urlscan.io logo urlscan.io
SecurityTrails logo

www.partnertaxhub.com Open in urlscan Pro
107.154.80.177  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://partnertaxhub.com/
Effective URL: https://www.partnertaxhub.com/
Submission: On April 12 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 14 HTTP transactions. The main IP is 107.154.80.177, located in United States and belongs to INCAPSULA, US. The main domain is www.partnertaxhub.com. The Cisco Umbrella rank of the primary domain is 507367.
TLS certificate: Issued by Entrust Certification Authority - L1M on March 19th 2024. Valid for: a year.
This is the only time www.partnertaxhub.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 45.60.100.177 19551 (INCAPSULA)
11 107.154.80.177 19551 (INCAPSULA)
1 2620:1ec:bdf::45 8075 (MICROSOFT...)
2 20.50.88.234 8075 (MICROSOFT...)
14 3
Apex Domain
Subdomains		 Transfer
12 partnertaxhub.com
partnertaxhub.com — Cisco Umbrella Rank: 505093
www.partnertaxhub.com — Cisco Umbrella Rank: 507367
3 MB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 728
200 B
1 azure.com
js.monitor.azure.com — Cisco Umbrella Rank: 670
57 KB
14 3
Domain Requested by
11 www.partnertaxhub.com www.partnertaxhub.com
2 dc.services.visualstudio.com js.monitor.azure.com
1 js.monitor.azure.com www.partnertaxhub.com
1 partnertaxhub.com 1 redirects
14 4

This site contains no links.

Subject Issuer Validity Valid
partnertaxhub.com
Entrust Certification Authority - L1M		 2024-03-19 -
2025-04-16		 a year crt.sh
js.monitor.azure.com
Microsoft Azure RSA TLS Issuing CA 07		 2024-03-18 -
2025-03-13		 a year crt.sh
prod.ai.ingestion.msftcloudes.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-04-10 -
2025-04-05		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.partnertaxhub.com/
Frame ID: 968679FAC7CF6005DF855050F214C511
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home Page Partner Hub

Page URL History Show full URLs

  1. http://partnertaxhub.com/ HTTP 307
    https://partnertaxhub.com/ HTTP 301
    https://www.partnertaxhub.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource

Page Statistics

14
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

3
IPs

2
Countries

2815 kB
Transfer

8321 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://partnertaxhub.com/ HTTP 307
    https://partnertaxhub.com/ HTTP 301
    https://www.partnertaxhub.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.partnertaxhub.com/
Redirect Chain
  • http://partnertaxhub.com/
  • https://partnertaxhub.com/
  • https://www.partnertaxhub.com/
11 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.partnertaxhub.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.177 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.177.ip.incapdns.net
Software
/
Resource Hash
713a64311b00051d6caebb97241f16dfcc66941738f4bc15cbb2485569477039
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
content-type
text/html; charset=utf-8
date
Fri, 12 Apr 2024 20:14:15 GMT
pragma
no-cache
request-context
appId=cid-v1:7a6af7cd-aba0-45b0-b0a2-55ad16563962
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
None,Accept-Encoding
x-cdn
Imperva
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN SAMEORIGIN
x-iinfo
6-44683920-44683922 NNNN CT(88 176 0) RT(1712952854239 11) q(0 0 3 1) r(5 5) U24
x-xss-protection
1; mode=block

Redirect headers

content-length
0
location
https://www.partnertaxhub.com/
strict-transport-security
max-age=31536000; includeSubDomains
lib.min.css
www.partnertaxhub.com/core/lib/css/ 		825 KB
171 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.partnertaxhub.com/core/lib/css/lib.min.css?v=OcYt6nMHUkyHC39JvNeq9XnaxxeUPrwslnCJSeQ85xk
Requested by
Host: www.partnertaxhub.com
URL: https://www.partnertaxhub.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.177 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.177.ip.incapdns.net
Software
/
Resource Hash
39c62dea7307524c870b7f49bcd7aaf579dac717943ebc2c96708949e43ce719
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.partnertaxhub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 20:14:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 04 Apr 2024 23:46:04 GMT
x-cdn
Imperva
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
etag
"1da86ea41706288"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/css
x-iinfo
6-44683920-44683922 PNNN RT(1712952854239 526) q(0 0 0 -1) r(5 6) U24
accept-ranges
bytes
x-xss-protection
1; mode=block
request-context
appId=cid-v1:7a6af7cd-aba0-45b0-b0a2-55ad16563962
client.min.css
www.partnertaxhub.com/core/dist/css/ 		177 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.partnertaxhub.com/core/dist/css/client.min.css?v=UeUlIQr_s6RzIaRwhQ6Lj5hrffuKidLwrCRIphxOCqc
Requested by
Host: www.partnertaxhub.com
URL: https://www.partnertaxhub.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.177 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.177.ip.incapdns.net
Software
/
Resource Hash
51e525210affb3a47321a470850e8b8f986b7dfb8a89d2f0ac2448a61c4e0aa7
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.partnertaxhub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 20:14:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 04 Apr 2024 23:46:04 GMT
x-cdn
Imperva
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
etag
"1da86ea417e4538"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/css
x-iinfo
6-44683920-44683976 NNNN CT(87 87 0) RT(1712952854239 531) q(0 0 2 -1) r(5 6) U24
accept-ranges
bytes
x-xss-protection
1; mode=block
request-context
appId=cid-v1:7a6af7cd-aba0-45b0-b0a2-55ad16563962
lib.min.js
www.partnertaxhub.com/core/lib/js/ 		7 MB
2 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.partnertaxhub.com/core/lib/js/lib.min.js?v=Of0m1TvExff7IdWVcOykVCVkQH-gjVI31P_9PoJhXw8
Requested by
Host: www.partnertaxhub.com
URL: https://www.partnertaxhub.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.177 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.177.ip.incapdns.net
Software
/
Resource Hash
39fd26d53bc4c5f7fb21d59570eca4542564407fa08d5237d4fffd3e82615f0f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.partnertaxhub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 20:14:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 04 Apr 2024 23:46:38 GMT
x-cdn
Imperva
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
etag
"1da86ea55aa113a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript
x-iinfo
6-44683920-44683979 NNNN CT(88 176 0) RT(1712952854239 536) q(0 0 3 -1) r(26 27) U24
accept-ranges
bytes
x-xss-protection
1; mode=block
request-context
appId=cid-v1:7a6af7cd-aba0-45b0-b0a2-55ad16563962
global.min.js
www.partnertaxhub.com/core/dist/js/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.partnertaxhub.com/core/dist/js/global.min.js?v=REXsCCQLCiHxMK1zbg8pVeuv93t635N2NeMgZmmFdME
Requested by
Host: www.partnertaxhub.com
URL: https://www.partnertaxhub.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.177 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.177.ip.incapdns.net
Software
/
Resource Hash
4445ec08240b0a21f130ad736e0f2955ebaff77b7adf937635e32066698574c1
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.partnertaxhub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 20:14:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 04 Apr 2024 23:46:04 GMT
x-cdn
Imperva
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
etag
"1da86ea417c16e0"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript
x-iinfo
6-44683920-44683981 NNNN CT(86 87 0) RT(1712952854239 542) q(0 0 2 -1) r(4 4) U24
accept-ranges
bytes
x-xss-protection
1; mode=block
request-context
appId=cid-v1:7a6af7cd-aba0-45b0-b0a2-55ad16563962
modules.min.js
www.partnertaxhub.com/core/dist/js/ 		138 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.partnertaxhub.com/core/dist/js/modules.min.js?v=MNggWrYe0PmdWJcKRRE5DQUAF1ayE3qvEUQ_TqMeWfk
Requested by
Host: www.partnertaxhub.com
URL: https://www.partnertaxhub.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.177 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.177.ip.incapdns.net
Software
/
Resource Hash
30d8205ab61ed0f99d58970a4511390d05001756b2137aaf11443f4ea31e59f9
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.partnertaxhub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 20:14:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 04 Apr 2024 23:46:04 GMT
x-cdn
Imperva
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
etag
"1da86ea417eaee9"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript
x-iinfo
6-44683920-44683983 NNNN CT(89 176 0) RT(1712952854239 545) q(0 0 3 -1) r(5 6) U24
accept-ranges
bytes
x-xss-protection
1; mode=block
request-context
appId=cid-v1:7a6af7cd-aba0-45b0-b0a2-55ad16563962
survey-js-implementation.min.js
www.partnertaxhub.com/core/dist/js/ 		55 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.partnertaxhub.com/core/dist/js/survey-js-implementation.min.js?v=a98440xCIdhhtFUkRVQq57s-tglThBl-BoxJ_I72sRM
Requested by
Host: www.partnertaxhub.com
URL: https://www.partnertaxhub.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.177 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.177.ip.incapdns.net
Software
/
Resource Hash
6bdf38e34c4221d861b4552445542ae7bb3eb6095384197e068c49fc8ef6b113
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.partnertaxhub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 20:14:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Thu, 04 Apr 2024 23:46:06 GMT
x-cdn
Imperva
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
etag
"1da86ea42ad6f29"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
application/javascript
x-iinfo
6-44683920-44683985 NNNN CT(87 86 0) RT(1712952854239 547) q(0 0 2 -1) r(3 4) U24
accept-ranges
bytes
x-xss-protection
1; mode=block
request-context
appId=cid-v1:7a6af7cd-aba0-45b0-b0a2-55ad16563962
_Incapsula_Resource
www.partnertaxhub.com/ 		135 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.partnertaxhub.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=589913319
Requested by
Host: www.partnertaxhub.com
URL: https://www.partnertaxhub.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.177 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.177.ip.incapdns.net
Software
/
Resource Hash
3a8b61c089732501ac28c4d7cccac0e721ace4cc772e2d920ebd587b2ab770da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.partnertaxhub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store
content-encoding
gzip
x-robots-tag
noindex
content-length
19507
content-type
application/javascript
ai.2.min.js
js.monitor.azure.com/scripts/b/ 		120 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.monitor.azure.com/scripts/b/ai.2.min.js
Requested by
Host: www.partnertaxhub.com
URL: https://www.partnertaxhub.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bde9be4cbe799089a419225f87c2a9986043f6c7cb55853aaadab7200713f136

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.partnertaxhub.com/
Origin
https://www.partnertaxhub.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 20:14:16 GMT
content-encoding
br
last-modified
Wed, 20 Mar 2024 17:31:27 GMT
x-ms-meta-aijssdkver
2.8.18
vary
Accept-Encoding
x-azure-ref
20240412T201416Z-er166dfd566wgwx4kh6cwyp6uw00000000hg00000001s1n9
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
28428b9a-b01e-00cd-4e1a-8ac3d4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,x-ms-meta-aijssdksrc,x-ms-meta-aijssdkver,x-ms-meta-lastmodified,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800, immutable, no-transform
x-cache
TCP_HIT
x-ms-version
2009-09-19
x-ms-meta-aijssdksrc
[cdn]/scripts/b/ai.2.8.18.min.js
x-fd-int-roxy-purgeid
0
_Incapsula_Resource
www.partnertaxhub.com/ 		1 B
36 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.partnertaxhub.com/_Incapsula_Resource?SWKMTFSR=1&e=0.05326028495793289
Requested by
Host: www.partnertaxhub.com
URL: https://www.partnertaxhub.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.177 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.177.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.partnertaxhub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
favicon.ico
www.partnertaxhub.com/core/dist/css/images/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.partnertaxhub.com/core/dist/css/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.177 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.177.ip.incapdns.net
Software
/
Resource Hash
a9bc1ab7f7c0c6bc5d097050968993474e32346cffa537be1e0335a19645f12e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.partnertaxhub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 20:14:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
last-modified
Thu, 04 Apr 2024 23:46:02 GMT
x-cdn
Imperva
etag
"1da86ea404b5c7e"
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/x-icon
x-iinfo
6-44683920-44683979 PNNN RT(1712952854239 4707) q(0 0 0 -1) r(1 1) U24
accept-ranges
bytes
content-length
1406
x-xss-protection
1; mode=block
request-context
appId=cid-v1:7a6af7cd-aba0-45b0-b0a2-55ad16563962
track
dc.services.visualstudio.com/v2/ 		96 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: js.monitor.azure.com
URL: https://js.monitor.azure.com/scripts/b/ai.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.234 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
0dd0d0899e29f6f75b636ae6baf3f4bd720fd3562b559b9cddf9d664e3c3bbdf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-type
application/json
Referer
https://www.partnertaxhub.com/
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
strict-transport-security
max-age=31536000
date
Fri, 12 Apr 2024 20:14:19 GMT
x-content-type-options
nosniff
server
Microsoft-HTTPAPI/2.0
content-type
application/json; charset=utf-8
track
dc.services.visualstudio.com/v2/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
20.50.88.234 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-HTTPAPI/2.0 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://www.partnertaxhub.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Origin,X-Requested-With,Content-Name,Content-Type,Accept,Cache-Control,Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
date
Fri, 12 Apr 2024 20:14:19 GMT
server
Microsoft-HTTPAPI/2.0
strict-transport-security
max-age=31536000
favicon.ico
www.partnertaxhub.com/core/dist/css/images/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
https://www.partnertaxhub.com/core/dist/css/images/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.80.177 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.80.177.ip.incapdns.net
Software
/
Resource Hash
a9bc1ab7f7c0c6bc5d097050968993474e32346cffa537be1e0335a19645f12e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://www.partnertaxhub.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 12 Apr 2024 20:14:19 GMT
content-security-policy
default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';, default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
x-content-type-options
nosniff
last-modified
Thu, 04 Apr 2024 23:46:02 GMT
x-cdn
Imperva
etag
"1da86ea404b5c7e"
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
image/x-icon
x-iinfo
6-44683920-44683979 PNNN RT(1712952854239 4707) q(0 0 0 -1) r(1 1) U24
accept-ranges
bytes
content-length
1406
x-xss-protection
1; mode=block
request-context
appId=cid-v1:7a6af7cd-aba0-45b0-b0a2-55ad16563962

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| phux object| appInsights object| Microsoft object| __dynProto$Gbl function| setImmediate function| clearImmediate function| JSZip function| $ function| jQuery function| Cookies function| Fingerprint2 function| Cldr function| Globalize object| DevExpress object| powerbi object| powerbi-client object| _mlp boolean| userSettingsDialogInitialized object| _recaptcha object| commonConst object| common object| timeoutConst object| timeout object| _mobileElectionControl object| _d object| mlp function| getUrlParameter object| $w object| _w object| hiddenSectionArray object| dataPanelArray object| triggerButtonArray object| hiddenSOJArray object| triggerSelectArray boolean| copyFromPriorYear boolean| isSecondaryEntityTypeRequired boolean| isSubmitted boolean| sendEmails boolean| hasSecondEntityInfo object| multiselectHandlerHelperComposite object| compositeElectionsWizard object| $x object| _x object| hiddenSectionArrayWithholding object| dataPanelArrayWithholding object| triggerButtonArrayWithholding object| hiddenSOJArrayWithholding object| triggerSelectArrayWithholding boolean| copyFromPriorYearWithholding boolean| isSecondaryEntityTypeRequiredWithholding boolean| hasSecondEntityInfoWithholding object| multiselectHandlerHelper object| withholdingExemptionsWizard function| loadedResolve object| reportLoaded function| renderedResolve object| reportRendered function| embedPowerBIReport function| unembedPowerBIReport function| fullscreenPowerBIReport object| compositeElectionsModule object| composteMapModule object| withholdingExemptionsModule object| withholdingMapModule object| documentsGridModule object| formsGridModule object| documentsGridModalModule object| insightsModule object| Utilities object| HtmlFactory function| SessionData function| SurveyPanel function| SurveyDynamicPanel function| SurveySchema function| SurveyImplementation function| GridTiles function| Certification function| Step function| StepperManager boolean| isSimpleModule object| ptoModule

5 Cookies

Domain/Path Name / Value
www.partnertaxhub.com/ Name: .AspNetCore.Antiforgery.6Q6cB6mNWPY
Value: CfDJ8LBCGc32ehVEsfrsqeWm2ogWk02CsdVzp7h426PHR7KgZJpnnc1BuN96upLJ0xIOJ__lqLEss7soh9DKykXf3SHtEJzGUpZchyOVY3uGttEFXct0p0x01q-TCdNx7jjt7jDl-e_yeMbbXZKOrrYwUi4
www.partnertaxhub.com/ Name: visid_incap_1958215
Value: /gtquJiyR0udVBW/g+HNiBaWGWYAAAAAQUIPAAAAAACEJQXr5thsjpYoZ83IzG8l
www.partnertaxhub.com/ Name: incap_ses_727_1958215
Value: +64RVPCO2CrV1o5SqNIWChaWGWYAAAAAc3nBMKbp0ame392Jb8d3eg==
www.partnertaxhub.com/ Name: ai_user
Value: vPwaXTcfbzKrJQkJEpYxBE|2024-04-12T20:14:16.316Z
www.partnertaxhub.com/ Name: ai_session
Value: 0Rz6Fqs1WgVZMbRsxcsjkD|1712952859601|1712952859601

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline'; default-src * data: blob: filesystem: about: ws: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: 'unsafe-inline';
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block