPvXwF9DAt90QpsQJiAMX43Mpw4j-RwVaNGhUINPcGn5cge7zK2A9_XLSfRX9-5ODkO6_HQAbDG64' because it violates the following Content Security Policy directive: "img-src 'self' .blob.core.windows.net cdn0.iconfinder.com cdn.formstaxqa.com cdn.formstax.com www.googletagmanager.com .olark.com data:".
security	error	URL: https://efile1099now.efile1.com/polyfills.b1ce7a0814935c76afc7.js(Line 1) Message: Refused to connect to 'https://app.pendo.io/data/guide.json/3e8a2ad7-4492-4712-4a37-0c39beeb1d44?jzb=eJxtkEFrwzAMRv-LzyN2cmtug112LjsXYWutIZaCInew0f9eeYMw3IIP9sPf-5B-3DVvWVnek5tdpYSfmTC5FwcxciV94FUWIxfVdZu9N7zgGA4H4q_h7zFELr4SVL2w5O_fUEGFBApu3gvbNfdyLJCb_j8TXrBDBKVHC9C5wrlhpNPH0d32EZ42PVFsCtqzFUQJH7cTBUEz01sfsVrLIOnrXm7IZm_fxuDtTGEaTXFF2cxgeBpsg0M4rcImuN0B42GHBw&v=2.109.0_prod&ct=1633901053017' because it violates the following Content Security Policy directive: "connect-src 'self' wss: devformstaxsignalr.service.signalr.net qaformstaxsignalr.service.signalr.net prodformstaxsignalr.service.signalr.net .azurewebsites.net .formstax.crdev.inet .formstaxqa.com .formstax.com api.recurly.com *.olark.com".
security	error	(Line 2) Message: Refused to connect to 'https://app.pendo.io/data/errorlog?apiKey=3e8a2ad7-4492-4712-4a37-0c39beeb1d44' because it violates the following Content Security Policy directive: "connect-src 'self' wss: devformstaxsignalr.service.signalr.net qaformstaxsignalr.service.signalr.net prodformstaxsignalr.service.signalr.net .azurewebsites.net .formstax.crdev.inet .formstaxqa.com .formstax.com api.recurly.com *.olark.com".
javascript	error	(Line 2) Message: Refused to connect to 'https://app.pendo.io/data/errorlog?apiKey=3e8a2ad7-4492-4712-4a37-0c39beeb1d44' because it violates the document's Content Security Policy.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; frame-src 'self' https: static.olark.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' www.googletagmanager.com static.olark.com js.recurly.com; script-src-elem data: 'unsafe-inline' 'self' https: www.googletagmanager.com www.google-analytics.com .olark.com; style-src 'self' 'unsafe-inline' fonts.gstatic.com fonts.googleapis.com .olark.com; font-src fonts.gstatic.com fonts.googleapis.com 'self' static.olark.com data:; img-src 'self' .blob.core.windows.net cdn0.iconfinder.com cdn.formstaxqa.com cdn.formstax.com www.googletagmanager.com .olark.com data:; connect-src 'self' wss: devformstaxsignalr.service.signalr.net qaformstaxsignalr.service.signalr.net prodformstaxsignalr.service.signalr.net .azurewebsites.net .formstax.crdev.inet .formstaxqa.com .formstax.com api.recurly.com .olark.com; object-src 'none'; media-src .olark.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adminapi.formstax.com
api.olark.com
app.pendo.io
cdn.formstax.com
cdn.pendo.io
edge.fullstory.com
efile1099now.efile1.com
excaliburapi.formstax.com
fonts.googleapis.com
fonts.gstatic.com
js.recurly.com
log.olark.com
nrpc.olark.com
rs.fullstory.com
static.olark.com
www.google-analytics.com
www.googletagmanager.com
app.pendo.io
rs.fullstory.com
www.google-analytics.com
104.111.238.11
104.16.114.53
142.250.184.234
142.250.185.163
142.250.185.78
172.217.16.136
18.66.112.119
34.96.127.16
35.201.112.186
40.79.154.192
93.184.220.42
0b125629b135235aea4609c07048a5a7671a9058910b632db5d69a0d09339ed4
0e88f0522bff750c212e0e728dd0be8c87917dc95b3229a8596cd68d718b14f6
176b0008478c0756400a5613cc1568f2e046c069457e8749dcce8a8ac3a26f20
21fae116067a67057fff4ec278e3c9842e860bdd2f34eb743f7ff4c6bcff648e
28e28320d3d276c9b30d1f1dc36f1151cd9ad8b0252a2ba6d81cf45772c028a9
293ab24cc04989f0b37493d5ae60a05dfb9c5255f15c80f5762c6ecdab91be2a
2b5450152283298c088b3565fab45d392c6439ed6df9aac48c70840a524d65b5
42d34b28a07a0a7ee6503c32b184bcb3558f50137ea39d8b59ca7926e1c938c3
460b777222e77d36474366f96b521e7b0c10981013d5c121ae0ede035cf019b9
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
4b841313c31095a24743aeb2757b7123654d809e9bb030d6b5349ddf44361897
5a835fa4dfbc956e18450b75d78fb942a770d12246ab17764ba645677edb539a
5f13f9cfb62d13dc1e757cb507e017bf2f9735a77a8a9a15103ca909d734be03
6c5acbb82a46a4971660f65131241dffcc28828f4dbd76b8ec7bab0b468250f8
81e491c1eaeddce07b633fd637b56bd24150ea377f4f3311f1935454f9cd8db5
833a6dee555c754a5fcc35643b4c74512a886f11a3aafda5845e735ec310867d
893d316be0cd79481f7231f33625056355c5aba4bb572cb49a2d6a0345aed3db
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
9163271baedd6654d9a673dff1d6c94c7f8d3d48ace4ed61b3f21bc0f098263d
9456718fc26c849fed63242644edd3e100b5eec82089d8eac271efe6614db6c6
9501d98188ad0547d88d6ad8d20420da3fc751b856cb9c7739508f125a2529f1
989bb90fd51b49f2db648560a36ac7b01327e796872df241432fdb4993b54b80
992cf84507758a509a2aacc0de182cf729378ebc18df7d8e7b2d2b88830b0eda
abaa7b12d171fb6e0c9a3f6431157f77d9b3d1f875657769e2cd6191e88b7e8e
abf55d853f3bbe3a244ea8f3b8ed9b4127f028a096fefc942020a3605433d99a
b1fa55944d393c97b9d9c938e639e532e95ccb046440b9adfffca4e1b0a2bcae
b65bfc616da7603da9ea2ed1f6cc95f674ffc90c3ad246f2bfc82a79672b1009
b913028cae336af75686538cf833779bac3d2e42701ac7800415dfe3d32a76d0
ce22abc024cf9cbc9f01da43453972d3f975911b1a8f3b6b91b0211418df2875
d60e77afc074077585fcc84cdb0a15cef2477cbf0f7d5db66524fd2670f2f422
d8627e4cab88368fa35cf514910c6b868745b98620e25a2a577d2fe5d743ccef
dab52b6a586ef7f9ca586988ec1ee1b728192db137cf3b2548b6bec69d2fde81
e1d21df2482a1aa4e766d308a12c449788e345e6683e7ae08589d0341f5054f2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60b6369ab83c3e1ac0377c21b0f34e29b45bf2d72c31585ad5afa098700d81f
ef92827a8d38cee72d2a9e74a769a0e626a2f183ad9185208d2638b79a786460
f66c3bae421cd93f64ff886e1a9cfaeb56ff4daf05baa88136df8eb425aefff5
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

efile1099now.efile1.com Open in urlscan Pro 40.79.154.192 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

47 Requests

89 %HTTPS

0 %IPv6

10 Domains

17 Subdomains

12 IPs

4 Countries

3208 kBTransfer

12113 kBSize

20 Cookies

6 Outgoing links

Redirected requests

47 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

efile1099now.efile1.com Open in urlscan Pro
40.79.154.192 Public Scan

Screenshot
Live screenshot

Full Image

47
Requests

89 %
HTTPS

0 %
IPv6

10
Domains

17
Subdomains

12
IPs

4
Countries

3208 kB
Transfer

12113 kB
Size

20
Cookies

47 HTTP transactions
0 data transactions