www.fresh-tax-help.com Open in urlscan Pro
205.186.142.74 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://storage.googleapis.com/medya00/Ayb/DommAyb.html#r9346.php?32=1o166176671d8bdc9_1qp4.1pm4qwik.A013prj5vqa1sus7tc_8c2257....
Effective URL:
https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0
Submission: On October 26 via manual (October 26th 2021, 9:09:33 pm UTC) from US — Scanned from DE

Summary HTTP 63 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 27 IPs in 4 countries across 22 domains to perform 63 HTTP transactions. The main IP is 205.186.142.74, located in Culver City, United States and belongs to GO-DADDY-COM-LLC, US. The main domain is www.fresh-tax-help.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 15th 2020. Valid for: a year.

This is the only time www.fresh-tax-help.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	142.250.186.80 142.250.186.80	15169 (GOOGLE) (GOOGLE)
1 1	103.1.212.226 103.1.212.226	137409 (GSLNETWOR...) (GSLNETWORKS-AS-AP GSL Networks Pty LTD)
1	195.154.39.75 195.154.39.75	12876 (Online SAS) (Online SAS)
1 1	44.224.10.104 44.224.10.104	16509 (AMAZON-02) (AMAZON-02)
4	205.186.142.74 205.186.142.74	398110 (GO-DADDY-...) (GO-DADDY-COM-LLC)
2	104.18.11.207 104.18.11.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	18.64.84.227 18.64.84.227	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.170 142.250.185.170	15169 (GOOGLE) (GOOGLE)
1	104.16.18.94 104.16.18.94	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.177.62.4 54.177.62.4	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.202 142.250.185.202	15169 (GOOGLE) (GOOGLE)
3	18.133.97.68 18.133.97.68	16509 (AMAZON-02) (AMAZON-02)
4	142.250.186.78 142.250.186.78	15169 (GOOGLE) (GOOGLE)
6	34.96.102.137 34.96.102.137	15169 (GOOGLE) (GOOGLE)
1	18.66.2.17 18.66.2.17	16509 (AMAZON-02) (AMAZON-02)
1	172.217.23.104 172.217.23.104	15169 (GOOGLE) (GOOGLE)
2	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
1	18.66.9.137 18.66.9.137	16509 (AMAZON-02) (AMAZON-02)
1	18.66.2.48 18.66.2.48	16509 (AMAZON-02) (AMAZON-02)
1	13.225.87.70 13.225.87.70	16509 (AMAZON-02) (AMAZON-02)
1	74.125.133.155 74.125.133.155	15169 (GOOGLE) (GOOGLE)
7	34.205.104.175 34.205.104.175	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.185.228 142.250.185.228	15169 (GOOGLE) (GOOGLE)
1	54.153.116.161 54.153.116.161	16509 (AMAZON-02) (AMAZON-02)
2 3	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
1	52.92.160.121 52.92.160.121	16509 (AMAZON-02) (AMAZON-02)
1	18.64.79.50 18.64.79.50	16509 (AMAZON-02) (AMAZON-02)
1	18.66.9.224 18.66.9.224	16509 (AMAZON-02) (AMAZON-02)
1	52.200.177.220 52.200.177.220	14618 (AMAZON-AES) (AMAZON-AES)
63	27

1 142.250.186.80 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f16.1e100.net

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.1.212.226 (Australia) 1 redirects

ASN137409 (GSLNETWORKS-AS-AP GSL Networks Pty LTD, AU)
PTR: i-oxldon.info

i-oxldon.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.154.39.75 (France)

ASN12876 (Online SAS, FR)
PTR: 195-154-39-75.rev.poneytelecom.eu

forearmmurder.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.224.10.104 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-44-224-10-104.us-west-2.compute.amazonaws.com

fthmlf-trk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 205.186.142.74 (Culver City, United States)

ASN398110 (GO-DADDY-COM-LLC, US)
PTR: s828-5scj.accessdomain.com

www.fresh-tax-help.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.11.207 (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 18.64.84.227 (United States)

ASN16509 (AMAZON-02, US)

d3mo27ns5uxfyv.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.170 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.18.94 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.177.62.4 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-177-62-4.us-west-1.compute.amazonaws.com

widget.callerready.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.133.97.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-133-97-68.eu-west-2.compute.amazonaws.com

script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.96.102.137 (United States)

ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com

dev.visualwebsiteoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.2.17 (United States)

ASN16509 (AMAZON-02, US)

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.104 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f104.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.9.137 (United States)

ASN16509 (AMAZON-02, US)

d1tprjo2w7krrh.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.2.48 (United States)

ASN16509 (AMAZON-02, US)

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.70 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-70.fra2.r.cloudfront.net

ads.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.133.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f155.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.205.104.175 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-104-175.compute-1.amazonaws.com

create.leadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.153.116.161 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-153-116-161.us-west-1.compute.amazonaws.com

click.callerready.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 66.155.71.150 (Southampton, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-a.basis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.160.121 (Seattle, United States)

ASN16509 (AMAZON-02, US)

rg-clients.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.64.79.50 (United States)

ASN16509 (AMAZON-02, US)

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.9.224 (United States)

ASN16509 (AMAZON-02, US)

d2m2wsoho8qq12.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.200.177.220 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-177-220.compute-1.amazonaws.com

deviceid.trueleadid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	cloudfront.net d3mo27ns5uxfyv.cloudfront.net d1tprjo2w7krrh.cloudfront.net d2m2wsoho8qq12.cloudfront.net	469 KB
7	leadid.com create.leadid.com	2 KB
6	visualwebsiteoptimizer.com dev.visualwebsiteoptimizer.com	68 KB
4	google-analytics.com www.google-analytics.com	55 KB
4	anura.io script.anura.io ads.anura.io	18 KB
4	fresh-tax-help.com www.fresh-tax-help.com	73 KB
3	hotjar.com static.hotjar.com script.hotjar.com vars.hotjar.com	63 KB
3	googleapis.com storage.googleapis.com ajax.googleapis.com fonts.googleapis.com	36 KB
2	sitescout.com 1 redirects pixel.sitescout.com	606 B
2	gstatic.com fonts.gstatic.com	91 KB
2	callerready.com widget.callerready.com click.callerready.com	4 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	31 KB
1	trueleadid.com deviceid.trueleadid.com	2 KB
1	amazonaws.com rg-clients.s3.amazonaws.com	667 B
1	basis.net 1 redirects pixel-a.basis.net	67 B
1	google.com www.google.com	472 B
1	doubleclick.net stats.g.doubleclick.net	416 B
1	googletagmanager.com www.googletagmanager.com	37 KB
1	cloudflare.com cdnjs.cloudflare.com	7 KB
1	fthmlf-trk.com 1 redirects fthmlf-trk.com	775 B
1	forearmmurder.com forearmmurder.com	458 B
1	i-oxldon.info 1 redirects i-oxldon.info	417 B
63	22

	Domain	Requested by
16	d3mo27ns5uxfyv.cloudfront.net	www.fresh-tax-help.com d3mo27ns5uxfyv.cloudfront.net
7	create.leadid.com	d1tprjo2w7krrh.cloudfront.net deviceid.trueleadid.com
6	dev.visualwebsiteoptimizer.com	www.fresh-tax-help.com dev.visualwebsiteoptimizer.com
4	www.google-analytics.com	www.fresh-tax-help.com www.google-analytics.com
4	www.fresh-tax-help.com	forearmmurder.com www.fresh-tax-help.com
3	script.anura.io	www.fresh-tax-help.com script.anura.io
2	pixel.sitescout.com	1 redirects www.fresh-tax-help.com
2	fonts.gstatic.com	fonts.googleapis.com
2	maxcdn.bootstrapcdn.com	www.fresh-tax-help.com
1	deviceid.trueleadid.com	d2m2wsoho8qq12.cloudfront.net
1	d2m2wsoho8qq12.cloudfront.net	d1tprjo2w7krrh.cloudfront.net
1	vars.hotjar.com	static.hotjar.com
1	rg-clients.s3.amazonaws.com	www.fresh-tax-help.com
1	pixel-a.basis.net	1 redirects
1	click.callerready.com	ajax.googleapis.com
1	www.google.com	www.fresh-tax-help.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ads.anura.io	script.anura.io
1	script.hotjar.com	static.hotjar.com
1	d1tprjo2w7krrh.cloudfront.net	www.fresh-tax-help.com
1	www.googletagmanager.com	www.fresh-tax-help.com
1	static.hotjar.com	www.fresh-tax-help.com
1	fonts.googleapis.com	d3mo27ns5uxfyv.cloudfront.net
1	widget.callerready.com	www.fresh-tax-help.com
1	cdnjs.cloudflare.com	www.fresh-tax-help.com
1	ajax.googleapis.com	www.fresh-tax-help.com
1	fthmlf-trk.com	1 redirects
1	forearmmurder.com	storage.googleapis.com
1	i-oxldon.info	1 redirects
1	storage.googleapis.com
63	30

This site contains links to these domains. Also see Links.

Domain
www.optout-trk.info

Subject Issuer	Validity	Valid
*.storage.googleapis.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
forearmmurder.com Sectigo RSA Domain Validation Secure Server CA	`2021-01-04` - `2022-01-16`	a year	crt.sh
www.fresh-tax-help.com Go Daddy Secure Certificate Authority - G2	`2020-10-15` - `2021-11-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.callerready.com Go Daddy Secure Certificate Authority - G2	`2020-05-04` - `2022-05-04`	2 years	crt.sh
script.anura.io Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2	`2020-06-19` - `2022-07-06`	2 years	crt.sh
*.hotjar.com Amazon	`2020-12-25` - `2022-01-23`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
ads.anura.io Amazon	`2021-07-29` - `2022-08-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
create.leadid.com Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-10-04` - `2021-12-27`	3 months	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
deviceid.trueleadid.com Amazon	`2021-02-06` - `2022-03-07`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0
Frame ID: 77B091F5033460DD5C949B403E51CA99
Requests: 59 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-d09a446edefba0dcce5d5143e1840e9a.html
Frame ID: 99B34A8FBE56491CD65F3085207655A3
Requests: 1 HTTP requests in this frame

Frame: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=5FF4FCDD-D7E5-071E-1618-F344F3659349&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=583E8030-6CA1-2387-F3D7-11EEDB8C4896&lac=581E5A37-7A2C-A742-C313-6F515B2D3222
Frame ID: 578F698BE120386BD3EDC5192C1F1A29
Requests: 1 HTTP requests in this frame

Frame: https://deviceid.trueleadid.com/iframe.html?token=5FF4FCDD-D7E5-071E-1618-F344F3659349&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=583E8030-6CA1-2387-F3D7-11EEDB8C4896&lac=581E5A37-7A2C-A742-C313-6F515B2D3222
Frame ID: 00034FCC29CBF8D0165745552F48979B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Solve your IRS Tax Problems

Page URL History Show full URLs

https://storage.googleapis.com/medya00/Ayb/DommAyb.html Page URL
http://i-oxldon.info/r9346.php?32=1o166176671d8bdc9_1qp4.1pm4qwik.A013prj5vqa1sus7tc_8c2257.j5vqa... HTTP 302
https://forearmmurder.com/256c162bb782291000/Amoud_163avt0/_8c%7C4zo2m%7Cj5vqa%7Co166176671d8bdc9_1qp4... Page URL
https://fthmlf-trk.com/?a=230&oc=135&c=126&s1=690317&s2=Amoud_163avt0&s3=1200743601 HTTP 302
https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=69031... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

VWO (Analytics) Expand

Overall confidence: 100%
Detected patterns

dev\.visualwebsiteoptimizer\.com/?([\d.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

63
Requests

100 %
HTTPS

0 %
IPv6

22
Domains

30
Subdomains

27
IPs

4
Countries

958 kB
Transfer

1976 kB
Size

24
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.optout-trk.info/o-qkvl-d21-316731a1907ef2c846e69841dc17fe58
Title: Unsubscribe

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://storage.googleapis.com/medya00/Ayb/DommAyb.html Page URL
http://i-oxldon.info/r9346.php?32=1o166176671d8bdc9_1qp4.1pm4qwik.A013prj5vqa1sus7tc_8c2257.j5vqaNHpvMm0zOG50cGFp0o4tXc HTTP 302
https://forearmmurder.com/256c162bb782291000/Amoud_163avt0/_8c%7C4zo2m%7Cj5vqa%7Co166176671d8bdc9_1qp4%7C38ntpai%7C84052%7C013prj5vqa%7CA Page URL
https://fthmlf-trk.com/?a=230&oc=135&c=126&s1=690317&s2=Amoud_163avt0&s3=1200743601 HTTP 302
https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://i-oxldon.info/r9346.php?32=1o166176671d8bdc9_1qp4.1pm4qwik.A013prj5vqa1sus7tc_8c2257.j5vqaNHpvMm0zOG50cGFp0o4tXc HTTP 302
https://forearmmurder.com/256c162bb782291000/Amoud_163avt0/_8c%7C4zo2m%7Cj5vqa%7Co166176671d8bdc9_1qp4%7C38ntpai%7C84052%7C013prj5vqa%7CA

Request Chain 49

https://pixel-a.basis.net/iap/0a88286ef7957d26 HTTP 301
https://pixel.sitescout.com/iap/0a88286ef7957d26 HTTP 302
https://pixel.sitescout.com/iap/0a88286ef7957d26?cookieQ=1

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 DommAyb.html
storage.googleapis.com/medya00/Ayb/ 100 B
679 B 29ms
7ms Document
text/html 142.250.186.80
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/medya00/Ayb/DommAyb.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.80 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f16.1e100.net
Software: UploadServer /
Resource Hash

Request headers

:method: GET
:authority: storage.googleapis.com
:scheme: https
:path: /medya00/Ayb/DommAyb.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

x-guploader-uploadid: ADPycduD92sS3hpgt6tPXTwqEKDL11AQHYY64wIQrBWsMsBbP5WOYOh-cP63NSTib83EGjZ9H4ozrAsZe7dsSz_g2gnApmiZ0A
expires: Tue, 26 Oct 2021 21:20:02 GMT
date: Tue, 26 Oct 2021 20:20:02 GMT
last-modified: Tue, 03 Aug 2021 10:59:12 GMT
etag: "89d0d3f2abffdb5aef48fdfdb6c7e473"
x-goog-generation: 1627988352327228
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 100
content-type: text/html
x-goog-hash: crc32c=oPyk7g== md5=idDT8qv/21rvSP39tsfkcw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 100
server: UploadServer
age: 2960
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

Cookie set _8c%7C4zo2m%7Cj5vqa%7Co166176671d8bdc9_1qp4%7C38ntpai%7C84052%7C013prj5vqa%7CA
forearmmurder.com/256c162bb782291000/Amoud_163avt0/
Redirect Chain

http://i-oxldon.info/r9346.php?32=1o166176671d8bdc9_1qp4.1pm4qwik.A013prj5vqa1sus7tc_8c2257.j5vqaNHpvMm0zOG50cGFp0o4tXc
https://forearmmurder.com/256c162bb782291000/Amoud_163avt0/_8c%7C4zo2m%7Cj5vqa%7Co166176671d8bdc9_1qp4%7C38ntpai%7C84052%7C013prj5vqa%7CA

146 B
458 B

1064ms
301ms

Document
text/html

195.154.39.75
Online SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://forearmmurder.com/256c162bb782291000/Amoud_163avt0/_8c%7C4zo2m%7Cj5vqa%7Co166176671d8bdc9_1qp4%7C38ntpai%7C84052%7C013prj5vqa%7CA
Requested by: Host: storage.googleapis.com
URL: https://storage.googleapis.com/medya00/Ayb/DommAyb.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.154.39.75 , France, ASN12876 (Online SAS, FR),
Reverse DNS: 195-154-39-75.rev.poneytelecom.eu
Software: Apache /
Resource Hash

Request headers

Host: forearmmurder.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://storage.googleapis.com/medya00/Ayb/DommAyb.html#r9346.php?32=1o166176671d8bdc9_1qp4.1pm4qwik.A013prj5vqa1sus7tc_8c2257.j5vqaNHpvMm0zOG50cGFp0o4tXc

Response headers

Date: Tue, 26 Oct 2021 21:09:25 GMT
Server: Apache
Set-Cookie: uid9914=1200743601-20211026170925-d6a43fef8cbdfbc8a21c4de0e58d01e9-; domain=; expires=Thu, 25-Nov-2021 21:09:25 GMT; path=/; SameSite=None; Secure
Content-Length: 146
Connection: close
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Tue, 26 Oct 2021 21:09:23 GMT
Server
X-Frame-Options: SAMEORIGIN
Location: https://forearmmurder.com/256c162bb782291000/Amoud_163avt0/_8c|4zo2m|j5vqa|o166176671d8bdc9_1qp4|38ntpai|84052|013prj5vqa|A
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Length: 198
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1

200
OK

Primary Request

Cookie set fth.php Show response
www.fresh-tax-help.com/lf31/
Redirect Chain

https://fthmlf-trk.com/?a=230&oc=135&c=126&s1=690317&s2=Amoud_163avt0&s3=1200743601
https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0

76 KB
21 KB

881ms
308ms

Document
text/html

205.186.142.74
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0
Requested by: Host: forearmmurder.com
URL: https://forearmmurder.com/256c162bb782291000/Amoud_163avt0/_8c%7C4zo2m%7Cj5vqa%7Co166176671d8bdc9_1qp4%7C38ntpai%7C84052%7C013prj5vqa%7CA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 205.186.142.74 Culver City, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS: s828-5scj.accessdomain.com
Software: nginx / PleskLin PleskLin
Resource Hash: a54989bb70916d7410386826b353b04c0dea9986eed4587d262a3e9cf355309d

Request headers

Host: www.fresh-tax-help.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://forearmmurder.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://forearmmurder.com/256c162bb782291000/Amoud_163avt0/_8c%7C4zo2m%7Cj5vqa%7Co166176671d8bdc9_1qp4%7C38ntpai%7C84052%7C013prj5vqa%7CA

Response headers

Server: nginx
Date: Tue, 26 Oct 2021 21:09:27 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 max-age=7200, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=efu82pbepsc44p8fujfi563lt4; path=/
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
X-Powered-By: PleskLin PleskLin

Redirect headers

Date: Tue, 26 Oct 2021 21:09:26 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 270
Cache-Control: private
Location: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie: sfd=cF3MpXms/m9IE75zWBU5WWRR9bG2Jpp5l6fdRTB84xP2am0jDRerjw==; domain=.fthmlf-trk.com; path=/; HttpOnly tym=LYlSGpu+Vq1IE75zWBU5WWRR9bG2Jpp5l6fdRTB84xP2am0jDRerjw==; domain=.fthmlf-trk.com; expires=Mon, 26-Oct-2026 14:09:26 GMT; path=/; HttpOnly c34=cF3MpXms/m8BDAp7laj0pBCu1+CqXKR4tOFoGlzWDdM=; domain=.fthmlf-trk.com; expires=Thu, 25-Nov-2021 21:09:26 GMT; path=/; HttpOnly

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/ 118 KB
21 KB 66ms
30ms Stylesheet
text/css 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css

Requested by

Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fresh-tax-help.com/
Origin: https://www.fresh-tax-help.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 21:09:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601
age: 1736
cdn-cachedat: 08/04/2021 00:04:06
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cdn-proxyver: 1.0
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 0dd70db0fe49f68a196760a7bc1169b2
cf-ray: 6a46aa6d1ded4138-PRG
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 mainstyles.min.css
d3mo27ns5uxfyv.cloudfront.net/lf31/css/ 35 KB
6 KB 80ms
17ms Stylesheet
text/css 18.64.84.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3mo27ns5uxfyv.cloudfront.net/lf31/css/mainstyles.min.css
Requested by: Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.84.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: bb19d37f992f5dcddc13d3692d41399cf86ab9d575b324b8aa6d667acabb1526

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 19:15:11 GMT
content-encoding: gzip
last-modified: Mon, 19 Jul 2021 12:46:45 GMT
server: nginx
age: 1302856
x-powered-by: PleskLin
etag: W/"60f57435-8a1f"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 546493e65fbc99643335c1707e70220e.cloudfront.net (CloudFront)
cache-control: max-age=290304000, public
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: c_FtsVHLTQhPtV1j73-fJK_SHyGwrbKmF4uxgQQJ8ltPXDAJw4SRzA==
expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H2 200 jquery-ui.min.css
d3mo27ns5uxfyv.cloudfront.net/lf31/css/ 30 KB
8 KB 81ms
19ms Stylesheet
text/css 18.64.84.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3mo27ns5uxfyv.cloudfront.net/lf31/css/jquery-ui.min.css
Requested by: Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.84.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: d8a954a61020a5f26298a414f4ba3e0ef0d25cd98de2012014d5b01776fc5ceb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 19:15:11 GMT
content-encoding: gzip
last-modified: Fri, 20 Mar 2020 11:47:17 GMT
server: nginx
age: 1302856
x-powered-by: PleskLin
etag: W/"5e74ad45-77ad"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 546493e65fbc99643335c1707e70220e.cloudfront.net (CloudFront)
cache-control: max-age=290304000, public
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: lHGgfozbW-Yi4DsiO2edTxmoyqHav0QoNVXfzMFiVc7VjccsB1NbEg==
expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK anura.js Show response
www.fresh-tax-help.com/assets/js/ 3 KB
2 KB 104ms
104ms Script
text/javascript 205.186.142.74
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fresh-tax-help.com/assets/js/anura.js
Requested by: Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 205.186.142.74 Culver City, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS: s828-5scj.accessdomain.com
Software: nginx / PleskLin
Resource Hash: 3d0c05d6e9f1a4db40ff449f8dfd19088d2f9639893f6895d45a523d7c725c71

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.fresh-tax-help.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0
Cookie: PHPSESSID=efu82pbepsc44p8fujfi563lt4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 21:09:27 GMT
Content-Encoding: gzip
ETag: W/"6048c08f-d33"
Last-Modified: Wed, 10 Mar 2021 12:50:23 GMT
Server: nginx
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=290304000, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H2 200 logo.jpg
d3mo27ns5uxfyv.cloudfront.net/lf31/images/ 7 KB
7 KB 42ms
37ms Image
image/jpeg 18.64.84.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3mo27ns5uxfyv.cloudfront.net/lf31/images/logo.jpg
Requested by: Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.84.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 699c9b043f0c1b8356c54a17ac69d2900f6277a0ca2a1813feac43fa264655dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 19:15:12 GMT
via: 1.1 546493e65fbc99643335c1707e70220e.cloudfront.net (CloudFront)
etag: "5e6f8317-1a5d"
last-modified: Mon, 16 Mar 2020 13:45:59 GMT
server: nginx
age: 1302855
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=290304000, public
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
content-length: 6749
x-amz-cf-id: d9kwtTH58I3xXHFehAwSIMcEM-CzpX2Azb5ZotI3x4mhon41DWdFFg==
expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H2 200 call-icon.png
d3mo27ns5uxfyv.cloudfront.net/lf31/images/ 1 KB
1 KB 41ms
37ms Image
image/png 18.64.84.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3mo27ns5uxfyv.cloudfront.net/lf31/images/call-icon.png
Requested by: Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.84.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 5373e91d74457da7a37971413eba37e02861d5456ecd1e59b79867a87dc69470

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 19:15:12 GMT
via: 1.1 546493e65fbc99643335c1707e70220e.cloudfront.net (CloudFront)
etag: "5e6f82ff-40b"
last-modified: Mon, 16 Mar 2020 13:45:35 GMT
server: nginx
age: 1302855
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=290304000, public
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
content-length: 1035
x-amz-cf-id: C_wFhnqcAMtiwV61JWngb0_mYgd_zwHdN1D1cQWRqvFF4KSOTE1uoA==
expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H2 200 privacy-icon.png
d3mo27ns5uxfyv.cloudfront.net/lf31/images/ 240 B
671 B 42ms
38ms Image
image/png 18.64.84.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3mo27ns5uxfyv.cloudfront.net/lf31/images/privacy-icon.png
Requested by: Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.84.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin, PleskLin
Resource Hash: 01b339b678ceee0f09250d8bc5df75b58e3d5cb0cd897f88f154ba3cae6424ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 08:53:42 GMT
via: 1.1 546493e65fbc99643335c1707e70220e.cloudfront.net (CloudFront)
age: 1340145
x-powered-by: PleskLin, PleskLin
x-cache: Hit from cloudfront
content-length: 240
last-modified: Mon, 16 Mar 2020 13:46:28 GMT
server: nginx
etag: "202412-f0-5a0f90bcb5f56"
content-type: image/png
x-accel-version: 0.01
cache-control: max-age=290304000, public
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
x-amz-cf-id: mdub9yBjKiSO00QdgiIMTx99gAAMbSXDtGpJzCkVJ72YtEZIqlsdDw==
expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H2 200 interested2.png
d3mo27ns5uxfyv.cloudfront.net/lf1/images/ 883 B
1 KB 42ms
38ms Image
image/png 18.64.84.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3mo27ns5uxfyv.cloudfront.net/lf1/images/interested2.png
Requested by: Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.84.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin, PleskLin
Resource Hash: 04b0cbdf6979f4df4fffd5f9f89ba200fb531000bb5280eaae526c42c435bec3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 23:05:50 GMT
via: 1.1 546493e65fbc99643335c1707e70220e.cloudfront.net (CloudFront)
age: 1375417
x-powered-by: PleskLin, PleskLin
x-cache: Hit from cloudfront
content-length: 883
last-modified: Mon, 11 Sep 2017 06:01:16 GMT
server: nginx
etag: "144b55-373-558e3a79de7a9"
content-type: image/png
x-accel-version: 0.01
cache-control: max-age=290304000, public
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
x-amz-cf-id: OsKjjhwEGPC3SHBTWMIkoujPIAoNrImifOuBWiiQ8NpI8tojFDJ-Kg==
expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H2 200 interested3.png
d3mo27ns5uxfyv.cloudfront.net/lf1/images/ 3 KB
3 KB 43ms
40ms Image
image/png 18.64.84.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3mo27ns5uxfyv.cloudfront.net/lf1/images/interested3.png
Requested by: Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.84.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: c3d3c6235530256fd91aa2f86a8589d3e9ca78805d87ee90248a06644bcd4243

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 23:05:50 GMT
via: 1.1 546493e65fbc99643335c1707e70220e.cloudfront.net (CloudFront)
etag: "59b626ac-c06"
last-modified: Mon, 11 Sep 2017 06:01:16 GMT
server: nginx
age: 1375417
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=290304000, public
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
content-length: 3078
x-amz-cf-id: r2QY_pf3MxTtnZF3W4oXGNUFEP9522Wj_2F14gG7dhLGRtnzYJUiQQ==
expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H2 200 interested4.png
d3mo27ns5uxfyv.cloudfront.net/lf1/images/ 1 KB
2 KB 43ms
39ms Image
image/png 18.64.84.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3mo27ns5uxfyv.cloudfront.net/lf1/images/interested4.png
Requested by: Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.84.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 76713530c4e90ba3b4a9118a7b10808d9eb43685aee7e9c00cdadb9c4293222a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 14:58:26 GMT
via: 1.1 546493e65fbc99643335c1707e70220e.cloudfront.net (CloudFront)
etag: "59b626ad-4e3"
last-modified: Mon, 11 Sep 2017 06:01:17 GMT
server: nginx
age: 1923061
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=290304000, public
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
content-length: 1251
x-amz-cf-id: ey1xGpcRV4pkwH8jGo1JCM3Z3Zca_yIJzx-HBZL6pC2v2SyrHt6SXw==
expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H2 200 interested1.png
d3mo27ns5uxfyv.cloudfront.net/lf1/images/ 2 KB
2 KB 42ms
39ms Image
image/png 18.64.84.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3mo27ns5uxfyv.cloudfront.net/lf1/images/interested1.png
Requested by: Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.84.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: da117ccecdb0108176c78aa06522f98ffd350a65b039b436a2d81e354eb16d60

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 23:05:50 GMT
via: 1.1 546493e65fbc99643335c1707e70220e.cloudfront.net (CloudFront)
etag: "59b626ac-6a3"
last-modified: Mon, 11 Sep 2017 06:01:16 GMT
server: nginx
age: 1375417
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=290304000, public
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
content-length: 1699
x-amz-cf-id: yVMLx1uBJM_39gXyjrShSaQUeV4-6JnZqs-YwU-81y2BCrxxWzt1Vg==
expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H2 200 tax.png
d3mo27ns5uxfyv.cloudfront.net/lf1/images/ 12 KB
12 KB 44ms
41ms Image
image/png 18.64.84.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3mo27ns5uxfyv.cloudfront.net/lf1/images/tax.png
Requested by: Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.84.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 3a41fc34b77adc60eb5e70ae86e0b48b7e19ec460b6fb1b04433b88bb402270b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 10 Oct 2021 23:10:57 GMT
via: 1.1 546493e65fbc99643335c1707e70220e.cloudfront.net (CloudFront)
etag: "6149ca1a-2f2c"
last-modified: Tue, 21 Sep 2021 12:03:38 GMT
server: nginx
age: 1375110
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=290304000, public
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
content-length: 12076
x-amz-cf-id: 1bjkpihH-BpGjtoCHPKMGWElazyp9i5VebW5qHb1_Bx0ynu-M2w7Vw==
expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H2 200 woman.png
d3mo27ns5uxfyv.cloudfront.net/lf31/images/ 176 KB
177 KB 95ms
92ms Image
image/png 18.64.84.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3mo27ns5uxfyv.cloudfront.net/lf31/images/woman.png
Requested by: Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.84.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 9befd10497945a6b8ac86bc203ae124f70516ce206ce4efde14cf68d396ca634

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 08:27:11 GMT
via: 1.1 546493e65fbc99643335c1707e70220e.cloudfront.net (CloudFront)
etag: "5e6f8346-2c07d"
last-modified: Mon, 16 Mar 2020 13:46:46 GMT
server: nginx
age: 132136
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=290304000, public
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
content-length: 180349
x-amz-cf-id: D3dcGvw-cM-7zK_Lk_vPLWmkgEdEe1lKfn_1DhlbIoOH70MTMmMMJA==
expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 31ms
7ms Script
text/javascript 142.250.185.170
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.170 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f10.1e100.net

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 17:33:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12930
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Wed, 26 Oct 2022 17:33:57 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/ 36 KB
10 KB 24ms
23ms Script
application/javascript 104.18.11.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/js/bootstrap.min.js

Requested by

Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.11.207 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fresh-tax-help.com/
Origin: https://www.fresh-tax-help.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 21:09:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 722, 617, 617, 617
age: 1736
cdn-cachedat: 2021-07-24 16:51:28
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 9276cac02a5c4dc9958f2c69522d6d66
cf-ray: 6a46aa6daeb54138-PRG
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK please_wait.gif
www.fresh-tax-help.com/lf31/images/ 48 KB
48 KB 196ms
194ms Image
image/gif 205.186.142.74
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fresh-tax-help.com/lf31/images/please_wait.gif
Requested by: Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 205.186.142.74 Culver City, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS: s828-5scj.accessdomain.com
Software: nginx / PleskLin
Resource Hash: 9090cdece60946d0d2a27020967d395d313fe21201060a1688903bc8c48ef511

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.fresh-tax-help.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0
Cookie: PHPSESSID=efu82pbepsc44p8fujfi563lt4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 21:09:27 GMT
ETag: "5e6f8333-bece"
Last-Modified: Mon, 16 Mar 2020 13:46:27 GMT
Server: nginx
X-Powered-By: PleskLin
Content-Type: image/gif
Cache-Control: max-age=290304000, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 48846
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H/1.1 200
OK jquery.maskedinput.min.js Show response
www.fresh-tax-help.com/assets/js/ 3 KB
2 KB 105ms
104ms Script
text/javascript 205.186.142.74
GO-DADDY-COM-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fresh-tax-help.com/assets/js/jquery.maskedinput.min.js
Requested by: Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 205.186.142.74 Culver City, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS: s828-5scj.accessdomain.com
Software: nginx / PleskLin
Resource Hash: f7f480e008e61f1d28d9c096d9cf3095d11b1fd5a5603db6e6c5a21898c07d4a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.fresh-tax-help.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0
Cookie: PHPSESSID=efu82pbepsc44p8fujfi563lt4
Connection: keep-alive
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 21:09:27 GMT
Content-Encoding: gzip
ETag: W/"5e74b687-d26"
Last-Modified: Fri, 20 Mar 2020 12:26:47 GMT
Server: nginx
X-Powered-By: PleskLin
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=290304000, public
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H2 200 jquery.validate.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.15.0/ 22 KB
7 KB 62ms
24ms Script
application/javascript 104.16.18.94
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-validate/1.15.0/jquery.validate.min.js

Requested by

Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.18.94 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa1d80cdf0990e97a21069ab16c048ef90a35df1165b87d19accabd7c4edc860

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 21:09:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1650112
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6511
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:46 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec2-58a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N2azKP3TM51X5B4qdL3ShAv4mr6BJFBEXhQi4fIO0ekzZkrbanvBOOCRjtZMWlWOUH7RigsS6%2FdN865vXVSrMikMlRw8CQGUh8BMBmqEZKUrB6b2OVHuDXSWlqjrJpI0y7kMewKh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6a46aa6def554138-PRG
expires: Sun, 16 Oct 2022 21:09:27 GMT

GET
H2 200 jquery-ui.js Show response
d3mo27ns5uxfyv.cloudfront.net/lf31/js/ 246 KB
66 KB 25ms
20ms Script
text/javascript 18.64.84.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3mo27ns5uxfyv.cloudfront.net/lf31/js/jquery-ui.js
Requested by: Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.84.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: a98ebbb3ce6ec73bda1a44f458d5f51097884abc6b9e862b40b1d92df7cf80c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 19:15:12 GMT
content-encoding: gzip
last-modified: Fri, 20 Mar 2020 11:47:24 GMT
server: nginx
age: 1302855
x-powered-by: PleskLin
etag: W/"5e74ad4c-3d708"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 546493e65fbc99643335c1707e70220e.cloudfront.net (CloudFront)
cache-control: max-age=290304000, public
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: kAkqlmPMX1ef4RfvC476H2B4wyeYkirOR0xWfZQbj5X2NnB_YY3Oxg==
expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H2 200 jquery.ui.touch-punch.js Show response
d3mo27ns5uxfyv.cloudfront.net/lf31/js/ 5 KB
2 KB 40ms
36ms Script
text/javascript 18.64.84.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3mo27ns5uxfyv.cloudfront.net/lf31/js/jquery.ui.touch-punch.js
Requested by: Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.84.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: de95e51deb4921104e1d5c351e74408b9f0085ff37576c0edfd77e5851db0c15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 19:15:12 GMT
content-encoding: gzip
last-modified: Mon, 16 Mar 2020 13:47:00 GMT
server: nginx
age: 1302855
x-powered-by: PleskLin
etag: W/"5e6f8354-1485"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 546493e65fbc99643335c1707e70220e.cloudfront.net (CloudFront)
cache-control: max-age=290304000, public
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: fTtf9R2OHuewQuTtmo-_d8mTToOOT66SBNcHFagvRgOSmz5zcRB9Mg==
expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H2 200 main.min.js Show response
d3mo27ns5uxfyv.cloudfront.net/lf31/js/ 4 KB
2 KB 41ms
36ms Script
text/javascript 18.64.84.227
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3mo27ns5uxfyv.cloudfront.net/lf31/js/main.min.js
Requested by: Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.84.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 458859c09dede653365b7dd2b3cc8b52d6461e9364ead7ef7cd6374a7cb8a97a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 19:15:12 GMT
content-encoding: gzip
last-modified: Wed, 16 Jun 2021 14:39:46 GMT
server: nginx
age: 1302855
x-powered-by: PleskLin
etag: W/"60ca0d32-f00"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 546493e65fbc99643335c1707e70220e.cloudfront.net (CloudFront)
cache-control: max-age=290304000, public
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: rNS95-0JhdxxItFQ8mniIyeA8ndHNHWXRbUEtsx159-ugc3quzmvcg==
expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H2 200 crringpool.js Show response
widget.callerready.com/include/scripts/ 10 KB
4 KB 561ms
165ms Script
application/javascript 54.177.62.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.callerready.com/include/scripts/crringpool.js
Requested by: Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.177.62.4 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-177-62-4.us-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 069aaa6bd5a2e9ecd055763c6dcbc7b07ce47499346d211a6828b0e580077ee4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 21:09:27 GMT
content-encoding: gzip
etag: "07a7971ee56d61:0"
last-modified: Fri, 10 Jul 2020 19:15:16 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 3085

GET
H2 200 css
fonts.googleapis.com/ 26 KB
2 KB 38ms
17ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700italic,700,600italic,600,300,300italic,800,800italic

Requested by

Host: d3mo27ns5uxfyv.cloudfront.net
URL: https://d3mo27ns5uxfyv.cloudfront.net/lf31/css/mainstyles.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

ESF /

Resource Hash

b6f1b4ee4ab7166896918e1fbf1c69d351a5d374505dc7dfb9ffcc8610a236cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d3mo27ns5uxfyv.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 21:09:27 GMT
server: ESF
date: Tue, 26 Oct 2021 21:09:27 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Tue, 26 Oct 2021 21:09:27 GMT

GET
H2 200 request.js Show response
script.anura.io/ 47 KB
17 KB 131ms
74ms Script
application/javascript 18.133.97.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/request.js?instance=1318140945&source=230&campaign=690317&callback=optionalCallbackFunction&290715462423

Requested by

Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/assets/js/anura.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.97.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-97-68.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

afd29ee98411837f24cf162dbc4eb26f6c1ccea5e812572655609da2ed1e0469

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 21:09:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 56ms
12ms Script
text/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 19 Oct 2021 16:47:48 GMT
server: Golfe2
age: 4101
date: Tue, 26 Oct 2021 20:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 19887
expires: Tue, 26 Oct 2021 22:01:06 GMT

GET
H2 200 j.php Show response
dev.visualwebsiteoptimizer.com/ 7 KB
3 KB 58ms
22ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/j.php?a=97242&u=https%3A%2F%2Fwww.fresh-tax-help.com%2Flf31%2Ffth.php%3Freqid%3D21142334%26affid%3D230%26a%3D230%26cpAFID%3D230%26cpSID%3D690317%26s1%3D690317%26cpSID2%3DAmoud_163avt0&f=1&r=0.5981375011804226
Requested by: Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 35146b3977e9afd7995d9dfe75ec0fb558b2b91ff785aeb5e7bfaa03c3908fcf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 26 Oct 2021 21:09:26 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H2 200 hotjar-654147.js Show response
static.hotjar.com/c/ 4 KB
2 KB 105ms
60ms Script
application/javascript 18.66.2.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-654147.js?sv=6

Requested by

Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.2.17 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

4b5b3e42bbc834e0d006a1174c0807ce3788ef230827f78173aa0873b916c924

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 21:09:27 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: TXL50-P1
etag: W/4f5a22fb74a684eeed1dc813ac2f1d3b
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
content-length: 1906
via: 1.1 cf058b286fa80390c08073fa68269f13.cloudfront.net (CloudFront)
x-amz-cf-id: GJwQ1PcbhFe_6JYuOE2dVxcsUaQL9q78LFx3EdmxdfWyilmdsUZ_7Q==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 95 KB
37 KB 54ms
31ms Script
application/javascript 172.217.23.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N63X54R

Requested by

Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f104.1e100.net

Software

Google Tag Manager /

Resource Hash

d48627280342865619f609659c4a2cd8486b4105d4150cafa491da1eb3ae971f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 21:09:27 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 37618
x-xss-protection: 0
expires: Tue, 26 Oct 2021 21:09:27 GMT

GET
H2 200 arrow.png
d3mo27ns5uxfyv.cloudfront.net/lf31/images/ 3 KB
3 KB 57ms
57ms Image
image/png 18.64.84.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3mo27ns5uxfyv.cloudfront.net/lf31/images/arrow.png
Requested by: Host: d3mo27ns5uxfyv.cloudfront.net
URL: https://d3mo27ns5uxfyv.cloudfront.net/lf31/css/mainstyles.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.84.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: a4643549cb365288c5e9c72eeae214c91eeeb86e913149b310826850015994a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d3mo27ns5uxfyv.cloudfront.net/lf31/css/mainstyles.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 12:07:29 GMT
via: 1.1 546493e65fbc99643335c1707e70220e.cloudfront.net (CloudFront)
etag: "5e6f82fa-b9f"
last-modified: Mon, 16 Mar 2020 13:45:30 GMT
server: nginx
age: 32518
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=290304000, public
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
content-length: 2975
x-amz-cf-id: B6tdaXSO9aWOZ79QeWtRQBy55uskNs_Z3mtnRF9XaJc9KxkzJBpF1A==
expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H2 200 truth.jpg
d3mo27ns5uxfyv.cloudfront.net/lf31/images/ 49 KB
50 KB 42ms
42ms Image
image/jpeg 18.64.84.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3mo27ns5uxfyv.cloudfront.net/lf31/images/truth.jpg
Requested by: Host: d3mo27ns5uxfyv.cloudfront.net
URL: https://d3mo27ns5uxfyv.cloudfront.net/lf31/css/mainstyles.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.84.227 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 7591bf37242303d9027dff75c30916647ff0cd27d227d49627ad43b3fedb203e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d3mo27ns5uxfyv.cloudfront.net/lf31/css/mainstyles.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 19:15:12 GMT
via: 1.1 546493e65fbc99643335c1707e70220e.cloudfront.net (CloudFront)
etag: "5e6f833f-c5c0"
last-modified: Mon, 16 Mar 2020 13:46:39 GMT
server: nginx
age: 1302855
x-powered-by: PleskLin
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=290304000, public
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
content-length: 50624
x-amz-cf-id: 9HRK2Y5OPtswo_kXaFrjBFbNKW92fRWVJ0n8NH58F1WeOUcuG3tTcA==
expires: Thu, 15 Apr 2010 20:00:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v26/ 44 KB
44 KB 36ms
15ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700italic,700,600italic,600,300,300italic,800,800italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.fresh-tax-help.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 17:04:31 GMT
x-content-type-options: nosniff
age: 446696
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 44760
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:50:17 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 21 Oct 2022 17:04:31 GMT

GET
H2 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v26/ 47 KB
47 KB 28ms
7ms Font
font/woff2 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v26/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700italic,700,600italic,600,300,300italic,800,800italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

d8dee5bb67e8a759f73dfbaeadba9220ad478a8187f58a59a50f906b0e51f65b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.fresh-tax-help.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 22 Oct 2021 06:51:05 GMT
x-content-type-options: nosniff
age: 397102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 47804
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 16:51:13 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 22 Oct 2022 06:51:05 GMT

GET
H3 200 va-9d6ac57dbcbba3321dd904e6ee78b647.js Show response
dev.visualwebsiteoptimizer.com/7.0/ 217 KB
62 KB 21ms
12ms Script
text/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/7.0/va-9d6ac57dbcbba3321dd904e6ee78b647.js
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/j.php?a=97242&u=https%3A%2F%2Fwww.fresh-tax-help.com%2Flf31%2Ffth.php%3Freqid%3D21142334%26affid%3D230%26a%3D230%26cpAFID%3D230%26cpSID%3D690317%26s1%3D690317%26cpSID2%3DAmoud_163avt0&f=1&r=0.5981375011804226
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: dd4dc0d0d19c59a7ef68a83124d01df543c44d270327ba5b5ed3caed87d10681

Request headers

Referer: https://www.fresh-tax-help.com/
Origin: https://www.fresh-tax-help.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 21:09:26 GMT
content-encoding: br
last-modified: Tue, 26 Oct 2021 06:19:50 GMT
server: gfra1
etag: "61779e06-f789"
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63369
via: 1.1 google

GET
H3 200 v.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 102ms
94ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/v.gif?cd=0&a=97242&d=fresh-tax-help.com&u=D830D28CEF5B6A603B3C67FFDE6683324&h=cd8c7025f25fcec58e53c9151a847df5&t=false&r=0.4492335306520614

Requested by

Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 21:09:27 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 89 KB
35 KB 45ms
30ms Script
application/javascript 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-PZJ6XZM&cid=1886935209.1635282567

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Google Tag Manager /

Resource Hash

e136ce0e6fc37cc74ff641ab771c5a6d123b223c78189661fc7948ffe323a75e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 21:09:27 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35718
x-xss-protection: 0
expires: Tue, 26 Oct 2021 21:09:27 GMT

GET
H/1.1 200
OK 583e8030-6ca1-2387-f3d7-11eedb8c4896.js Show response
d1tprjo2w7krrh.cloudfront.net/campaign/ 123 KB
124 KB 121ms
79ms Script
text/javascript 18.66.9.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1tprjo2w7krrh.cloudfront.net/campaign/583e8030-6ca1-2387-f3d7-11eedb8c4896.js
Requested by: Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.9.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb2cb18685d3a04ad83120d55795bfafa01fa6063b73d6af0b05eaecd292792d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: i768qhIcA1_N_ha8IahtvwiarOxdSl6E
Via: 1.1 634cb8ef257d85d9d03b5a4d492df944.cloudfront.net (CloudFront)
ETag: "7bbde599f9533a5c5ce5bdbd44ec862e"
Age: 1735
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 126350
Last-Modified: Mon, 24 May 2021 14:24:46 GMT
Server: AmazonS3
Date: Tue, 26 Oct 2021 20:40:33 GMT
Content-Type: text/javascript
Cache-Control: max-age=1800
X-Amz-Cf-Pop: TXL50-P1
Accept-Ranges: bytes
X-Amz-Cf-Id: 9N76M4K5pMDvQZKLxMcBjwiamRaqDrccO25Hwg0u8vO9Qy-KsYbpfQ==

POST
H3 200 l.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 95ms
95ms Ping
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dev.visualwebsiteoptimizer.com/l.gif?experiment_id=181&account_id=97242&cu=https%3A%2F%2Fwww.fresh-tax-help.com%2Flf31%2Ffth.php%3Freqid%3D21142334%26affid%3D230%26a%3D230%26cpAFID%3D230%26cpSID%3D690317%26s1%3D690317%26cpSID2%3DAmoud_163avt0&combination=2&s=1&u=D830D28CEF5B6A603B3C67FFDE6683324&vn=7.0.170&vns=undefined&vno=undefined&_ru=https%3A%2F%2Fforearmmurder.com%2F&eTime=1635282566460&random=0.6206445409076824

Requested by

Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/7.0/va-9d6ac57dbcbba3321dd904e6ee78b647.js

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fresh-tax-help.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 21:09:27 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 modules.bff3b8d60820fc90decc.js Show response
script.hotjar.com/ 222 KB
59 KB 56ms
19ms Script
application/javascript 18.66.2.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.bff3b8d60820fc90decc.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-654147.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.2.48 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

da4c70755f82ff615c0fd3cad94bf62b19a9d5c25ab87268097eaa9609098bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 21 Oct 2021 13:21:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 460101
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 59887
access-control-allow-origin: *
last-modified: Thu, 21 Oct 2021 13:20:57 GMT
etag: "e6ca8fed932ccfd7b742e0e3ecb6d422"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 7b78620285c9c4062375088b85834112.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: TXL50-P1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 73GCCWYTqIt9f5Usq7ibQFEP133TOck87Tg0C9nX9ruOrjSVia6GmQ==

GET
H3 200 settings.js Show response
dev.visualwebsiteoptimizer.com/ 11 KB
3 KB 9ms
9ms Script
application/javascript 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://dev.visualwebsiteoptimizer.com/settings.js?a=97242&settings_type=1&vn=7.0&r=0.7679530615651988&exc=181
Requested by: Host: dev.visualwebsiteoptimizer.com
URL: https://dev.visualwebsiteoptimizer.com/7.0/va-9d6ac57dbcbba3321dd904e6ee78b647.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.96.102.137 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 137.102.96.34.bc.googleusercontent.com
Software: gfra1 /
Resource Hash: 3d69bbb69167db5aa7b1594f906c41845bc838980eb680ead871604bee2751f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 21:09:26 GMT
via: 1.1 google
server: gfra1
content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-type: application/javascript; charset=UTF-8

GET
H3 200 s.gif
dev.visualwebsiteoptimizer.com/ 35 B
52 B 94ms
94ms Image
image/gif 34.96.102.137
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dev.visualwebsiteoptimizer.com/s.gif?account_id=97242&u=D830D28CEF5B6A603B3C67FFDE6683324&s=1635282566&p=1&tags={%22si%22:{%22181%22:%222%22}}&update=1&cq=0&vn=7.0.170&vns=undefined&vno=undefined&_cu=https%3A%2F%2Fwww.fresh-tax-help.com%2Flf31%2Ffth.php%3Freqid%3D21142334%26affid%3D230%26a%3D230%26cpAFID%3D230%26cpSID%3D690317%26s&_ru=https%3A%2F%2Fforearmmurder.com%2F&eTime=1635282566473&random=0.5461892865882823

Requested by

Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0

Protocol

Security

QUIC, , AES_128_GCM

Server

34.96.102.137 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

137.102.96.34.bc.googleusercontent.com

Software

gnv3c /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 21:09:27 GMT
via: 1.1 google
x-content-type-options: nosniff
server: gnv3c
content-type: image/gif
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 10 Jan 2005 00:00:01 GMT

GET
H2 200 showads.js Show response
ads.anura.io/ 0
350 B 106ms
7ms XHR
application/javascript 13.225.87.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.anura.io/showads.js?389697691674
Requested by: Host: script.anura.io
URL: https://script.anura.io/request.js?instance=1318140945&source=230&campaign=690317&callback=optionalCallbackFunction&290715462423
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.70 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-70.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 13:28:20 GMT
content-encoding: gzip
server: nginx
age: 27667
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: q2WmSaJqxwC4nMwYVCW4mpabWEe51pXdgDw-rDeHk3Vn3dsHJA5tWg==
via: 1.1 ccfe5851ecd4194e2d976fb32dec7539.cloudfront.net (CloudFront)

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
14ms XHR
text/plain 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=979638218&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fresh-tax-help.com%2Flf31%2Ffth.php%3Freqid%3D21142334%26affid%3D230%26a%3D230%26cpAFID%3D230%26cpSID%3D690317%26s1%3D690317%26cpSID2%3DAmoud_163avt0&dr=https%3A%2F%2Fforearmmurder.com%2F&ul=en-us&de=UTF-8&dt=Solve%20your%20IRS%20Tax%20Problems&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAEADQAAAAC~&jid=1356408257&gjid=1969558183&cid=1886935209.1635282567&tid=UA-59924857-3&_gid=790849011.1635282567&_r=1&_slc=1&z=260800353

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fresh-tax-help.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 21:09:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fresh-tax-help.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 14ms
13ms XHR
text/plain 142.250.186.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=979638218&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fresh-tax-help.com%2Flf31%2Ffth.php%3Freqid%3D21142334%26affid%3D230%26a%3D230%26cpAFID%3D230%26cpSID%3D690317%26s1%3D690317%26cpSID2%3DAmoud_163avt0&dr=https%3A%2F%2Fforearmmurder.com%2F&ul=en-us&de=UTF-8&dt=Solve%20your%20IRS%20Tax%20Problems&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=685676327&gjid=1467922519&cid=1886935209.1635282567&tid=UA-136583357-1&_gid=790849011.1635282567&_r=1&gtm=2wgak0N63X54R&z=497154024

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fresh-tax-help.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 21:09:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fresh-tax-help.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
416 B 43ms
14ms XHR
text/plain 74.125.133.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j94&tid=UA-59924857-3&cid=1886935209.1635282567&jid=1356408257&gjid=1969558183&_gid=790849011.1635282567&_u=KGBAAEACQAAAAC~&z=1869360277

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f155.1e100.net

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fresh-tax-help.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 26 Oct 2021 21:09:27 GMT
content-type: text/plain
access-control-allow-origin: https://www.fresh-tax-help.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 GenerateToken Show response
create.leadid.com/2.11.7/ 36 B
335 B 362ms
148ms XHR
text/plain 34.205.104.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.11.7/GenerateToken?msn=1&pid=fb6ffbfa-3ecb-47f4-b90b-32d37701ec9b&_=568984899
Requested by: Host: d1tprjo2w7krrh.cloudfront.net
URL: https://d1tprjo2w7krrh.cloudfront.net/campaign/583e8030-6ca1-2387-f3d7-11eedb8c4896.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.104.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-104-175.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: 6dba2ecb38d664a5732678945b175677f99defb6f29f8989275b6eadafd4082c

Request headers

Referer: https://www.fresh-tax-help.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 26 Oct 2021 21:09:27 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
472 B 54ms
30ms Image
image/gif 142.250.185.228
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j94&tid=UA-59924857-3&cid=1886935209.1635282567&jid=1356408257&_u=KGBAAEACQAAAAC~&z=1410769820

Requested by

Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.228 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f4.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 21:09:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ringpoolclick.aspx Show response
click.callerready.com/ 20 B
313 B 512ms
166ms XHR
text/plain 54.153.116.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://click.callerready.com/ringpoolclick.aspx?ClientGuid=8726B511-5E23-4DA7-9E46-13AB24116D1B&VendorGuid=8e8d1d8f-19e9-4dca-9ee9-77f3bf208861&LocationCode=CRSS2165-102&reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0&LPUrl=https%3A%2F%2Fwww.fresh-tax-help.com%2Flf31%2Ffth.php%3Freqid%3D21142334%26affid%3D230%26a%3D230%26cpAFID%3D230%26cpSID%3D690317%26s1%3D690317%26cpSID2%3DAmoud_163avt0&_=1635282567356
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.153.116.161 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-153-116-161.us-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 3ca754e76ab08aac86f5e4dbb22783bf0e3a4dfc94b16c14e7c153ddade0f670

Request headers

Accept: */*
Referer: https://www.fresh-tax-help.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 21:09:28 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: private
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization

GET
H2

204

0a88286ef7957d26
pixel.sitescout.com/iap/
Redirect Chain

https://pixel-a.basis.net/iap/0a88286ef7957d26
https://pixel.sitescout.com/iap/0a88286ef7957d26
https://pixel.sitescout.com/iap/0a88286ef7957d26?cookieQ=1

0
341 B

25ms
24ms

Image
text/plain

66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/0a88286ef7957d26?cookieQ=1
Requested by: Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Southampton, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 21:09:27 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

Redirect headers

location: https://pixel.sitescout.com/iap/0a88286ef7957d26?cookieQ=1
date: Tue, 26 Oct 2021 21:09:27 GMT
server: AC1.1
content-length: 0

GET
H/1.1 200
OK fid-17.9_click_icon.svg
rg-clients.s3.amazonaws.com/flm/ 307 B
667 B 719ms
188ms Image
image/svg+xml 52.92.160.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rg-clients.s3.amazonaws.com/flm/fid-17.9_click_icon.svg
Requested by: Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/lf31/fth.php?reqid=21142334&affid=230&a=230&cpAFID=230&cpSID=690317&s1=690317&cpSID2=Amoud_163avt0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.160.121 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 03d077a4c6a437aa70e9716b8caa7dced85675799e1cc950e4404ea8807c9e96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Tue, 26 Oct 2021 21:09:29 GMT
Last-Modified: Tue, 18 May 2021 05:23:03 GMT
Server: AmazonS3
x-amz-request-id: F0GQZN16WXJAPWNG
ETag: "022a93031904bfeaac634a01a6326b2d"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 307
x-amz-id-2: qdDPNaPpUDUs47GJgvPwIRiLDOypvM+Ih+09EIEJSmwML/16yXiJGRCwrwycP3kg0EUBvrAXXg4=

POST
H2 200 response.json Show response
script.anura.io/ 52 B
405 B 108ms
66ms XHR
application/json 18.133.97.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/response.json

Requested by

Host: script.anura.io
URL: https://script.anura.io/request.js?instance=1318140945&source=230&campaign=690317&callback=optionalCallbackFunction&290715462423

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.97.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-97-68.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

0fa89b7c9da2e6a3bc047c197d9fe437967fcb742a38f39f5914d2f52fe704ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fresh-tax-help.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 21:09:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 box-d09a446edefba0dcce5d5143e1840e9a.html Show response
vars.hotjar.com/ Frame 99B3 2 KB
1 KB 58ms
20ms Document
text/html 18.64.79.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-d09a446edefba0dcce5d5143e1840e9a.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-654147.js?sv=6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.64.79.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 69ae95b7f73e2899d0c398ed4fb9faba242bbec4d0a58b182e4dd0e7808f01ac

Request headers

:method: GET
:authority: vars.hotjar.com
:scheme: https
:path: /box-d09a446edefba0dcce5d5143e1840e9a.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.fresh-tax-help.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/

Response headers

content-type: text/html
content-length: 1044
date: Wed, 20 Oct 2021 07:15:05 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
etag: "63e08f928469ab67d9dac30c065ed182"
last-modified: Wed, 20 Oct 2021 07:15:01 GMT
x-amz-server-side-encryption: AES256
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 2a449514cebabcf6ab64b86d6a229cfe.cloudfront.net (CloudFront)
x-amz-cf-pop: TXL50-P2
x-amz-cf-id: kp1oe7wMa81gQHOKPaICPl3ZEMiqj3YLAAtQ5gJJX4uycg2q380VwQ==
age: 568462

GET
H/1.1 200
OK iframe.html Show response
d2m2wsoho8qq12.cloudfront.net/ Frame 578F 3 KB
2 KB 61ms
17ms Document
text/html 18.66.9.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=5FF4FCDD-D7E5-071E-1618-F344F3659349&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=583E8030-6CA1-2387-F3D7-11EEDB8C4896&lac=581E5A37-7A2C-A742-C313-6F515B2D3222
Requested by: Host: d1tprjo2w7krrh.cloudfront.net
URL: https://d1tprjo2w7krrh.cloudfront.net/campaign/583e8030-6ca1-2387-f3d7-11eedb8c4896.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.9.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.17.6 /
Resource Hash: 4e2d95df10e65f48daac2dcbad2cc0ef091610b5d5f77e4be8ad56a2e5aed241

Request headers

Host: d2m2wsoho8qq12.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.fresh-tax-help.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.fresh-tax-help.com/

Response headers

Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Date: Tue, 26 Oct 2021 14:11:10 GMT
Server: nginx/1.17.6
Last-Modified: Mon, 25 Oct 2021 14:18:55 GMT
ETag: W/"6176bccf-da5"
P3P: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
Content-Encoding: gzip
X-Cache: Hit from cloudfront
Via: 1.1 2f927b8fefe61ec7dd1d6dda3df37d18.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: TXL50-P1
X-Amz-Cf-Id: jIwtdhwXuR3FAYY0iRws4OeVbTSWjWhW0Z6X4wc9S4oP2Eu3-RZN2g==
Age: 25098

POST
H2 200 SaveDom Show response
create.leadid.com/2.11.7/ 0
298 B 106ms
106ms XHR
text/plain 34.205.104.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.11.7/SaveDom?msn=2&pid=fb6ffbfa-3ecb-47f4-b90b-32d37701ec9b&token=5FF4FCDD-D7E5-071E-1618-F344F3659349&_=568984900
Requested by: Host: d1tprjo2w7krrh.cloudfront.net
URL: https://d1tprjo2w7krrh.cloudfront.net/campaign/583e8030-6ca1-2387-f3d7-11eedb8c4896.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.104.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-104-175.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fresh-tax-help.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 26 Oct 2021 21:09:28 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.7/ 0
298 B 189ms
189ms XHR
text/plain 34.205.104.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.11.7/InitFormData?msn=3&pid=fb6ffbfa-3ecb-47f4-b90b-32d37701ec9b&token=5FF4FCDD-D7E5-071E-1618-F344F3659349&_=568984901
Requested by: Host: d1tprjo2w7krrh.cloudfront.net
URL: https://d1tprjo2w7krrh.cloudfront.net/campaign/583e8030-6ca1-2387-f3d7-11eedb8c4896.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.104.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-104-175.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fresh-tax-help.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 26 Oct 2021 21:09:28 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 result.json Show response
script.anura.io/ 41 B
396 B 39ms
39ms XHR
application/json 18.133.97.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/result.json

Requested by

Host: www.fresh-tax-help.com
URL: https://www.fresh-tax-help.com/assets/js/anura.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.133.97.68 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-133-97-68.eu-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

73c54eec23bd5786eee2abde558ae996cc30db654cc6d513369ef8e6e1681de9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fresh-tax-help.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 26 Oct 2021 21:09:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 iframe.html Show response
deviceid.trueleadid.com/ Frame 0003 4 KB
2 KB 342ms
109ms Document
text/html 52.200.177.220
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://deviceid.trueleadid.com/iframe.html?token=5FF4FCDD-D7E5-071E-1618-F344F3659349&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=583E8030-6CA1-2387-F3D7-11EEDB8C4896&lac=581E5A37-7A2C-A742-C313-6F515B2D3222
Requested by: Host: d2m2wsoho8qq12.cloudfront.net
URL: https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=5FF4FCDD-D7E5-071E-1618-F344F3659349&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=583E8030-6CA1-2387-F3D7-11EEDB8C4896&lac=581E5A37-7A2C-A742-C313-6F515B2D3222
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.200.177.220 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-200-177-220.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a

Request headers

:method: GET
:authority: deviceid.trueleadid.com
:scheme: https
:path: /iframe.html?token=5FF4FCDD-D7E5-071E-1618-F344F3659349&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=583E8030-6CA1-2387-F3D7-11EEDB8C4896&lac=581E5A37-7A2C-A742-C313-6F515B2D3222
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d2m2wsoho8qq12.cloudfront.net/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d2m2wsoho8qq12.cloudfront.net/

Response headers

date: Tue, 26 Oct 2021 21:09:28 GMT
content-type: text/html
server: nginx
last-modified: Thu, 16 Sep 2021 02:33:38 GMT
etag: W/"6142ad02-1049"
expires: Wed, 27 Oct 2021 21:09:28 GMT
cache-control: max-age=86400 public
p3p: CP="NOI DSP COR NID CUR ADM DEV OUR BUS"
content-encoding: gzip

GET
H2 200 SaveDeviceId.js Show response
create.leadid.com/2.11.7/ Frame 0003 0
302 B 296ms
101ms Script
text/javascript 34.205.104.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.11.7/SaveDeviceId.js?lac=581E5A37-7A2C-A742-C313-6F515B2D3222&lck=583E8030-6CA1-2387-F3D7-11EEDB8C4896&methods=48&token=5FF4FCDD-D7E5-071E-1618-F344F3659349&uuid=fab6b30b555c4323a3fecde02cc9e7f7
Requested by: Host: deviceid.trueleadid.com
URL: https://deviceid.trueleadid.com/iframe.html?token=5FF4FCDD-D7E5-071E-1618-F344F3659349&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=583E8030-6CA1-2387-F3D7-11EEDB8C4896&lac=581E5A37-7A2C-A742-C313-6F515B2D3222
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.104.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-104-175.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://deviceid.trueleadid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 26 Oct 2021 21:09:28 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.11.7/ 0
298 B 391ms
102ms XHR
text/plain 34.205.104.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.11.7/Snap?msn=4&pid=fb6ffbfa-3ecb-47f4-b90b-32d37701ec9b&token=5FF4FCDD-D7E5-071E-1618-F344F3659349&_=568984902
Requested by: Host: d1tprjo2w7krrh.cloudfront.net
URL: https://d1tprjo2w7krrh.cloudfront.net/campaign/583e8030-6ca1-2387-f3d7-11eedb8c4896.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.104.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-104-175.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fresh-tax-help.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 26 Oct 2021 21:09:28 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 InitFormData Show response
create.leadid.com/2.11.7/ 0
298 B 128ms
99ms XHR
text/plain 34.205.104.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.11.7/InitFormData?msn=5&pid=fb6ffbfa-3ecb-47f4-b90b-32d37701ec9b&token=5FF4FCDD-D7E5-071E-1618-F344F3659349&_=568984903
Requested by: Host: d1tprjo2w7krrh.cloudfront.net
URL: https://d1tprjo2w7krrh.cloudfront.net/campaign/583e8030-6ca1-2387-f3d7-11eedb8c4896.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.104.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-104-175.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fresh-tax-help.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 26 Oct 2021 21:09:28 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 Snap Show response
create.leadid.com/2.11.7/ 0
298 B 102ms
101ms XHR
text/plain 34.205.104.175
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://create.leadid.com/2.11.7/Snap?msn=6&pid=fb6ffbfa-3ecb-47f4-b90b-32d37701ec9b&token=5FF4FCDD-D7E5-071E-1618-F344F3659349&_=568984904
Requested by: Host: d1tprjo2w7krrh.cloudfront.net
URL: https://d1tprjo2w7krrh.cloudfront.net/campaign/583e8030-6ca1-2387-f3d7-11eedb8c4896.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.205.104.175 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-205-104-175.compute-1.amazonaws.com
Software: nginx/1.17.6 / PHP/7.1.33
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fresh-tax-help.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 26 Oct 2021 21:09:28 GMT
content-encoding: gzip
server: nginx/1.17.6
x-powered-by: PHP/7.1.33
access-control-max-age: 1728000
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-headers: X-Requested-With, Content-Type
expires: Sat, 26 Jul 1997 05:00:00 GMT

Verdicts & Comments Add Verdict or Comment

132 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
forearmmurder.com/	1970-01-19 22:57:54	Name: uid9914 Value: 1200743601-20211026170925-d6a43fef8cbdfbc8a21c4de0e58d01e9-
.fthmlf-trk.com/	1969-12-31 23:59:59	Name: sfd Value: cF3MpXms/m9IE75zWBU5WWRR9bG2Jpp5l6fdRTB84xP2am0jDRerjw==
.fthmlf-trk.com/	1970-01-21 18:03:43	Name: tym Value: LYlSGpu+Vq1IE75zWBU5WWRR9bG2Jpp5l6fdRTB84xP2am0jDRerjw==
.fthmlf-trk.com/	1970-01-19 22:57:54	Name: c34 Value: cF3MpXms/m8BDAp7laj0pBCu1+CqXKR4tOFoGlzWDdM=
www.fresh-tax-help.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: efu82pbepsc44p8fujfi563lt4
.fresh-tax-help.com/	1970-01-20 07:01:44	Name: _vwo_uuid_v2 Value: D830D28CEF5B6A603B3C67FFDE6683324\|cd8c7025f25fcec58e53c9151a847df5
.fresh-tax-help.com/	1970-01-20 15:45:54	Name: _ga Value: GA1.2.1886935209.1635282567
.fresh-tax-help.com/	1970-01-19 22:16:08	Name: _gid Value: GA1.2.790849011.1635282567
.fresh-tax-help.com/	1970-01-20 00:38:42	Name: _vis_opt_s Value: 1%7C
.fresh-tax-help.com/	1969-12-31 23:59:59	Name: _vis_opt_test_cookie Value: 1
.fresh-tax-help.com/	1970-01-23 13:50:42	Name: _vwo_uuid Value: D830D28CEF5B6A603B3C67FFDE6683324
.fresh-tax-help.com/	1970-01-20 00:24:18	Name: _vwo_ds Value: 3%241635282566%3A27.99524066%3A%3A
.fresh-tax-help.com/	1970-01-19 22:14:44	Name: _vwo_sn Value: 0%3A1
.fresh-tax-help.com/	1970-01-19 22:14:42	Name: _gat Value: 1
.fresh-tax-help.com/	1970-01-19 22:14:42	Name: _gat_UA-136583357-1 Value: 1
.fresh-tax-help.com/	1970-01-20 07:00:18	Name: _hjid Value: 7ca87dce-5c50-4e47-b6ad-bd7e18bd9b11
.fresh-tax-help.com/	1970-01-19 22:14:44	Name: _hjFirstSeen Value: 1
widget.callerready.com/	1970-01-19 22:24:47	Name: AWSALBCORS Value: MVwd1CBjHNBB9f6FUatz1fLaabN2Jas2KT7NzYxV994qT880jUm5XSAnipvm2g3/oFMnfRwfGRpScxsXJInHPZdiB+E10ON6XxrUJY6ybqa8o0i66jDDN256f9+k
.fresh-tax-help.com/	1970-01-20 00:38:42	Name: _vis_opt_exp_181_combi Value: 2
www.fresh-tax-help.com/	1970-01-19 22:14:43	Name: leadid_token-581E5A37-7A2C-A742-C313-6F515B2D3222-583E8030-6CA1-2387-F3D7-11EEDB8C4896 Value: 5FF4FCDD-D7E5-071E-1618-F344F3659349
.fresh-tax-help.com/	1970-01-19 22:14:44	Name: _hjAbsoluteSessionInProgress Value: 0
.sitescout.com/	1970-01-20 07:00:18	Name: ssi Value: 52773436-8e59-40c8-9abc-a5f2b4f9ef9d#1635282568032
www.fresh-tax-help.com/	1970-01-19 22:14:43	Name: CRRingpoolNumber Value: 8335590495
.deviceid.trueleadid.com/	1970-01-25 20:28:19	Name: uuid Value: fab6b30b555c4323a3fecde02cc9e7f7

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://script.anura.io/request.js?instance=1318140945&source=230&campaign=690317&callback=optionalCallbackFunction&290715462423(Line 14) Message: 'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.anura.io
ajax.googleapis.com
cdnjs.cloudflare.com
click.callerready.com
create.leadid.com
d1tprjo2w7krrh.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
d3mo27ns5uxfyv.cloudfront.net
dev.visualwebsiteoptimizer.com
deviceid.trueleadid.com
fonts.googleapis.com
fonts.gstatic.com
forearmmurder.com
fthmlf-trk.com
i-oxldon.info
maxcdn.bootstrapcdn.com
pixel-a.basis.net
pixel.sitescout.com
rg-clients.s3.amazonaws.com
script.anura.io
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
storage.googleapis.com
vars.hotjar.com
widget.callerready.com
www.fresh-tax-help.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
103.1.212.226
104.16.18.94
104.18.11.207
13.225.87.70
142.250.185.170
142.250.185.202
142.250.185.228
142.250.185.67
142.250.186.78
142.250.186.80
172.217.23.104
18.133.97.68
18.64.79.50
18.64.84.227
18.66.2.17
18.66.2.48
18.66.9.137
18.66.9.224
195.154.39.75
205.186.142.74
34.205.104.175
34.96.102.137
44.224.10.104
52.200.177.220
52.92.160.121
54.153.116.161
54.177.62.4
66.155.71.150
74.125.133.155
01b339b678ceee0f09250d8bc5df75b58e3d5cb0cd897f88f154ba3cae6424ac
03d077a4c6a437aa70e9716b8caa7dced85675799e1cc950e4404ea8807c9e96
04b0cbdf6979f4df4fffd5f9f89ba200fb531000bb5280eaae526c42c435bec3
069aaa6bd5a2e9ecd055763c6dcbc7b07ce47499346d211a6828b0e580077ee4
0fa89b7c9da2e6a3bc047c197d9fe437967fcb742a38f39f5914d2f52fe704ac
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
35146b3977e9afd7995d9dfe75ec0fb558b2b91ff785aeb5e7bfaa03c3908fcf
3a41fc34b77adc60eb5e70ae86e0b48b7e19ec460b6fb1b04433b88bb402270b
3ca754e76ab08aac86f5e4dbb22783bf0e3a4dfc94b16c14e7c153ddade0f670
3d0c05d6e9f1a4db40ff449f8dfd19088d2f9639893f6895d45a523d7c725c71
3d69bbb69167db5aa7b1594f906c41845bc838980eb680ead871604bee2751f6
458859c09dede653365b7dd2b3cc8b52d6461e9364ead7ef7cd6374a7cb8a97a
4b5b3e42bbc834e0d006a1174c0807ce3788ef230827f78173aa0873b916c924
4e2d95df10e65f48daac2dcbad2cc0ef091610b5d5f77e4be8ad56a2e5aed241
5373e91d74457da7a37971413eba37e02861d5456ecd1e59b79867a87dc69470
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
699c9b043f0c1b8356c54a17ac69d2900f6277a0ca2a1813feac43fa264655dd
69ae95b7f73e2899d0c398ed4fb9faba242bbec4d0a58b182e4dd0e7808f01ac
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6dba2ecb38d664a5732678945b175677f99defb6f29f8989275b6eadafd4082c
73c54eec23bd5786eee2abde558ae996cc30db654cc6d513369ef8e6e1681de9
7591bf37242303d9027dff75c30916647ff0cd27d227d49627ad43b3fedb203e
76713530c4e90ba3b4a9118a7b10808d9eb43685aee7e9c00cdadb9c4293222a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9090cdece60946d0d2a27020967d395d313fe21201060a1688903bc8c48ef511
9befd10497945a6b8ac86bc203ae124f70516ce206ce4efde14cf68d396ca634
a4643549cb365288c5e9c72eeae214c91eeeb86e913149b310826850015994a0
a54989bb70916d7410386826b353b04c0dea9986eed4587d262a3e9cf355309d
a98ebbb3ce6ec73bda1a44f458d5f51097884abc6b9e862b40b1d92df7cf80c4
aa1d80cdf0990e97a21069ab16c048ef90a35df1165b87d19accabd7c4edc860
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afd29ee98411837f24cf162dbc4eb26f6c1ccea5e812572655609da2ed1e0469
b6f1b4ee4ab7166896918e1fbf1c69d351a5d374505dc7dfb9ffcc8610a236cc
bb19d37f992f5dcddc13d3692d41399cf86ab9d575b324b8aa6d667acabb1526
c3d3c6235530256fd91aa2f86a8589d3e9ca78805d87ee90248a06644bcd4243
d48627280342865619f609659c4a2cd8486b4105d4150cafa491da1eb3ae971f
d8a954a61020a5f26298a414f4ba3e0ef0d25cd98de2012014d5b01776fc5ceb
d8dee5bb67e8a759f73dfbaeadba9220ad478a8187f58a59a50f906b0e51f65b
da117ccecdb0108176c78aa06522f98ffd350a65b039b436a2d81e354eb16d60
da4c70755f82ff615c0fd3cad94bf62b19a9d5c25ab87268097eaa9609098bec
dd4dc0d0d19c59a7ef68a83124d01df543c44d270327ba5b5ed3caed87d10681
de95e51deb4921104e1d5c351e74408b9f0085ff37576c0edfd77e5851db0c15
e136ce0e6fc37cc74ff641ab771c5a6d123b223c78189661fc7948ffe323a75e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb2cb18685d3a04ad83120d55795bfafa01fa6063b73d6af0b05eaecd292792d
eece6e0c65b7007ab0eb1b4998d36dafe381449525824349128efc3f86f4c91c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7f480e008e61f1d28d9c096d9cf3095d11b1fd5a5603db6e6c5a21898c07d4a
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

www.fresh-tax-help.com Open in urlscan Pro 205.186.142.74 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

100 %HTTPS

0 %IPv6

22 Domains

30 Subdomains

27 IPs

4 Countries

958 kBTransfer

1976 kBSize

24 Cookies

1 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.fresh-tax-help.com Open in urlscan Pro
205.186.142.74 Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

100 %
HTTPS

0 %
IPv6

22
Domains

30
Subdomains

27
IPs

4
Countries

958 kB
Transfer

1976 kB
Size

24
Cookies

63 HTTP transactions
0 data transactions