www.toevolution.com Open in urlscan Pro
2606:4700:3032::681b:b760 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
Submission: On September 21 via api (September 21st 2020, 6:00:44 am UTC) from US

Summary HTTP 61 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 15 IPs in 5 countries across 15 domains to perform 61 HTTP transactions. The main IP is 2606:4700:3032::681b:b760, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.toevolution.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 6th 2020. Valid for: a year.

This is the only time www.toevolution.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
27	2606:4700:303... 2606:4700:3032::681b:b760	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	139.45.197.193 139.45.197.193	9002 (RETN-AS) (RETN-AS)
1	2606:4700::68... 2606:4700::6810:a723	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:819::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
5	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:817::2001	15169 (GOOGLE) (GOOGLE)
1	139.45.195.41 139.45.195.41	9002 (RETN-AS) (RETN-AS)
1	23.210.250.213 23.210.250.213	16625 (AKAMAI-AS) (AKAMAI-AS)
3 5	104.19.136.78 104.19.136.78	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	139.45.195.176 139.45.195.176	9002 (RETN-AS) (RETN-AS)
1	104.19.137.80 104.19.137.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
61	15

27 2606:4700:3032::681b:b760 (United States)

ASN13335 (CLOUDFLARENET, US)

www.toevolution.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.45.197.193 (Ascension Island)

ASN9002 (RETN-AS, EU)

inpagepush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:819::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.210.248.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.41 (Ascension Island)

ASN9002 (RETN-AS, EU)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.250.213 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-213.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.19.136.78 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.45.195.176 (Ascension Island)

ASN9002 (RETN-AS, EU)

onstunkyr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.137.80 (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.steepto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	toevolution.com www.toevolution.com	303 KB
7	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	175 KB
5	mgid.com 3 redirects c.mgid.com s-img.mgid.com	13 KB
5	addthis.com s7.addthis.com m.addthis.com	191 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net stats.g.doubleclick.net	177 B
5	inpagepush.com inpagepush.com	28 KB
2	google.de www.google.de adservice.google.de	274 B
2	google.com 1 redirects www.google.com adservice.google.com	361 B
2	google-analytics.com 1 redirects ssl.google-analytics.com	18 KB
1	steepto.com s-img.steepto.com	27 KB
1	onstunkyr.com onstunkyr.com	482 B
1	moatads.com z.moatads.com	1 KB
1	rtmark.net my.rtmark.net	777 B
1	googletagservices.com www.googletagservices.com	27 KB
1	cloudflare.com ajax.cloudflare.com	4 KB
61	15

	Domain	Requested by
27	www.toevolution.com	www.toevolution.com ajax.cloudflare.com
5	pagead2.googlesyndication.com	ajax.cloudflare.com pagead2.googlesyndication.com
5	inpagepush.com	www.toevolution.com inpagepush.com
4	s7.addthis.com	www.toevolution.com s7.addthis.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	c.mgid.com	3 redirects
2	s-img.mgid.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	ssl.google-analytics.com	1 redirects ajax.cloudflare.com
1	s-img.steepto.com
1	onstunkyr.com
1	m.addthis.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	my.rtmark.net	inpagepush.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	www.google.de
1	www.google.com	1 redirects
1	stats.g.doubleclick.net	1 redirects
1	ajax.cloudflare.com	www.toevolution.com
61	21

This site contains links to these domains. Also see Links.

Domain
www.addthis.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-06` - `2021-07-06`	a year	crt.sh
inpagepush.com Let's Encrypt Authority X3	`2020-08-15` - `2020-11-13`	3 months	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-07-22` - `2021-10-13`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-08-26` - `2020-11-18`	3 months	crt.sh
*.rtmark.net Let's Encrypt Authority X3	`2020-08-28` - `2020-11-26`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2020-01-17` - `2021-03-17`	a year	crt.sh
onstunkyr.com Let's Encrypt Authority X3	`2020-07-15` - `2020-10-13`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
Frame ID: CD8B132B8F1FA5FEBE8D0AB25E35E10F
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200915/r20190131/zrt_lookup.html
Frame ID: 232FBC0C8D87B29115A0754DECF09094
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4945646916149991&output=html&h=90&slotname=2446759661&adk=1425101374&adf=3281605397&w=728&lmt=1600668028&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.toevolution.com%2Fblog%2Fview%2F894543%2Fthe-tax-collector-file-mp4hd720p-free-download&flash=0&wgl=1&dt=1600668028393&bpp=13&bdt=282&idt=71&shv=r20200915&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=3821924500744&frm=20&pv=2&ga_vid=165041901.1600668028&ga_sid=1600668028&ga_hid=952479877&ga_fc=1&iag=0&icsg=3121827&dssz=17&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1620&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44726949%2C21066467&oid=3&pvsid=2737732175429838&pem=296&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=sHDLiRRtdK&p=https%3A//www.toevolution.com&dtd=86
Frame ID: 1FD0D5AFD0CF9188192BCEEB67BEDDD9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4945646916149991&output=html&adk=1812271804&adf=3025194257&lmt=1600668028&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.toevolution.com%2Fblog%2Fview%2F894543%2Fthe-tax-collector-file-mp4hd720p-free-download&ea=0&flash=0&pra=5&wgl=1&dt=1600668028414&bpp=3&bdt=304&idt=79&shv=r20200915&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=2446759661&nras=1&correlator=3821924500744&frm=20&pv=1&ga_vid=165041901.1600668028&ga_sid=1600668028&ga_hid=952479877&ga_fc=1&iag=0&icsg=46041743&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44726949%2C21066467&oid=3&pvsid=2737732175429838&pem=296&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=82
Frame ID: 0E72A106413A55E502853FC99A72A1A1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4945646916149991&output=html&h=280&slotname=2446759661&adk=588137784&adf=1119259538&w=1200&fwrn=4&fwrnh=100&lmt=1600668028&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=https%3A%2F%2Fwww.toevolution.com%2Fblog%2Fview%2F894543%2Fthe-tax-collector-file-mp4hd720p-free-download&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1600668028417&bpp=2&bdt=307&idt=94&shv=r20200915&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=2446759661&nras=1&correlator=3821924500744&frm=20&pv=1&ga_vid=165041901.1600668028&ga_sid=1600668028&ga_hid=952479877&ga_fc=1&iag=0&icsg=184166975&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=176&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44726949%2C21066467&oid=3&pvsid=2737732175429838&pem=296&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Kaxaz6DxFw&p=https%3A//www.toevolution.com&dtd=96
Frame ID: C8A9008ECC52BC344967DCD3B7289842
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 5E2F73AC804F56A24389DA878774F836
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: CE195340082551EEABFC51A104FB007A
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 0A4F543CCBF5EC252C118694F653670B
Requests: 1 HTTP requests in this frame

Frame: https://s-img.mgid.com/g/6288128/328x328/0x155x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc%2A.webp
Frame ID: 379A98F0AFC913619AAA9C3F853A5997
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

AddThis (Widgets) Expand

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Lightbox (JavaScript Libraries) Expand

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

61
Requests

98 %
HTTPS

56 %
IPv6

15
Domains

21
Subdomains

15
IPs

5
Countries

787 kB
Transfer

2293 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.addthis.com/website-tools/overview?utm_source=AddThis%20Tools&utm_medium=image
Title: AddThis

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1602039890&utmhn=www.toevolution.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Forbidden%20%3A%20Toevolution&utmhid=952479877&utmr=-&utmp=%2Fblog%2Fview%2F894543%2Fthe-tax-collector-file-mp4hd720p-free-download&utmht=1600668028453&utmac=UA-96137069-1&utmcc=__utma%3D26315704.165041901.1600668028.1600668028.1600668028.1%3B%2B__utmz%3D26315704.1600668028.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1311794159&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-96137069-1&cid=165041901.1600668028&jid=1311794159&_v=5.7.2&z=1602039890 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-96137069-1&cid=165041901.1600668028&jid=1311794159&_v=5.7.2&z=1602039890 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-96137069-1&cid=165041901.1600668028&jid=1311794159&_v=5.7.2&z=1602039890&slf_rd=1&random=1750965432

Request Chain 55

https://c.mgid.com/c?pv=2&v=0|0|0|ia6vp3Ovn4RuIj9O-TncKyEmrnDcXNoIp4D-3A2UspGaSHdZ9UF7oTYgfM6dhSKc&cid=218581&f=1&h2=rl8QvEJ67l_13_oANqpxM_N-fy5S3o8nVYjDcujLCRw*&rid=z3447639zb5295256bcNLcp2ph2020092101h&psid=1_3447639&cp=154&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzYyODgxMjgvMzI4eDMyOC8weDE1NXg5MDB4NjAwL2FIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpBdE1EWXZNVEF4T1RJMEx6Z3hZakl4TlRNNFpEYzROREZtT0RKbVpqQXpOR014WXpGaE5tTXpZVEV6TG1wd1pXYyoud2VicA== HTTP 301
https://s-img.mgid.com/g/6288128/328x328/0x155x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc%2A.webp

Request Chain 57

https://c.mgid.com/c?pv=2&v=0|0|0|ia6vp3Ovn4RuIj9O-TncKyEmrnDcXNoIp4D-3A2UspGaSHdZ9UF7oTYgfM6dhSKc&cid=218581&f=1&h2=rl8QvEJ67l_13_oANqpxM_N-fy5S3o8nVYjDcujLCRw*&rid=z3447639zb5295256bcNLcp2ph2020092101h&psid=1_3447639&cp=154&iub=aHR0cHM6Ly9zLWltZy5tZ2lkLmNvbS9nLzYyODgxMjgvMzI4eDMyOC8weDE1NXg5MDB4NjAwL2FIUjBjRG92TDJsdFoyaHZjM1J6TG1OdmJTOTBMekl3TWpBdE1EWXZNVEF4T1RJMEx6Z3hZakl4TlRNNFpEYzROREZtT0RKbVpqQXpOR014WXpGaE5tTXpZVEV6TG1wd1pXYyoud2VicA== HTTP 301
https://s-img.mgid.com/g/6288128/328x328/0x155x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc%2A.webp

Request Chain 60

https://c.mgid.com/c?pv=2&v=0|0|0|luVX0r5tpmPzOMbbBh2Xc2CDeS3DuxXzKWxc2k6U09_Zsoyoyf6Rhah-kOvr9IHY&cid=949756&f=1&h2=rl8QvEJ67l_13_oANqpxM_N-fy5S3o8nVYjDcujLCRw*&rid=z3447639zb6445615bcNLcp2ph2020092101h&psid=3447639&cp=154&iub=aHR0cHM6Ly9zLWltZy5zdGVlcHRvLmNvbS9nLzUwOTc2NTkvMzI4eDMyOC84MngweDUzNXgzNTYvYUhSMGNEb3ZMMmx0WjJodmMzUnpMbU52YlM5MEx6SXdNakF0TURFdk1UQXhPVEkwTDJVNE5UQmtZemhsTWprMlpXVXhNbVV4TkRsbU16WXhPV0kxWWpKaE9USmtMbXB3WldjKi53ZWJw HTTP 301
https://s-img.steepto.com/g/5097659/328x328/82x0x535x356/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U4NTBkYzhlMjk2ZWUxMmUxNDlmMzYxOWI1YjJhOTJkLmpwZWc%2A.webp

61 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 403 Primary Request the-tax-collector-file-mp4hd720p-free-download Show response
www.toevolution.com/blog/view/894543/ 16 KB
4 KB 878ms
855ms Document
text/html 2606:4700:3032::681b:b760
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b760 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.4.10

Resource Hash

592f8ca99da1b18a1fedda39a386fbada9e215a375cb81891af4ed876d1e06a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.toevolution.com
:scheme: https
:path: /blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 403
date: Mon, 21 Sep 2020 06:00:28 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=dff2b7e37b0e16240ad397d6042b2716e1600668027; expires=Wed, 21-Oct-20 06:00:27 GMT; path=/; domain=.toevolution.com; HttpOnly; SameSite=Lax; Secure Elgg=fffa1d32a22a5ff1b45bda6a74811a0d; path=/
cache-control: must-revalidate, no-cache, no-store, private
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.4.10
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
vary: User-Agent
cf-cache-status: DYNAMIC
cf-request-id: 0550d8e17700003250f8243200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-content-type-options: nosniff
server: cloudflare
cf-ray: 5d6190e25c3e3250-FRA
content-encoding: br

GET
H2 200 aDgtqq6rbBDpmDObZnmYtgFHn7w.js Show response
www.toevolution.com/cdn-cgi/apps/head/ 5 KB
2 KB 13ms
12ms Script
application/javascript 2606:4700:3032::681b:b760
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.toevolution.com/cdn-cgi/apps/head/aDgtqq6rbBDpmDObZnmYtgFHn7w.js

Requested by

Host: www.toevolution.com
URL: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b760 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76e9596b8fbec17a2294b75548dd87ecc93b69a758ccca1f54fa582e15c7403e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2591
status: 200
content-type: application/javascript; charset=utf-8
x-amz-request-id: 73FA08E0D89D2BA5
x-amz-id-2: zPvaJoGop2+3wdUOCPdYCe8J+xvvzM1BfsU+TMcUVrAK2fYt/mhfQLpwxXJbizUYCTTGKTlRIVA=
last-modified: Tue, 05 Feb 2019 22:58:09 GMT
server: cloudflare
etag: W/"f3f9c138f6ed60e31821b5548263ba68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: Q7x8hr8RpBOgTqex_D3tWYKMKRXm4G7f
cache-control: public, max-age=31536000
cf-request-id: 0550d8e4d500003250f8270200000001
cf-ray: 5d6190e7bf013250-FRA

GET
H2 200 all.min.css
www.toevolution.com/cache/1598264439/default/font-awesome/css/ 67 KB
12 KB 14ms
14ms Stylesheet
text/css 2606:4700:3032::681b:b760
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.toevolution.com/cache/1598264439/default/font-awesome/css/all.min.css

Requested by

Host: www.toevolution.com
URL: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b760 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

436e0b6820ff2b48aa3a555c336ae543e19cb4a23f5e35f47d00b1e535f837b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
last-modified: Mon, 24 Aug 2020 10:20:41 GMT
server: cloudflare
age: 2591
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
status: 200
cache-control: max-age=31536000
cf-ray: 5d6190e7befc3250-FRA
cf-request-id: 0550d8e4d500003250f826d200000001
expires: Tue, 21 Sep 2021 05:17:17 GMT

GET
H2 200 elgg.css
www.toevolution.com/cache/1598264439/default/ 95 KB
17 KB 16ms
15ms Stylesheet
text/css 2606:4700:3032::681b:b760
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.toevolution.com/cache/1598264439/default/elgg.css

Requested by

Host: www.toevolution.com
URL: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b760 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50a9e58c1e58d1e1a666f74052eca0d9feb7404e7f05e36ab58d0ea9b78ec758

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 112462
cf-polished: origSize=97972
status: 200
cf-bgj: minify
cf-request-id: 0550d8e4d500003250f826e200000001
last-modified: Mon, 24 Aug 2020 10:20:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=31536000
cf-ray: 5d6190e7befe3250-FRA
expires: Sun, 19 Sep 2021 22:46:05 GMT

GET
H2 200 tagcolors.css
www.toevolution.com/cache/1598264439/default/tag_tools/ 0
179 B 14ms
13ms Stylesheet
text/css 2606:4700:3032::681b:b760
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.toevolution.com/cache/1598264439/default/tag_tools/tagcolors.css

Requested by

Host: www.toevolution.com
URL: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b760 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 112463
status: 200
cf-bgj: minify
content-length: 0
cf-request-id: 0550d8e4d500003250f826f200000001
last-modified: Mon, 24 Aug 2020 10:20:41 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5d6190e7bf003250-FRA
expires: Sun, 19 Sep 2021 22:46:05 GMT

GET
H/1.1 200
OK 3447639 Show response
inpagepush.com/400/ 66 KB
24 KB 72ms
24ms Script
application/javascript 139.45.197.193
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/400/3447639

Requested by

Host: www.toevolution.com
URL: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.197.193 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

880793ff9e5f6fb59993dc15c94475e1229b796b99a0d570212cb942f64b76a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: 857e1dd661f50cbed2113c993c6e03bb
Pragma: no-cache
Date: Mon, 21 Sep 2020 06:00:28 GMT
Content-Encoding: gzip
Vary: Origin
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 27ms
9ms Script
application/javascript 2606:4700::6810:a723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.toevolution.com
URL: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: gzip
vary: Accept-Encoding
last-modified: Mon, 14 Sep 2020 19:48:52 GMT
server: cloudflare
etag: W/"5f5fc924-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/javascript
status: 200
cache-control: max-age=172800, public
strict-transport-security: max-age=15780000; includeSubDomains
cf-ray: 5d6190e7fdb56497-FRA
cf-request-id: 0550d8e4fc000064973118c200000001
expires: Wed, 23 Sep 2020 06:00:28 GMT

GET
H2 200 bwjx6cCf0UsBKHZNBirdHFm-6hs.js Show response
www.toevolution.com/cdn-cgi/apps/body/ 3 KB
1 KB 14ms
13ms Script
application/javascript 2606:4700:3032::681b:b760
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.toevolution.com/cdn-cgi/apps/body/bwjx6cCf0UsBKHZNBirdHFm-6hs.js

Requested by

Host: www.toevolution.com
URL: https://www.toevolution.com/cdn-cgi/apps/head/aDgtqq6rbBDpmDObZnmYtgFHn7w.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b760 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90dcd7cb81669cab02e1b699c1701811ec3d3c34aed9a73ca17ed526def5b9e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2590
status: 200
content-type: application/javascript; charset=utf-8
x-amz-request-id: 21B3558CB5AF411A
x-amz-id-2: W5LRBEcHHcPE7+90/AhBALdr0JUfDvxkiXBHYJUkqQbk6fzuxLBkgv8bIEkktSqELtLsJTObZUE=
last-modified: Tue, 05 Feb 2019 22:58:09 GMT
server: cloudflare
etag: W/"45c6918994b67eda9b34779d49aa4a70"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: yr.i_mjonWs.DDs6XM0pu8_TQ0oxV8To
cache-control: public, max-age=31536000
cf-request-id: 0550d8e4ea00003250f8272200000001
cf-ray: 5d6190e7df423250-FRA

GET
H2 200 fa-solid-900.woff2
www.toevolution.com/cache/1598264439/default/font-awesome/webfonts/ 78 KB
79 KB 14ms
14ms Font
font/woff2 2606:4700:3032::681b:b760
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.toevolution.com/cache/1598264439/default/font-awesome/webfonts/fa-solid-900.woff2

Requested by

Host: www.toevolution.com
URL: https://www.toevolution.com/cache/1598264439/default/font-awesome/css/all.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b760 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44c895dc3c84cd73fbfed9ef0b67286949bd1017fd7d6313a28eb830fa1eb099

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.toevolution.com
Referer: https://www.toevolution.com/cache/1598264439/default/font-awesome/css/all.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:28 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 80710
status: 200
content-length: 80292
cf-request-id: 0550d8e51800003250f8275200000001
last-modified: Mon, 24 Aug 2020 10:20:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent, Accept-Encoding
content-type: font/woff2
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5d6190e82fe43250-FRA
expires: Mon, 20 Sep 2021 07:35:18 GMT

GET
H2 200 elgg.js Show response
www.toevolution.com/cache/1598264439/default/ 30 KB
9 KB 23ms
16ms Script
application/javascript 2606:4700:3032::681b:b760
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.toevolution.com/cache/1598264439/default/elgg.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b760 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adacf017b2895aaebcec95a9c0de31e8cde2044f6a0850940402befa0ed37459

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2590
status: 200
cf-bgj: minify
cf-request-id: 0550d8e5c100003250f827a200000001
last-modified: Mon, 24 Aug 2020 10:20:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 5d6190e93a413250-FRA
expires: Tue, 21 Sep 2021 05:17:18 GMT

GET
H2 200 require.js Show response
www.toevolution.com/cache/1598264439/default/ 26 KB
8 KB 25ms
19ms Script
application/javascript 2606:4700:3032::681b:b760
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.toevolution.com/cache/1598264439/default/require.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b760 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9685cb71997926787800eb8cc0b13873e0f39eb2a5e00a4005054480000dc27f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 112448
status: 200
cf-bgj: minify
cf-request-id: 0550d8e5c100003250f827b200000001
last-modified: Mon, 24 Aug 2020 10:20:42 GMT
server: cloudflare
etag: W/"674c-5ad9cf0560eb9-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 5d6190e93a453250-FRA
expires: Sun, 19 Sep 2021 22:46:20 GMT

GET
H2 200 require_config.js Show response
www.toevolution.com/cache/1598264439/default/elgg/ 2 KB
520 B 27ms
21ms Script
application/javascript 2606:4700:3032::681b:b760
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.toevolution.com/cache/1598264439/default/elgg/require_config.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b760 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d3cd8da1536efff04b27cabbc9c8c630c3722620010553382f5b1fbc3e773250

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 112449
status: 200
cf-bgj: minify
cf-request-id: 0550d8e5c100003250f827c200000001
last-modified: Mon, 24 Aug 2020 10:20:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 5d6190e93a483250-FRA
expires: Sun, 19 Sep 2021 22:46:19 GMT

GET
H2 200 jquery-ui.js Show response
www.toevolution.com/cache/1598264439/default/ 235 KB
59 KB 31ms
26ms Script
application/javascript 2606:4700:3032::681b:b760
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.toevolution.com/cache/1598264439/default/jquery-ui.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b760 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfea2a8babd0fefc3646dd29df843cc33ffcaf5ee70d4549243945d7bb5e8aaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 112450
cf-polished: origSize=240419
status: 200
cf-request-id: 0550d8e5c100003250f827d200000001
last-modified: Mon, 24 Aug 2020 10:20:43 GMT
server: cloudflare
etag: W/"3ab23-5ad9cf066d3b4-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
expires: Sun, 19 Sep 2021 22:46:17 GMT
cache-control: max-age=31536000
cf-ray: 5d6190e93a493250-FRA
cf-bgj: minify

GET
H2 200 jquery.js Show response
www.toevolution.com/cache/1598264439/default/ 84 KB
29 KB 23ms
18ms Script
application/javascript 2606:4700:3032::681b:b760
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.toevolution.com/cache/1598264439/default/jquery.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b760 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e409106a09c4676b55611bc757f5fb2d3e5bd92be5eefbfd53038d0283ef5137

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 112452
cf-polished: origSize=85575
status: 200
cf-bgj: minify
cf-request-id: 0550d8e5c100003250f827e200000001
last-modified: Mon, 24 Aug 2020 10:20:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 5d6190e93a4a3250-FRA
expires: Sun, 19 Sep 2021 22:46:15 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 92 KB
33 KB 27ms
21ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52d1c3420d829e2cd909d5c4d36f3c26fe3a43d9d70920ba78baca75d5c1e4d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33414
x-xss-protection: 0
server: cafe
etag: 5970072361107094441
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 21 Sep 2020 06:00:28 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 126 KB
44 KB 27ms
22ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a074a6d2d17ecf7b60e756d6d8a0dd25c887218d8c5d57ed7a5d0542f4e696e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 44643
x-xss-protection: 0
server: cafe
etag: 868774179918436380
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 21 Sep 2020 06:00:28 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200915/r20190131/ 228 KB
86 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200915/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9fe52e7c5fda1ea70e92ebfc4c92e9019fe84fbb2bf04c7f640d3f542acbe9a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87806
x-xss-protection: 0
server: cafe
etag: 2647907595463875153
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Sep 2020 06:00:28 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200915/r20190131/ Frame 232F 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200915/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200915/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Mon, 21 Sep 2020 02:45:13 GMT
expires: Mon, 05 Oct 2020 02:45:13 GMT
content-type: text/html; charset=UTF-8
etag: 17942277541989656716
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4728
x-xss-protection: 0
age: 11715
cache-control: public, max-age=1209600
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Sep 2020 01:50:37 GMT
server: Golfe2
age: 5791
date: Mon, 21 Sep 2020 04:23:57 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Mon, 21 Sep 2020 06:23:57 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1602039890&utmhn=www.toevolution.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-96137069-1&cid=165041901.1600668028&jid=1311794159&_v=5.7.2&z=1602039890
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-96137069-1&cid=165041901.1600668028&jid=1311794159&_v=5.7.2&z=1602039890
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-96137069-1&cid=165041901.1600668028&jid=1311794159&_v=5.7.2&z=1602039890&slf_rd=1&random=1750965432

42 B
106 B

20ms
18ms

Image
image/gif

2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-96137069-1&cid=165041901.1600668028&jid=1311794159&_v=5.7.2&z=1602039890&slf_rd=1&random=1750965432

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Sep 2020 06:00:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Sep 2020 06:00:28 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-96137069-1&cid=165041901.1600668028&jid=1311794159&_v=5.7.2&z=1602039890&slf_rd=1&random=1750965432
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 14ms
14ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.toevolution.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200915/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 15ms
15ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.toevolution.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200915/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1FD0 0
0 112ms
112ms Document
text/html 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4945646916149991&output=html&h=90&slotname=2446759661&adk=1425101374&adf=3281605397&w=728&lmt=1600668028&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.toevolution.com%2Fblog%2Fview%2F894543%2Fthe-tax-collector-file-mp4hd720p-free-download&flash=0&wgl=1&dt=1600668028393&bpp=13&bdt=282&idt=71&shv=r20200915&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=3821924500744&frm=20&pv=2&ga_vid=165041901.1600668028&ga_sid=1600668028&ga_hid=952479877&ga_fc=1&iag=0&icsg=3121827&dssz=17&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1620&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44726949%2C21066467&oid=3&pvsid=2737732175429838&pem=296&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=sHDLiRRtdK&p=https%3A//www.toevolution.com&dtd=86

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200915/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4945646916149991&output=html&h=90&slotname=2446759661&adk=1425101374&adf=3281605397&w=728&lmt=1600668028&guci=1.2.0.0.2.2.0.0&url=https%3A%2F%2Fwww.toevolution.com%2Fblog%2Fview%2F894543%2Fthe-tax-collector-file-mp4hd720p-free-download&flash=0&wgl=1&dt=1600668028393&bpp=13&bdt=282&idt=71&shv=r20200915&cbv=r20190131&ptt=5&saldr=sa&abxe=1&correlator=3821924500744&frm=20&pv=2&ga_vid=165041901.1600668028&ga_sid=1600668028&ga_hid=952479877&ga_fc=1&iag=0&icsg=3121827&dssz=17&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=1620&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44726949%2C21066467&oid=3&pvsid=2737732175429838&pem=296&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=sHDLiRRtdK&p=https%3A//www.toevolution.com&dtd=86
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 21 Sep 2020 06:00:28 GMT
server: cafe
content-length: 204
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 21-Sep-2020 06:15:28 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Mon, 21 Sep 2020 06:00:28 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200915/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3aab305617162a2abd2300d0b9364f62cd3687d6fa5a8f8b854b76903d006b25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1600429198305210"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27591
x-xss-protection: 0
expires: Mon, 21 Sep 2020 06:00:28 GMT

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 0E72 0
0 55ms
55ms Document
text/html 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4945646916149991&output=html&adk=1812271804&adf=3025194257&lmt=1600668028&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.toevolution.com%2Fblog%2Fview%2F894543%2Fthe-tax-collector-file-mp4hd720p-free-download&ea=0&flash=0&pra=5&wgl=1&dt=1600668028414&bpp=3&bdt=304&idt=79&shv=r20200915&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=2446759661&nras=1&correlator=3821924500744&frm=20&pv=1&ga_vid=165041901.1600668028&ga_sid=1600668028&ga_hid=952479877&ga_fc=1&iag=0&icsg=46041743&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44726949%2C21066467&oid=3&pvsid=2737732175429838&pem=296&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=82

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200915/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4945646916149991&output=html&adk=1812271804&adf=3025194257&lmt=1600668028&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fwww.toevolution.com%2Fblog%2Fview%2F894543%2Fthe-tax-collector-file-mp4hd720p-free-download&ea=0&flash=0&pra=5&wgl=1&dt=1600668028414&bpp=3&bdt=304&idt=79&shv=r20200915&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_slotnames=2446759661&nras=1&correlator=3821924500744&frm=20&pv=1&ga_vid=165041901.1600668028&ga_sid=1600668028&ga_hid=952479877&ga_fc=1&iag=0&icsg=46041743&dssz=19&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44726949%2C21066467&oid=3&pvsid=2737732175429838&pem=296&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=82
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 21 Sep 2020 06:00:28 GMT
server: cafe
content-length: 1116
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 21-Sep-2020 06:15:28 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Mon, 21 Sep 2020 06:00:28 GMT
cache-control: private

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame C8A9 0
0 61ms
60ms Document
text/html 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4945646916149991&output=html&h=280&slotname=2446759661&adk=588137784&adf=1119259538&w=1200&fwrn=4&fwrnh=100&lmt=1600668028&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=https%3A%2F%2Fwww.toevolution.com%2Fblog%2Fview%2F894543%2Fthe-tax-collector-file-mp4hd720p-free-download&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1600668028417&bpp=2&bdt=307&idt=94&shv=r20200915&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=2446759661&nras=1&correlator=3821924500744&frm=20&pv=1&ga_vid=165041901.1600668028&ga_sid=1600668028&ga_hid=952479877&ga_fc=1&iag=0&icsg=184166975&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=176&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44726949%2C21066467&oid=3&pvsid=2737732175429838&pem=296&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Kaxaz6DxFw&p=https%3A//www.toevolution.com&dtd=96

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200915/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-4945646916149991&output=html&h=280&slotname=2446759661&adk=588137784&adf=1119259538&w=1200&fwrn=4&fwrnh=100&lmt=1600668028&rafmt=1&psa=0&guci=1.2.0.0.2.2.0.0&format=1200x280&url=https%3A%2F%2Fwww.toevolution.com%2Fblog%2Fview%2F894543%2Fthe-tax-collector-file-mp4hd720p-free-download&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1600668028417&bpp=2&bdt=307&idt=94&shv=r20200915&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&prev_slotnames=2446759661&nras=1&correlator=3821924500744&frm=20&pv=1&ga_vid=165041901.1600668028&ga_sid=1600668028&ga_hid=952479877&ga_fc=1&iag=0&icsg=184166975&dssz=20&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=176&ady=64&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530672%2C44726949%2C21066467&oid=3&pvsid=2737732175429838&pem=296&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Kaxaz6DxFw&p=https%3A//www.toevolution.com&dtd=96
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 21 Sep 2020 06:00:28 GMT
server: cafe
content-length: 205
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Mon, 21-Sep-2020 06:15:28 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Mon, 21 Sep 2020 06:00:28 GMT
cache-control: private

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 69ms
25ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: www.toevolution.com
URL: https://www.toevolution.com/cdn-cgi/apps/body/bwjx6cCf0UsBKHZNBirdHFm-6hs.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: "5ed917ff-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
status: 200
cache-control: public, max-age=600
date: Mon, 21 Sep 2020 06:00:28 GMT
x-host: s7.addthis.com
content-length: 116324

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 19ms
18ms XHR
application/json 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200915&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200915/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c42be3beec1f849c89cb21a1f7f90f0535aef4872c2e625e2d90e101aa3b2dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6459
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200915/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Mon, 21 Sep 2020 06:00:28 GMT

GET
H2 200 sprintf.js Show response
www.toevolution.com/cache/1598264439/default/ 4 KB
2 KB 20ms
17ms Script
application/javascript 2606:4700:3032::681b:b760
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.toevolution.com/cache/1598264439/default/sprintf.js

Requested by

Host: www.toevolution.com
URL: https://www.toevolution.com/cache/1598264439/default/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b760 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c4e37a0c21d62f398e74f51bb43925243989ce999112e5b05432a4ed0f69cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 112446
status: 200
cf-bgj: minify
cf-request-id: 0550d8e69200003250f8289200000001
last-modified: Mon, 24 Aug 2020 10:20:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 5d6190ea8cfe3250-FRA
expires: Sun, 19 Sep 2021 22:46:22 GMT

GET
H2 200 en.js Show response
www.toevolution.com/cache/1598264439/default/languages/ 290 KB
68 KB 27ms
24ms Script
application/javascript 2606:4700:3032::681b:b760
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.toevolution.com/cache/1598264439/default/languages/en.js

Requested by

Host: www.toevolution.com
URL: https://www.toevolution.com/cache/1598264439/default/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b760 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

16d3f39ae414acb8a973d916ca14ec27860cc8ec127a0cd017348c8319e53c10

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2589
status: 200
cf-bgj: minify
cf-request-id: 0550d8e69300003250f828a200000001
last-modified: Mon, 24 Aug 2020 10:20:46 GMT
server: cloudflare
etag: W/"48886-5ad9cf09c530e-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 5d6190ea8cff3250-FRA
expires: Tue, 21 Sep 2021 05:17:18 GMT

GET
H2 200 weakmap-polyfill.js Show response
www.toevolution.com/cache/1598264439/default/ 2 KB
801 B 17ms
15ms Script
application/javascript 2606:4700:3032::681b:b760
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.toevolution.com/cache/1598264439/default/weakmap-polyfill.js

Requested by

Host: www.toevolution.com
URL: https://www.toevolution.com/cache/1598264439/default/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b760 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a5b6c32b9e157832ccd8b0a0c95d9c70a4d02b8b43f61b1882e61276c17ca76

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 112446
cf-polished: origSize=1821
status: 200
cf-bgj: minify
cf-request-id: 0550d8e69400003250f828b200000001
last-modified: Mon, 24 Aug 2020 10:20:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 5d6190ea8d013250-FRA
expires: Sun, 19 Sep 2021 22:46:22 GMT

GET
H2 200 formdata-polyfill.js Show response
www.toevolution.com/cache/1598264439/default/ 7 KB
3 KB 37ms
35ms Script
application/javascript 2606:4700:3032::681b:b760
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.toevolution.com/cache/1598264439/default/formdata-polyfill.js

Requested by

Host: www.toevolution.com
URL: https://www.toevolution.com/cache/1598264439/default/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b760 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d838d6c6cffaf96d42b74392c1c8e1e8b5334b4ad764a3d8a0c2c6b09c82bdc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 112446
status: 200
cf-bgj: minify
cf-request-id: 0550d8e69400003250f828c200000001
last-modified: Mon, 24 Aug 2020 10:20:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 5d6190ea8d033250-FRA
expires: Sun, 19 Sep 2021 22:46:22 GMT

GET
H2 200 init.js Show response
www.toevolution.com/cache/1598264439/default/elgg/ 370 B
287 B 15ms
13ms Script
application/javascript 2606:4700:3032::681b:b760
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.toevolution.com/cache/1598264439/default/elgg/init.js

Requested by

Host: www.toevolution.com
URL: https://www.toevolution.com/cache/1598264439/default/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b760 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

487f18206030d1fbebf98ac1c361a551c8827a706e7078d97de0a33c3d73cc66

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 112446
status: 200
cf-bgj: minify
cf-request-id: 0550d8e69400003250f828d200000001
last-modified: Mon, 24 Aug 2020 10:20:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 5d6190ea8d043250-FRA
expires: Sun, 19 Sep 2021 22:46:22 GMT

GET
H2 200 ready.js Show response
www.toevolution.com/cache/1598264439/default/elgg/ 123 B
220 B 13ms
11ms Script
application/javascript 2606:4700:3032::681b:b760
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.toevolution.com/cache/1598264439/default/elgg/ready.js

Requested by

Host: www.toevolution.com
URL: https://www.toevolution.com/cache/1598264439/default/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b760 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cade73fe6c2d2b825e9e3be5136669c17f850775871a1c4a1079c45f385de5df

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 112446
status: 200
cf-bgj: minify
cf-request-id: 0550d8e69400003250f828e200000001
last-modified: Mon, 24 Aug 2020 10:20:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 5d6190ea8d063250-FRA
expires: Sun, 19 Sep 2021 22:46:22 GMT

GET
H2 200 lightbox.js Show response
www.toevolution.com/cache/1598264439/default/elgg/ 2 KB
764 B 15ms
13ms Script
application/javascript 2606:4700:3032::681b:b760
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.toevolution.com/cache/1598264439/default/elgg/lightbox.js

Requested by

Host: www.toevolution.com
URL: https://www.toevolution.com/cache/1598264439/default/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b760 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

428c9a893b8fd4c0b18cf78bc6204f842835539174d4e843b56298066546f32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 112446
status: 200
cf-bgj: minify
cf-request-id: 0550d8e69400003250f828f200000001
last-modified: Mon, 24 Aug 2020 10:20:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 5d6190ea8d093250-FRA
expires: Sun, 19 Sep 2021 22:46:22 GMT

GET
H2 200 market.js Show response
www.toevolution.com/cache/1598264439/default/ 1 KB
629 B 13ms
12ms Script
application/javascript 2606:4700:3032::681b:b760
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.toevolution.com/cache/1598264439/default/market.js

Requested by

Host: www.toevolution.com
URL: https://www.toevolution.com/cache/1598264439/default/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b760 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e7d88eb88626835edd1bcae97cf09ac8e78c1bd3509a0c7ecb6dcb39f3c1ede

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 112446
status: 200
cf-bgj: minify
cf-request-id: 0550d8e69500003250f8290200000001
last-modified: Mon, 24 Aug 2020 10:20:46 GMT
server: cloudflare
etag: W/"54b-5ad9cf0997c7d-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 5d6190ea8d0a3250-FRA
expires: Sun, 19 Sep 2021 22:46:22 GMT

GET
H2 200 topbar.js Show response
www.toevolution.com/cache/1598264439/default/page/elements/ 175 B
195 B 15ms
14ms Script
application/javascript 2606:4700:3032::681b:b760
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.toevolution.com/cache/1598264439/default/page/elements/topbar.js

Requested by

Host: www.toevolution.com
URL: https://www.toevolution.com/cache/1598264439/default/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b760 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

806aea0abbb66e2e857bd512c9dc033bb96044b1c5f411f7e043306d5b097fe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 112446
status: 200
cf-bgj: minify
cf-request-id: 0550d8e69500003250f8291200000001
last-modified: Mon, 24 Aug 2020 10:20:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 5d6190ea8d0b3250-FRA
expires: Sun, 19 Sep 2021 22:46:22 GMT

GET
H2 200 form.js Show response
www.toevolution.com/cache/1598264439/default/input/ 1014 B
507 B 13ms
13ms Script
application/javascript 2606:4700:3032::681b:b760
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.toevolution.com/cache/1598264439/default/input/form.js

Requested by

Host: www.toevolution.com
URL: https://www.toevolution.com/cache/1598264439/default/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b760 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

879032f731358a9c8c7ca662e459f7feebd860a8f6d84f9de5602718e437514b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 112446
status: 200
cf-bgj: minify
cf-request-id: 0550d8e69500003250f8292200000001
last-modified: Mon, 24 Aug 2020 10:20:46 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 5d6190ea8d0c3250-FRA
expires: Sun, 19 Sep 2021 22:46:22 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 5E2F 0
0 8ms
5ms Document
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Sun, 20 Sep 2020 23:24:27 GMT
expires: Mon, 20 Sep 2021 23:24:27 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 23761
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Plugin.js Show response
www.toevolution.com/cache/1598264439/default/elgg/ 145 B
207 B 12ms
10ms Script
application/javascript 2606:4700:3032::681b:b760
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.toevolution.com/cache/1598264439/default/elgg/Plugin.js

Requested by

Host: www.toevolution.com
URL: https://www.toevolution.com/cache/1598264439/default/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b760 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

354a5e66fb8d1f10c8a72c071eaa8407ca52e9e897d4c1e5a31207f2f8d4393d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2589
status: 200
cf-bgj: minify
cf-request-id: 0550d8e6ac00003250f8293200000001
last-modified: Mon, 24 Aug 2020 10:20:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 5d6190eaad593250-FRA
expires: Tue, 21 Sep 2021 05:17:18 GMT

GET
H2 200 Ajax.js Show response
www.toevolution.com/cache/1598264439/default/elgg/ 5 KB
2 KB 16ms
11ms Script
application/javascript 2606:4700:3032::681b:b760
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.toevolution.com/cache/1598264439/default/elgg/Ajax.js

Requested by

Host: www.toevolution.com
URL: https://www.toevolution.com/cache/1598264439/default/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b760 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24732b4780e3ef2c85c31a07f63dd1d7af99ce4c6b91cd8a2e4869a8b9ab04b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 112444
status: 200
cf-bgj: minify
cf-request-id: 0550d8e6b300003250f8294200000001
last-modified: Mon, 24 Aug 2020 10:20:47 GMT
server: cloudflare
etag: W/"1558-5ad9cf0a77a88-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 5d6190eabd663250-FRA
expires: Sun, 19 Sep 2021 22:46:24 GMT

GET
H2 200 jquery.colorbox.js Show response
www.toevolution.com/cache/1598264439/default/ 12 KB
4 KB 18ms
13ms Script
application/javascript 2606:4700:3032::681b:b760
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.toevolution.com/cache/1598264439/default/jquery.colorbox.js

Requested by

Host: www.toevolution.com
URL: https://www.toevolution.com/cache/1598264439/default/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b760 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fe52d6649db2823d53160a37fe738693a7af742e5c0dc2adb91bb47aedea633d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 112444
cf-polished: origSize=11960
status: 200
cf-request-id: 0550d8e6b300003250f8295200000001
last-modified: Mon, 24 Aug 2020 10:20:47 GMT
server: cloudflare
etag: W/"2eb8-5ad9cf0a7b138-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
expires: Sun, 19 Sep 2021 22:46:24 GMT
cache-control: max-age=31536000
cf-ray: 5d6190eabd683250-FRA
cf-bgj: minify

GET
H/1.1 200
OK gid.js Show response
my.rtmark.net/ 65 B
777 B 61ms
15ms XHR
application/json 139.45.195.41
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://my.rtmark.net/gid.js

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3447639

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.41 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

549d13c667ed6434a5e6abc07448cfa6646424148b22ec4ed01988376f5029a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 21 Sep 2020 06:00:28 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.toevolution.com
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length: 65

GET
H2 200 spinner.js Show response
www.toevolution.com/cache/1598264439/default/elgg/ 754 B
571 B 12ms
12ms Script
application/javascript 2606:4700:3032::681b:b760
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.toevolution.com/cache/1598264439/default/elgg/spinner.js

Requested by

Host: www.toevolution.com
URL: https://www.toevolution.com/cache/1598264439/default/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b760 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17d3c3d8c6dc0e75d98a64a86d6abfe77cc3b3fd5eb4be9a94f83b8e6887b77d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 112443
status: 200
cf-bgj: minify
cf-request-id: 0550d8e6eb00003250f8299200000001
last-modified: Mon, 24 Aug 2020 10:20:48 GMT
server: cloudflare
etag: W/"2f2-5ad9cf0b46722-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 5d6190eb1e1a3250-FRA
expires: Sun, 19 Sep 2021 22:46:25 GMT

GET
H2 200 item_toggle.js Show response
www.toevolution.com/cache/1598264439/default/navigation/menu/elements/ 866 B
433 B 21ms
21ms Script
application/javascript 2606:4700:3032::681b:b760
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.toevolution.com/cache/1598264439/default/navigation/menu/elements/item_toggle.js

Requested by

Host: www.toevolution.com
URL: https://www.toevolution.com/cache/1598264439/default/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3032::681b:b760 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34517772bfc09ec838fdbbaee2a567363988b84673871d09b484a8e0eeffd3f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 112444
status: 200
cf-bgj: minify
cf-request-id: 0550d8e6f000003250f829a200000001
last-modified: Mon, 24 Aug 2020 10:20:48 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 5d6190eb1e2f3250-FRA
expires: Sun, 19 Sep 2021 22:46:24 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 65ms
22ms Script
application/x-javascript 23.210.250.213
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.250.213 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-213.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:28 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: DD7864003C5CA047
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
status: 200
cache-control: max-age=24355
accept-ranges: bytes
content-length: 948
x-amz-id-2: QZsv8He4gCAWkZyfO692XnPUzTy0s9bUu/LN+U2M09eNsTLXpPT9nNZ8h6o4U/DJ/GnpJJB2B54=

GET
H/1.1 200
OK 3447639 Show response
inpagepush.com/500/ 2 KB
2 KB 206ms
205ms XHR
application/javascript 139.45.197.193
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3447639?excludes=&oaid=7e9895e89b38415da6292e2cad1a33c4&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=7&pl=https%3A%2F%2Fwww.toevolution.com%2Fblog%2Fview%2F894543%2Fthe-tax-collector-file-mp4hd720p-free-download&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3447639

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.197.193 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

08a5d202019ed36343e7226e644298e26f26671cb3dfde6f477284e7bcd62419

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 21 Sep 2020 06:00:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 03b0be7de30285fd152ff4cf5ebff204
Pragma: no-cache
Server: nginx
Vary: Origin
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.toevolution.com
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H/1.1 200
OK 3447639
inpagepush.com/500/ Frame 0
0 64ms
20ms Other 139.45.197.193
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Server

139.45.197.193 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.toevolution.com
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 21 Sep 2020 06:00:28 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://www.toevolution.com
Access-Control-Max-Age: 300
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 165ms
163ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=5f68417c84aac623&bkl=0&bl=1&pdt=1294&sid=5f68417c84aac623&pub=&rev=v8.28.7-wp&ln=en&pc=men&cb=0&ab=-&dp=www.toevolution.com&fp=blog%2Fview%2F894543%2Fthe-tax-collector-file-mp4hd720p-free-download&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1600668028698&addthis_plugin_info=%7B%22info_status%22%3A%22enabled%22%2C%22cms_name%22%3A%22CloudFlare%22%2C%22plugin_name%22%3A%22addthis-cloudflare-plugin%22%2C%22plugin_version%22%3A%221.0.0%22%2C%22plugin_mode%22%3A%22CloudFlare%22%7D&jsl=33&uvs=5f68417c5928052c000&skipb=1&callback=addthis.cbs.jsonp__62928208989923930
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4097696c6f5216c222aa5d230de18b7137d51b5e12a2d5a8385cc766975f1047

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Mon, 21 Sep 2020 06:00:28 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame CE19 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 0A4F 0
0 26ms
26ms Document
text/html 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

:method: GET
:authority: s7.addthis.com
:scheme: https
:path: /static/sh.f48a1a04fe8dbf021b4cda1d.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download

Response headers

status: 200
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 09 Sep 2019 15:34:57 GMT
etag: W/"5d767121-1115f"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 25412
date: Mon, 21 Sep 2020 06:00:28 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 layers.33f5b85045a5f2308467.js Show response
s7.addthis.com/static/ 263 KB
76 KB 23ms
23ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.33f5b85045a5f2308467.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

137e41c449677deb7c8da3afde63fc781b095bb028f78b789be44192e8e3f4be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Thu, 04 Jun 2020 15:49:19 GMT
server: nginx/1.15.8
etag: W/"5ed917ff-41b9f"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Mon, 21 Sep 2020 06:00:28 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77540

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
22 B 15ms
14ms Image
image/gif 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200915&jk=2737732175429838&bg=!BgWlBR1YyHe7cdilKWcCAAAARlIAAAAaCgHofpvAi9rMDDMhk0EiFfuDjw0JJQNzkfMcMda-cVIrOSnP-JS10WFNqJnWKG2Il0s8W1aoLpjumOOVmPYIaJtJwGSkiF_bbi3xT7UV-iVXDoxe3ZaREEs1KZHbVfHJhoDFE3kKfyUgte_KLSPjJeIYw2nt8ld_Rh5U9rxj4NCj4tSC8jtG4ioUTF3Vyy0zqovcxLy8ZTJU5J_RW9v5tAQ5qUIh1cvW0CwtGjp3acvo4Y1umn9N8tT7hEjhogT3jT-OqISg6e4anKr9ihU3n8TXOjSAldqzM0uzlxoizKQo5ixN_mp-lG0Cwxc-roGLUknWzUFXw4CjATzqaerm3XfEpnnN3bQkcpwsYnPGX0jU7d602KESp0rS-nfaRTr10VMEFlsf6IT9dLhChZ2V5_CNpsgjeu5xQBUBnR5iuuxKlbKO_HyVl3icw3cZOYGYLU0ImrvdGVigxKNVvVS79zRJrnwuvc4kQZ0R34HJLH3QsvXm8dMMFUx1dt3Ek0v6RY5kUmOTjaGQeShKlE5P6wsyzj2geDp3vDHnqhBAJphyavq3BRL60wMRXFVnAXDROzrI8G5mjXl6FSh55h5WmYZ4zdMXkBqj7e-ksDnadNKJl_7Qg0LXd42XKUmDx52Y7rBpttUuFTmEAQOZAayH-AxBReve79mV8zFghfU_q67mua7l-0IHMzbQfVD6cPEIhq2OATOKTg5BDUqWsa4Jj9UilojTD4ttPq6eoQw4Tm0A9LnFhuJi3cu4zAMT9wcZacM5X66nLkTz3nRjmJh1W3ESxd_7zkUfXWdNBqrFZ0pQYVqPeR0AiN1v2CKs9zjXKQfoO1dlW_9sg9bOru848dccxlqaeJz1sA-CCAgg-ePQRmKU72ZiCgngeK7Bh_OFvxluGuQlRhlp-DYyHsd036VWD9Lyvw8IRdYrXSb76bjdDMIbF7qzFry2WxRhKwCp-HumJ57fgN42ycuWENn76f4P20IUulbkDNiDqKWvLYRXH8Ci7fkm0TUxOmOfjDTP8wKhsmof2QqUrMzwHY1VSxwyNJmJ3pns_EuoBF7vtwLrMMW59x4y-paUlOGEbTnziNDsAP31mkO4h_H3yUnqmgPINYsxajTKJ21EXrg8K6jTxHd7FBjOMKp0MODmIiZSOfvWTDQ-GSESEKxzHHr2kTfW-WX38DSr__x2LDpkkZMdzcPjOb0R0J_av63EmVb4ZmoWIWNywjtdeg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Sep 2020 06:00:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 14.2dfb61b890959f78272d.js Show response
s7.addthis.com/static/ 397 B
544 B 24ms
24ms Script
application/javascript 23.210.248.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/14.2dfb61b890959f78272d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.210.248.44 , Netherlands, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-210-248-44.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6070049215ef9b98d1b389d67963816172ff29513d34335c5061cd9619a3ea17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 21 Jan 2020 20:57:37 GMT
server: nginx/1.15.8
etag: W/"5e2765c1-18d"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86313600
date: Mon, 21 Sep 2020 06:00:28 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 304

GET
DATA 200
OK truncated
/ 443 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc%2A.webp
s-img.mgid.com/g/6288128/328x328/0x155x900x600/
Redirect Chain

https://c.mgid.com/c?pv=2&v=0|0|0|ia6vp3Ovn4RuIj9O-TncKyEmrnDcXNoIp4D-3A2UspGaSHdZ9UF7oTYgfM6dhSKc&cid=218581&f=1&h2=rl8QvEJ67l_13_oANqpxM_N-fy5S3o8nVYjDcujLCRw*&rid=z3447639zb5295256bcNLcp2ph20200...
https://s-img.mgid.com/g/6288128/328x328/0x155x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc%2A.webp

6 KB
6 KB

29ms
28ms

Image
image/webp

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/6288128/328x328/0x155x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc%2A.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a7e90c25a8323b961edcf62a9f3d3f12f9f5fe4b8e8edb6f5a20ceb5ee8d19f

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:29 GMT
cf-cache-status: HIT
x-mg-request-uuid: 44d4c394-7a25-40bc-8f39-679aff7f1429
age: 6354310
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5688
cf-request-id: 0550d8e8dd00009bcde50f8200000001
last-modified: Thu, 09 Jul 2020 16:55:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5d6190ee2ca79bcd-AMS

Redirect headers

pragma: no-cache
date: Mon, 21 Sep 2020 06:00:29 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: a3fbd965-188a-49be-8069-86f38691bea4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 301
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://s-img.mgid.com/g/6288128/328x328/0x155x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc%2A.webp
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d6190ed4c739bcd-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0550d8e84f00009bcde50f4200000001
server: cloudflare

GET
H/1.1 200
OK 9ox8uowg7OBBfKYXoDRA3-JTM1I1AKhqLG96S30bjU8c0jVmj6mAL33f3UuS1mF5im9XTJ-GJ8vHrzKsQ3qUx_TnkF3Lzm_VFR2tJXBubsH6bCo4v0g1d7SZJOTmF-vYLH46-J9vr9Bfd31BFebFRDWKePV7MTltHfJLv4qxAQ-pevsBjAUpKpYPAMDNdjr3Oc7i9...
onstunkyr.com/impression/ 43 B
482 B 62ms
16ms Image
image/gif 139.45.195.176
RETN-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onstunkyr.com/impression/9ox8uowg7OBBfKYXoDRA3-JTM1I1AKhqLG96S30bjU8c0jVmj6mAL33f3UuS1mF5im9XTJ-GJ8vHrzKsQ3qUx_TnkF3Lzm_VFR2tJXBubsH6bCo4v0g1d7SZJOTmF-vYLH46-J9vr9Bfd31BFebFRDWKePV7MTltHfJLv4qxAQ-pevsBjAUpKpYPAMDNdjr3Oc7i9cVU0528TRACOuFDYikhpRkB7SuKMqoX0cqsqpZf95sR4HqyoZUock7BudZUDhzQrUKA99NRHEhe?z=3447639&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=6&pl=https%3A%2F%2Fwww.toevolution.com%2Fblog%2Fview%2F894543%2Fthe-tax-collector-file-mp4hd720p-free-download&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.195.176 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Trace-Id: a73bbd7da4d381cc668eddea448e8fc3
Pragma: no-cache
Date: Mon, 21 Sep 2020 06:00:38 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Content-Type: image/gif
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Connection: keep-alive
Timing-Allow-Origin: *
Vary: Origin
Content-Length: 43
Expires: Wed, 31 Dec 1969 19:00:00 EST

GET
H2

200

aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc%2A.webp
s-img.mgid.com/g/6288128/328x328/0x155x900x600/ Frame 379A
Redirect Chain

https://c.mgid.com/c?pv=2&v=0|0|0|ia6vp3Ovn4RuIj9O-TncKyEmrnDcXNoIp4D-3A2UspGaSHdZ9UF7oTYgfM6dhSKc&cid=218581&f=1&h2=rl8QvEJ67l_13_oANqpxM_N-fy5S3o8nVYjDcujLCRw*&rid=z3447639zb5295256bcNLcp2ph20200...
https://s-img.mgid.com/g/6288128/328x328/0x155x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc%2A.webp

6 KB
6 KB

24ms
23ms

Image
image/webp

104.19.136.78
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/6288128/328x328/0x155x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc%2A.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.136.78 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a7e90c25a8323b961edcf62a9f3d3f12f9f5fe4b8e8edb6f5a20ceb5ee8d19f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:38 GMT
cf-cache-status: HIT
x-mg-request-uuid: 44d4c394-7a25-40bc-8f39-679aff7f1429
age: 6354319
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5688
cf-request-id: 0550d90da700009bcde5175200000001
last-modified: Thu, 09 Jul 2020 16:55:06 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 5d6191290d5f9bcd-AMS

Redirect headers

pragma: no-cache
date: Mon, 21 Sep 2020 06:00:38 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 9c9d3672-a78c-4c9d-b18c-c10150fee270
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 301
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://s-img.mgid.com/g/6288128/328x328/0x155x900x600/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDYvMTAxOTI0LzgxYjIxNTM4ZDc4NDFmODJmZjAzNGMxYzFhNmMzYTEzLmpwZWc%2A.webp
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d6191282d149bcd-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0550d90d1a00009bcde5173200000001
server: cloudflare

GET
H/1.1 200
OK 3447639 Show response
inpagepush.com/500/ 2 KB
2 KB 141ms
113ms XHR
application/javascript 139.45.197.193
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://inpagepush.com/500/3447639?excludes=5295256&oaid=7e9895e89b38415da6292e2cad1a33c4&fs=0&cf=0&sw=1600&sh=1200&sah=1200&wx=0&wy=0&ww=1600&wh=1200&cw=1600&wiw=1600&wih=1200&wfc=7&pl=https%3A%2F%2Fwww.toevolution.com%2Fblog%2Fview%2F894543%2Fthe-tax-collector-file-mp4hd720p-free-download&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false

Requested by

Host: inpagepush.com
URL: https://inpagepush.com/400/3447639

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

139.45.197.193 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

7041e393d6190c155b22922b652a689f4422af9f3f115d801c21a757d2a2f586

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 21 Sep 2020 06:00:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace-Id: 22e7df54cf2d270607df3c00dbfa857c
Pragma: no-cache
Server: nginx
Vary: Origin
Strict-Transport-Security: max-age=1
Content-Type: application/javascript
Access-Control-Allow-Origin: https://www.toevolution.com
Access-Control-Expose-Headers: Link
Cache-Control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Expires: Wed, 31 Dec 1969 19:00:00 EST

OPTIONS
H/1.1 200
OK 3447639
inpagepush.com/500/ Frame 0
0 43ms
15ms Other 139.45.197.193
RETN-AS

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Server

139.45.197.193 , Ascension Island, ASN9002 (RETN-AS, EU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.toevolution.com
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Mon, 21 Sep 2020 06:00:38 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: https://www.toevolution.com
Access-Control-Max-Age: 300
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
Strict-Transport-Security: max-age=1
X-Content-Type-Options: nosniff
Timing-Allow-Origin: *

GET
H2

200

aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U4NTBkYzhlMjk2ZWUxMmUxNDlmMzYxOWI1YjJhOTJkLmpwZWc%2A.webp
s-img.steepto.com/g/5097659/328x328/82x0x535x356/
Redirect Chain

https://c.mgid.com/c?pv=2&v=0|0|0|luVX0r5tpmPzOMbbBh2Xc2CDeS3DuxXzKWxc2k6U09_Zsoyoyf6Rhah-kOvr9IHY&cid=949756&f=1&h2=rl8QvEJ67l_13_oANqpxM_N-fy5S3o8nVYjDcujLCRw*&rid=z3447639zb6445615bcNLcp2ph20200...
https://s-img.steepto.com/g/5097659/328x328/82x0x535x356/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U4NTBkYzhlMjk2ZWUxMmUxNDlmMzYxOWI1YjJhOTJkLmpwZWc%2A.webp

27 KB
27 KB

56ms
22ms

Image
image/webp

104.19.137.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.steepto.com/g/5097659/328x328/82x0x535x356/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U4NTBkYzhlMjk2ZWUxMmUxNDlmMzYxOWI1YjJhOTJkLmpwZWc%2A.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.137.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fdc7dfc05e1293f9c6d28dc5860668cb8da89961a622794cd1a38f5c4355063

Request headers

Referer: https://www.toevolution.com/blog/view/894543/the-tax-collector-file-mp4hd720p-free-download
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 21 Sep 2020 06:00:38 GMT
cf-cache-status: HIT
x-mg-request-uuid: c54052d9-9c03-4a44-a30b-27148bf65c94
age: 2945593
status: 200
content-length: 27280
cf-request-id: 0550d90f3c0000c765f0238200000001
last-modified: Tue, 18 Aug 2020 03:47:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5d61912b9853c765-AMS
expires: Tue, 21 Sep 2021 06:00:38 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Sep 2020 06:00:38 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 848aa4ad-c518-4267-a23b-9eb888772264
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 301
p3p: CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
location: https://s-img.steepto.com/g/5097659/328x328/82x0x535x356/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjAtMDEvMTAxOTI0L2U4NTBkYzhlMjk2ZWUxMmUxNDlmMzYxOWI1YjJhOTJkLmpwZWc%2A.webp
cache-control: max-age=0, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 5d61912a7db29bcd-AMS
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0550d90e8e00009bcde5177200000001
server: cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

222 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.toevolution.com/	1969-12-31 23:59:59	Name: Elgg Value: fffa1d32a22a5ff1b45bda6a74811a0d
			.toevolution.com/	1970-01-19 13:21:00	Name: __cfduid Value: dff2b7e37b0e16240ad397d6042b2716e1600668027

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.cloudflare.com
c.mgid.com
googleads.g.doubleclick.net
inpagepush.com
m.addthis.com
my.rtmark.net
onstunkyr.com
pagead2.googlesyndication.com
s-img.mgid.com
s-img.steepto.com
s7.addthis.com
ssl.google-analytics.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.google.de
www.googletagservices.com
www.toevolution.com
z.moatads.com
s7.addthis.com
104.19.136.78
104.19.137.80
139.45.195.176
139.45.195.41
139.45.197.193
23.210.248.44
23.210.250.213
2606:4700:3032::681b:b760
2606:4700::6810:a723
2a00:1450:4001:801::2002
2a00:1450:4001:806::2008
2a00:1450:4001:817::2001
2a00:1450:4001:818::2003
2a00:1450:4001:819::2004
2a00:1450:4001:81f::2002
2a00:1450:400c:c07::9a
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
08a5d202019ed36343e7226e644298e26f26671cb3dfde6f477284e7bcd62419
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
137e41c449677deb7c8da3afde63fc781b095bb028f78b789be44192e8e3f4be
16d3f39ae414acb8a973d916ca14ec27860cc8ec127a0cd017348c8319e53c10
17d3c3d8c6dc0e75d98a64a86d6abfe77cc3b3fd5eb4be9a94f83b8e6887b77d
24732b4780e3ef2c85c31a07f63dd1d7af99ce4c6b91cd8a2e4869a8b9ab04b0
2a074a6d2d17ecf7b60e756d6d8a0dd25c887218d8c5d57ed7a5d0542f4e696e
2a5b6c32b9e157832ccd8b0a0c95d9c70a4d02b8b43f61b1882e61276c17ca76
2e7d88eb88626835edd1bcae97cf09ac8e78c1bd3509a0c7ecb6dcb39f3c1ede
34517772bfc09ec838fdbbaee2a567363988b84673871d09b484a8e0eeffd3f6
354a5e66fb8d1f10c8a72c071eaa8407ca52e9e897d4c1e5a31207f2f8d4393d
3aab305617162a2abd2300d0b9364f62cd3687d6fa5a8f8b854b76903d006b25
4097696c6f5216c222aa5d230de18b7137d51b5e12a2d5a8385cc766975f1047
428c9a893b8fd4c0b18cf78bc6204f842835539174d4e843b56298066546f32f
436e0b6820ff2b48aa3a555c336ae543e19cb4a23f5e35f47d00b1e535f837b7
44c895dc3c84cd73fbfed9ef0b67286949bd1017fd7d6313a28eb830fa1eb099
487f18206030d1fbebf98ac1c361a551c8827a706e7078d97de0a33c3d73cc66
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fdc7dfc05e1293f9c6d28dc5860668cb8da89961a622794cd1a38f5c4355063
50a9e58c1e58d1e1a666f74052eca0d9feb7404e7f05e36ab58d0ea9b78ec758
52d1c3420d829e2cd909d5c4d36f3c26fe3a43d9d70920ba78baca75d5c1e4d3
549d13c667ed6434a5e6abc07448cfa6646424148b22ec4ed01988376f5029a1
5876d235b697479a9e5f476a33115aea1ddc21fd4b4740dd7180398c6224fdba
592f8ca99da1b18a1fedda39a386fbada9e215a375cb81891af4ed876d1e06a6
6070049215ef9b98d1b389d67963816172ff29513d34335c5061cd9619a3ea17
6c4e37a0c21d62f398e74f51bb43925243989ce999112e5b05432a4ed0f69cbf
7041e393d6190c155b22922b652a689f4422af9f3f115d801c21a757d2a2f586
76e9596b8fbec17a2294b75548dd87ecc93b69a758ccca1f54fa582e15c7403e
806aea0abbb66e2e857bd512c9dc033bb96044b1c5f411f7e043306d5b097fe2
879032f731358a9c8c7ca662e459f7feebd860a8f6d84f9de5602718e437514b
880793ff9e5f6fb59993dc15c94475e1229b796b99a0d570212cb942f64b76a3
90dcd7cb81669cab02e1b699c1701811ec3d3c34aed9a73ca17ed526def5b9e3
9685cb71997926787800eb8cc0b13873e0f39eb2a5e00a4005054480000dc27f
9a7e90c25a8323b961edcf62a9f3d3f12f9f5fe4b8e8edb6f5a20ceb5ee8d19f
9fe52e7c5fda1ea70e92ebfc4c92e9019fe84fbb2bf04c7f640d3f542acbe9a7
adacf017b2895aaebcec95a9c0de31e8cde2044f6a0850940402befa0ed37459
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
bfea2a8babd0fefc3646dd29df843cc33ffcaf5ee70d4549243945d7bb5e8aaf
c42be3beec1f849c89cb21a1f7f90f0535aef4872c2e625e2d90e101aa3b2dfb
cade73fe6c2d2b825e9e3be5136669c17f850775871a1c4a1079c45f385de5df
d3cd8da1536efff04b27cabbc9c8c630c3722620010553382f5b1fbc3e773250
d838d6c6cffaf96d42b74392c1c8e1e8b5334b4ad764a3d8a0c2c6b09c82bdc4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e409106a09c4676b55611bc757f5fb2d3e5bd92be5eefbfd53038d0283ef5137
eb12a261a24e54883613710a4c12f4d9205f634ca1a29d1df07f90105a93e746
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fe52d6649db2823d53160a37fe738693a7af742e5c0dc2adb91bb47aedea633d

www.toevolution.com Open in urlscan Pro 2606:4700:3032::681b:b760 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

61 Requests

98 %HTTPS

56 %IPv6

15 Domains

21 Subdomains

15 IPs

5 Countries

787 kBTransfer

2293 kBSize

2 Cookies

1 Outgoing links

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.toevolution.com Open in urlscan Pro
2606:4700:3032::681b:b760 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

98 %
HTTPS

56 %
IPv6

15
Domains

21
Subdomains

15
IPs

5
Countries

787 kB
Transfer

2293 kB
Size

2
Cookies

61 HTTP transactions
1 data transactions