urlscan.io logo urlscan.io
SecurityTrails logo

freedomtaxrefund.com Open in urlscan Pro
34.83.38.241  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.freedomtaxrefund.com/
Effective URL: https://freedomtaxrefund.com/
Submission: On February 16 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 3 countries across 8 domains to perform 69 HTTP transactions. The main IP is 34.83.38.241, located in The Dalles, United States and belongs to GOOGLE-PRIVATE-CLOUD, US. The main domain is freedomtaxrefund.com.
TLS certificate: Issued by R3 on February 16th 2022. Valid for: 3 months.
This is the only time freedomtaxrefund.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 34.83.38.241 396982 (GOOGLE-PR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
7 23.96.4.241 8075 (MICROSOFT...)
3 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
20 2620:1ec:bdf::44 8068 (MICROSOFT...)
11 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
69 13
16    34.83.38.241 (The Dalles, United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 241.38.83.34.bc.googleusercontent.com
www.freedomtaxrefund.com
freedomtaxrefund.com
cardsetter.com
1    2a00:1450:400e:80e::200a (Ireland)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
3    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
7    23.96.4.241 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.cognitoforms.com
3    2a06:98c1:3120::f (United States)

ASN13335 (CLOUDFLARENET, US)
ka-f.fontawesome.com
1    2a00:1450:400e:801::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
20    2620:1ec:bdf::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
static.cognitoforms.com
11    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
3    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.gstatic.com
2    2a00:1450:400e:801::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:400e:810::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
27 cognitoforms.com
www.cognitoforms.com — Cisco Umbrella Rank: 46943
static.cognitoforms.com — Cisco Umbrella Rank: 104575
272 KB
15 freedomtaxrefund.com
www.freedomtaxrefund.com
freedomtaxrefund.com
614 KB
14 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 250
maps.googleapis.com — Cisco Umbrella Rank: 349
fonts.googleapis.com — Cisco Umbrella Rank: 35
467 KB
5 gstatic.com
maps.gstatic.com
fonts.gstatic.com
98 KB
4 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1582
ka-f.fontawesome.com — Cisco Umbrella Rank: 2933
23 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 197
11 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 cardsetter.com
cardsetter.com
4 KB
69 8
Domain Requested by
20 static.cognitoforms.com www.cognitoforms.com
14 freedomtaxrefund.com freedomtaxrefund.com
11 maps.googleapis.com www.google.com
maps.googleapis.com
7 www.cognitoforms.com freedomtaxrefund.com
www.cognitoforms.com
static.cognitoforms.com
3 maps.gstatic.com www.google.com
freedomtaxrefund.com
3 ka-f.fontawesome.com kit.fontawesome.com
3 cdnjs.cloudflare.com freedomtaxrefund.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com www.cognitoforms.com
static.cognitoforms.com
1 www.google.com freedomtaxrefund.com
1 cardsetter.com freedomtaxrefund.com
1 kit.fontawesome.com freedomtaxrefund.com
1 ajax.googleapis.com freedomtaxrefund.com
1 www.freedomtaxrefund.com 1 redirects
69 14

This site contains links to these domains. Also see Links.

Domain
goo.gl
cardsetter.com
Subject Issuer Validity Valid
freedomtaxrefund.com
R3		 2022-02-16 -
2022-05-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-02-07 -
2022-05-02		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-01 -
2023-01-01		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.cognitoforms.com
Go Daddy Secure Certificate Authority - G2		 2020-06-13 -
2022-08-29		 2 years crt.sh
cardsetter.com
R3		 2022-02-09 -
2022-05-10		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://freedomtaxrefund.com/
Frame ID: 82CCA4DFE29AF18BC6149A6CC84EC0BF
Requests: 24 HTTP requests in this frame

Frame: https://www.cognitoforms.com/f/Tvg7jDdv30WqXFGuvk-qBQ/1
Frame ID: 8BB3E76982484A3291AD19C05990EE06
Requests: 31 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3580.5220617313985!2d-80.20610998497041!3d26.179690483448848!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x88d9041dfa7ac065%3A0x244727f348d4b6eb!2s4397%20N%20State%20Rd%207%2C%20Lauderdale%20Lakes%2C%20FL%2033319%2C%20USA!5e0!3m2!1sen!2srs!4v1644685958635!5m2!1sen!2srs
Frame ID: 20B7B0E2D9206DAE85CD101CC4F20C0D
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Freedom Tax Services

Page URL History Show full URLs

  1. https://www.freedomtaxrefund.com/ HTTP 301
    https://freedomtaxrefund.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

69
Requests

100 %
HTTPS

83 %
IPv6

8
Domains

14
Subdomains

13
IPs

3
Countries

1491 kB
Transfer

3900 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.freedomtaxrefund.com/ HTTP 301
    https://freedomtaxrefund.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

69 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
freedomtaxrefund.com/
Redirect Chain
  • https://www.freedomtaxrefund.com/
  • https://freedomtaxrefund.com/
128 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://freedomtaxrefund.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.83.38.241 The Dalles, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
241.38.83.34.bc.googleusercontent.com
Software
nginx/1.15.10 /
Resource Hash
59283f95a847220905eb3934b86da7c752a4b1f7581852876189cd9cedf5174a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx/1.15.10
date
Wed, 16 Feb 2022 01:46:20 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
cache-control
public, s-maxage=3600
etag
W/"20180-kdAxqDN4Iqgz06VA2viH7E7pxVk"
age
41
strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip

Redirect headers

server
nginx/1.15.10
date
Wed, 16 Feb 2022 01:46:19 GMT
content-type
text/html
content-length
170
location
https://freedomtaxrefund.com
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:80e::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedomtaxrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 13:25:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
130863
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33507
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 14 Feb 2023 13:25:17 GMT
4678887713.js
kit.fontawesome.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/4678887713.js
Requested by
Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36cee952a1cc4af1b3784e5f52731e544f323e198f32248ce18947ac80d27920
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://freedomtaxrefund.com/
Origin
https://freedomtaxrefund.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 01:46:20 GMT
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=60, public, must-revalidate
strict-transport-security
max-age=31536000; preload
cf-ray
6de31a0698273748-MXP
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
FtQg8Fy6M2cIE8mLXvBB
drawer.min.css
cdnjs.cloudflare.com/ajax/libs/drawer/3.2.2/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/drawer/3.2.2/css/drawer.min.css
Requested by
Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0828d30d904cdb14a90cff420541165a1eb0567dee4300186565f367018fd06
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedomtaxrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 01:46:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
84669
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1246
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:34 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e3e-1ac9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MBKreA1GkguC5ZYgAML6bEsyP4fOQ3VtHNl%2Fj0fk06JQQtdiCjFwmVrEKeMlKlSJ2R338nNbZliaSObTUwHkOJLwoLWRIs3ZY%2F7wKCBIREu2LKuSRv%2BPCoZWogfK2NCafYop3lngeFpc7GRoqRP29yv0"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6de31a072af583ac-MXP
expires
Mon, 06 Feb 2023 01:46:20 GMT
iscroll.min.js
cdnjs.cloudflare.com/ajax/libs/iScroll/5.2.0/ 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/iScroll/5.2.0/iscroll.min.js
Requested by
Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95ea62b1500600dbaf8354a2a2a8f0f9e9d023217c53bb215a9aaa0524a44efb
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedomtaxrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 01:46:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8845470
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7559
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:10 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e9e-80dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MZnwOMbdKARv8EK9fPJgpObrvwOS1HV4UFkTvrSM%2B558LY81buhzafHve7O0H3AecB8RVx5uzZUzfELEgn4BDkfEqhZNAHuD6LMN4ihqS2OeJ3ARLidKxIta4OpfRCr7Np42akRdDbtFal3gg0W0ypDW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6de31a072af683ac-MXP
expires
Mon, 06 Feb 2023 01:46:20 GMT
drawer.min.js
cdnjs.cloudflare.com/ajax/libs/drawer/3.2.2/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/drawer/3.2.2/js/drawer.min.js
Requested by
Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a96b79230a7166f85e822caf6ebc7f0481a83c98099e1004c5b9b9aba3c4743c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedomtaxrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 01:46:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
542141
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
883
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:34 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e3e-b36"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xq2V2oWwxU0WPnGQkG%2BE7XcnYOTFN0auy7hCvd6zh3YLCL49U%2B4MLbJAS6pIamoRRS9xUEQg%2BgKzrPheHJ6qlU0yMny1V%2BvnFwuBOp2NhrE%2Bqi4JzoQICK6DgqWRwj070N%2FEv2yR%2F5jTZvoGBQ8GfYiu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6de31a072af783ac-MXP
expires
Mon, 06 Feb 2023 01:46:20 GMT
logo.jpg
freedomtaxrefund.com/images/img_W4CD55GVrCoL1X2jSqjMLr/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedomtaxrefund.com/images/img_W4CD55GVrCoL1X2jSqjMLr/logo.jpg
Requested by
Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.83.38.241 The Dalles, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
241.38.83.34.bc.googleusercontent.com
Software
nginx/1.15.10 /
Resource Hash
bf85f082ac0307f67e36e703a07cd187c3081bbb396f42c4c6a3470cdc9fae80
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedomtaxrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 01:46:20 GMT
server
nginx/1.15.10
age
41
etag
"1a755ab78ccfac466bd6f5bacdae1d3916984e90"
vary
x-accept-webp
content-type
image/webp
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
strict-transport-security
max-age=15724800; includeSubDomains
accept-ranges
bytes
content-length
10612
iframe.js
www.cognitoforms.com/f/ 		63 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cognitoforms.com/f/iframe.js
Requested by
Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.4.241 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
529c90edaa72f59d520b28990d2c221b4b75d2c27560213a8518d7669ae32a6c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*; img-src * data:; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline'; frame-src 'self' https://* mailto:
Strict-Transport-Security max-age=35136000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedomtaxrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=35136000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
*
p3p
CP="Cognito does not have a P3P policy. Visit https://cognitoforms.com/privacy for details."
vary
Accept-Encoding
content-length
26101
request-context
appId=cid-v1:bac45fa9-8f8e-4ddb-8e70-d648fe57a27a
x-server-time
2022-02-16T01:46:20.903Z
referrer-policy
origin-when-cross-origin
server
Microsoft-IIS/10.0
date
Wed, 16 Feb 2022 01:46:20 GMT
x-role-instance
Cognito.Services_IN_7
content-type
application/javascript
pragma
no-cache
access-control-expose-headers
X-SessionToken,X-Server-Time
cache-control
no-cache, no-store, must-revalidate
x-request-time
4ms
content-security-policy
default-src 'self' https://*; img-src * data:; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline'; frame-src 'self' https://* mailto:
expires
-1
logo
cardsetter.com/images/img_ER9LaDJ3Gv9pq8yW5AvhKT/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cardsetter.com/images/img_ER9LaDJ3Gv9pq8yW5AvhKT/logo?fit=inside&h=60&w=300
Requested by
Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.83.38.241 The Dalles, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
241.38.83.34.bc.googleusercontent.com
Software
nginx/1.15.10 /
Resource Hash
23173c3ea07b31e220006cf4684515fe0d7b5e5b8dc23a10b388567eb9eafdc7
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedomtaxrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 01:46:21 GMT
server
nginx/1.15.10
age
1480
etag
"8ba0f4b3b844e288752ec56e37b428623b5d2710"
vary
x-accept-webp
content-type
image/webp
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
strict-transport-security
max-age=15724800; includeSubDomains
accept-ranges
bytes
content-length
3576
9f3cdc24fe876b354539.js
freedomtaxrefund.com/assets/ 		223 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://freedomtaxrefund.com/assets/9f3cdc24fe876b354539.js
Requested by
Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.83.38.241 The Dalles, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
241.38.83.34.bc.googleusercontent.com
Software
nginx/1.15.10 /
Resource Hash
9473375ad87ce6b6a0ffcf10091df24b56b0492ac233b5d106716f4a728ec71c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedomtaxrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 01:46:20 GMT
content-encoding
gzip
last-modified
Thu, 21 Oct 2021 00:19:41 GMT
server
nginx/1.15.10
age
41
etag
W/"37a89-17ca037c148"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
strict-transport-security
max-age=15724800; includeSubDomains
62cc9d22535e90beca84.js
freedomtaxrefund.com/assets/ 		235 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://freedomtaxrefund.com/assets/62cc9d22535e90beca84.js
Requested by
Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.83.38.241 The Dalles, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
241.38.83.34.bc.googleusercontent.com
Software
nginx/1.15.10 /
Resource Hash
8d83b16e8e509c614fedea4b882cf8d045e4f195506a5184258b68bae8693069
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedomtaxrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 01:46:20 GMT
content-encoding
gzip
last-modified
Thu, 21 Oct 2021 00:19:41 GMT
server
nginx/1.15.10
age
41
etag
W/"3ad98-17ca037c148"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
strict-transport-security
max-age=15724800; includeSubDomains
339caa491dc90a74b2b0.js
freedomtaxrefund.com/assets/ 		197 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://freedomtaxrefund.com/assets/339caa491dc90a74b2b0.js
Requested by
Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.83.38.241 The Dalles, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
241.38.83.34.bc.googleusercontent.com
Software
nginx/1.15.10 /
Resource Hash
1a0ba9ad4fee38586304bea3273545f7692a214ff2a3742f515b0c17de7c12b3
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedomtaxrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 01:46:20 GMT
content-encoding
gzip
last-modified
Thu, 21 Oct 2021 00:19:41 GMT
server
nginx/1.15.10
age
41
etag
W/"315d7-17ca037c148"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
strict-transport-security
max-age=15724800; includeSubDomains
180cec1772a8dd8a8c92.js
freedomtaxrefund.com/assets/ 		200 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://freedomtaxrefund.com/assets/180cec1772a8dd8a8c92.js
Requested by
Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.83.38.241 The Dalles, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
241.38.83.34.bc.googleusercontent.com
Software
nginx/1.15.10 /
Resource Hash
52d5d24d30ef6cd9ffe67b7830bc6a58028142044a7e9e584e4bd685b908e0d6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedomtaxrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 01:46:20 GMT
content-encoding
gzip
last-modified
Thu, 21 Oct 2021 00:19:41 GMT
server
nginx/1.15.10
age
41
etag
W/"32063-17ca037c148"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
strict-transport-security
max-age=15724800; includeSubDomains
94ce9e96e75cba26f0f5.js
freedomtaxrefund.com/assets/ 		80 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://freedomtaxrefund.com/assets/94ce9e96e75cba26f0f5.js
Requested by
Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.83.38.241 The Dalles, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
241.38.83.34.bc.googleusercontent.com
Software
nginx/1.15.10 /
Resource Hash
32c1cf52bfba378e0488557e63a71e251bd2ca5519fe73665d483d6f0f19584a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedomtaxrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 01:46:20 GMT
content-encoding
gzip
last-modified
Thu, 21 Oct 2021 00:19:41 GMT
server
nginx/1.15.10
age
41
etag
W/"141eb-17ca037c148"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
strict-transport-security
max-age=15724800; includeSubDomains
2234b1c205e1caa542d0.js
freedomtaxrefund.com/assets/ 		226 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://freedomtaxrefund.com/assets/2234b1c205e1caa542d0.js
Requested by
Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.83.38.241 The Dalles, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
241.38.83.34.bc.googleusercontent.com
Software
nginx/1.15.10 /
Resource Hash
69a2532196c3fa6b003bab159a9af83a56fec3e189a450c3eb9c4b1122a3bd17
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedomtaxrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 01:46:20 GMT
content-encoding
gzip
last-modified
Thu, 21 Oct 2021 00:19:41 GMT
server
nginx/1.15.10
age
41
etag
W/"387a7-17ca037c148"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
strict-transport-security
max-age=15724800; includeSubDomains
46f110be6a2ad0085cbb.js
freedomtaxrefund.com/assets/ 		105 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://freedomtaxrefund.com/assets/46f110be6a2ad0085cbb.js
Requested by
Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.83.38.241 The Dalles, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
241.38.83.34.bc.googleusercontent.com
Software
nginx/1.15.10 /
Resource Hash
a5490df5af20a737d00e6020ad9801673b3b43a9da5905ca0f84ad71ec0b1173
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedomtaxrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 01:46:20 GMT
content-encoding
gzip
last-modified
Thu, 21 Oct 2021 00:19:41 GMT
server
nginx/1.15.10
age
41
etag
W/"1a3a2-17ca037c148"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
strict-transport-security
max-age=15724800; includeSubDomains
88e54110b2faeb16b49f.js
freedomtaxrefund.com/assets/ 		209 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://freedomtaxrefund.com/assets/88e54110b2faeb16b49f.js
Requested by
Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.83.38.241 The Dalles, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
241.38.83.34.bc.googleusercontent.com
Software
nginx/1.15.10 /
Resource Hash
58d1bb2f4f1e5a6ed723c936429b37a10c1ab9faa7bdfc8795caa09e61ae730f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedomtaxrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 01:46:20 GMT
content-encoding
gzip
last-modified
Thu, 21 Oct 2021 00:19:41 GMT
server
nginx/1.15.10
age
41
etag
W/"3459f-17ca037c148"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
strict-transport-security
max-age=15724800; includeSubDomains
6226c1d6ccf5967e03a4.js
freedomtaxrefund.com/assets/ 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://freedomtaxrefund.com/assets/6226c1d6ccf5967e03a4.js
Requested by
Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.83.38.241 The Dalles, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
241.38.83.34.bc.googleusercontent.com
Software
nginx/1.15.10 /
Resource Hash
2107a3465e87623f98f69f02f7e5bd66b67268784ee211090f7502774ad0085d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedomtaxrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 01:46:20 GMT
content-encoding
gzip
last-modified
Thu, 21 Oct 2021 00:19:41 GMT
server
nginx/1.15.10
age
41
etag
W/"ae00-17ca037c148"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
strict-transport-security
max-age=15724800; includeSubDomains
free.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		59 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=4678887713
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/4678887713.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedomtaxrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 01:46:20 GMT
via
1.1 82a476a12dec0fbc7a41b159bd76cf6a.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MXP63-P1
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awqaTU7Lu8kA5KveAjbAQMMF9aAErVCv26UoifgB%2FATmQ4EwU11EMT4Cmtfetn7SmkZsq7LPkoKg37%2FdaNBk0rcDj13tPBBANZlE31MdN3SrtDf1W6SvfCv3SkXN8UIAoQPaZrRGuvio0VMaxRQR36vvqw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6de31a079db90e16-MXP
access-control-allow-headers
fa-kit-token
x-amz-cf-id
Q-VQ2LEwLvEX19nwlN4UxkLgovWRouAlprwrTKrrb7p46T0Z6krbiw==
free-v4-shims.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		26 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=4678887713
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/4678887713.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedomtaxrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 01:46:20 GMT
via
1.1 d2efc2528c9d37ec19b94a3d8dc21422.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MXP63-P1
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"76f34b71fc9fb641507ff6a822cc07f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JGleq1ibeJja4Ga3wwxa0Vaxxck2v4jE1HzwTxGm03NdNhPidNJLy9B%2FPVxXpBb8vkCk3IOOuElrNaNgX295LgRkFGiEHjHMKBckqaL61N6GUJCwx%2Bc3jm8kMRKQPWCnORYuHcvitVxqrL8M4jCvKryCFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6de31a079dbb0e16-MXP
access-control-allow-headers
fa-kit-token
x-amz-cf-id
PaGbH_81ELs_NbYyRlx6XTLR7QX-BIvKaM7H73BMpcLNJsnQx6U-zA==
free-v4-font-face.min.css
ka-f.fontawesome.com/releases/v5.15.4/css/ 		3 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=4678887713
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/4678887713.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedomtaxrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 01:46:20 GMT
via
1.1 018d49139552bac4221d8e525a1600be.cloudfront.net (CloudFront)
vary
Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
MXP63-P1
x-cache
Hit from cloudfront
access-control-allow-methods
GET
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
etag
W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pf4tbgP5%2FqLPzfQjw4RWDZLUDX%2FCIpIv82q7EzsOf6svA1%2FhZy7N%2FfWHn6dwNc8SqGkl8xJAuFqRP4eHXrOnfnZXAUXtmPkZWuwpaGnr6gjp6aBDX3ZvnW1GIsLDJiKhDFacZoSKRRSUIWACVSIC47zNaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
6de31a079dbc0e16-MXP
access-control-allow-headers
fa-kit-token
x-amz-cf-id
nLqRt4ZV2j-qebd9woJEnCNzLSjm0omYx2n5NPMt7VGPavthe28jAQ==
1
www.cognitoforms.com/f/Tvg7jDdv30WqXFGuvk-qBQ/ Frame 8BB3 		597 B
579 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cognitoforms.com/f/Tvg7jDdv30WqXFGuvk-qBQ/1
Requested by
Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.4.241 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
38cd770dbbb79722083eac0846f9d4776b7f2ac51c0fb498137aead03050b196
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*; img-src * data:; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline'; frame-src 'self' https://* mailto:
Strict-Transport-Security max-age=35136000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://freedomtaxrefund.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
content-type
text/html; charset=utf-8
content-encoding
gzip
expires
-1
vary
Accept-Encoding
server
Microsoft-IIS/10.0
strict-transport-security
max-age=35136000; includeSubDomains
access-control-allow-origin
*
x-server-time
2022-02-16T01:46:20.903Z
access-control-expose-headers
X-SessionToken,X-Server-Time
p3p
CP="Cognito does not have a P3P policy. Visit https://cognitoforms.com/privacy for details."
x-role-instance
Cognito.Services_IN_7
x-request-time
70ms
content-security-policy
default-src 'self' https://*; img-src * data:; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline'; frame-src 'self' https://* mailto:
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
request-context
appId=cid-v1:bac45fa9-8f8e-4ddb-8e70-d648fe57a27a
date
Wed, 16 Feb 2022 01:46:20 GMT
content-length
503
istockphoto-1173998443-2048x2048-cropped.jpg
freedomtaxrefund.com/images/img_Bxq92E7EhpGZts4An4Dq9F/ 		130 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedomtaxrefund.com/images/img_Bxq92E7EhpGZts4An4Dq9F/istockphoto-1173998443-2048x2048-cropped.jpg?fit=outside&w=1600
Requested by
Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.83.38.241 The Dalles, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
241.38.83.34.bc.googleusercontent.com
Software
nginx/1.15.10 /
Resource Hash
b810cb33011deed26409b4712ba37631f155248959015d6e41f40e7c7d2f3c2d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedomtaxrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 01:46:20 GMT
server
nginx/1.15.10
age
41
etag
"8848f882f8fa82d7683786b2f600acee514d7bfe"
vary
x-accept-webp
content-type
image/webp
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
strict-transport-security
max-age=15724800; includeSubDomains
accept-ranges
bytes
content-length
132800
omar-lopez-gx5-zf_he9w-unsplash.jpg
freedomtaxrefund.com/images/img_PQhGQfyMHx7difxBzJ1MLE/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedomtaxrefund.com/images/img_PQhGQfyMHx7difxBzJ1MLE/omar-lopez-gx5-zf_he9w-unsplash.jpg?h=200&w=300&fit=cover&dpr=1
Requested by
Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.83.38.241 The Dalles, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
241.38.83.34.bc.googleusercontent.com
Software
nginx/1.15.10 /
Resource Hash
eee5ebb47afff7b721c9a558a3521342370e4466ba4bd01357364672ae384681
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedomtaxrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 01:46:20 GMT
server
nginx/1.15.10
age
41
etag
"cb9838938d4e1b1e8dddcd4acabbde987c6e7b83"
vary
x-accept-webp
content-type
image/webp
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
strict-transport-security
max-age=15724800; includeSubDomains
accept-ranges
bytes
content-length
10694
jimmy-dean-nd1ahlohbi0-unsplash.jpg
freedomtaxrefund.com/images/img_LxFRasn941YoXFD8nmAFEP/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://freedomtaxrefund.com/images/img_LxFRasn941YoXFD8nmAFEP/jimmy-dean-nd1ahlohbi0-unsplash.jpg?h=200&w=300&fit=cover&dpr=1
Requested by
Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.83.38.241 The Dalles, United States, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS
241.38.83.34.bc.googleusercontent.com
Software
nginx/1.15.10 /
Resource Hash
f8d6c91271d85f726d1ebd434e4fa3af40d9db3ef79ff334ad5cb1e291231b16
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://freedomtaxrefund.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 01:46:20 GMT
server
nginx/1.15.10
age
41
etag
"c81cacb9f61e5f1de7f6c0f4c71bff5cc7f25d23"
vary
x-accept-webp
content-type
image/webp
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
strict-transport-security
max-age=15724800; includeSubDomains
accept-ranges
bytes
content-length
11524
embed
www.google.com/maps/ Frame 20B7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3580.5220617313985!2d-80.20610998497041!3d26.179690483448848!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x88d9041dfa7ac065%3A0x244727f348d4b6eb!2s4397%20N%20State%20Rd%207%2C%20Lauderdale%20Lakes%2C%20FL%2033319%2C%20USA!5e0!3m2!1sen!2srs!4v1644685958635!5m2!1sen!2srs
Requested by
Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:801::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
e7ac21195cd239608cdf470b20c81a1d8de25078509d8bee2eb740ed86ca367c
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-bUcdKIgQ/zrFsCWQd83XZw==' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://freedomtaxrefund.com/

Response headers

content-type
text/html; charset=UTF-8
date
Wed, 16 Feb 2022 01:46:21 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
vary
Accept-Language
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-bUcdKIgQ/zrFsCWQd83XZw==' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-encoding
gzip
server
mafe
content-length
978
x-xss-protection
0
server-timing
gfet4t7; dur=158
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
AutotestDetect.js
www.cognitoforms.com/Scripts/testing/ Frame 8BB3 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cognitoforms.com/Scripts/testing/AutotestDetect.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/Tvg7jDdv30WqXFGuvk-qBQ/1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.4.241 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
1ca4c29158f1f930b2cf696a87f1a5c6e242efb401e6cec78e0986a7f732c55c
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*; img-src * data:; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline'; frame-src 'self' https://* mailto:
Strict-Transport-Security max-age=35136000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cognitoforms.com/f/Tvg7jDdv30WqXFGuvk-qBQ/1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=35136000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="Cognito does not have a P3P policy. Visit https://cognitoforms.com/privacy for details."
vary
Accept-Encoding
content-length
1528
etag
"070b3ea1719d81:0"
request-context
appId=cid-v1:bac45fa9-8f8e-4ddb-8e70-d648fe57a27a
x-server-time
2022-02-16T01:36:40.727Z
referrer-policy
origin-when-cross-origin
last-modified
Thu, 03 Feb 2022 16:05:52 GMT
server
Microsoft-IIS/10.0
date
Wed, 16 Feb 2022 01:46:20 GMT
x-role-instance
Cognito.Services_IN_7
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-SessionToken,X-Server-Time
x-request-time
10ms
content-security-policy
default-src 'self' https://*; img-src * data:; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline'; frame-src 'self' https://* mailto:
accept-ranges
bytes
seamless.js
www.cognitoforms.com/f/ Frame 8BB3 		105 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cognitoforms.com/f/seamless.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/Tvg7jDdv30WqXFGuvk-qBQ/1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.4.241 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
2f92407137772390642807181f66682460324b65bc718eff81238dbef9eda495
Security Headers
Name Value
Content-Security-Policy default-src 'self' https://*; img-src * data:; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline'; frame-src 'self' https://* mailto:
Strict-Transport-Security max-age=35136000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cognitoforms.com/f/Tvg7jDdv30WqXFGuvk-qBQ/1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=35136000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
*
p3p
CP="Cognito does not have a P3P policy. Visit https://cognitoforms.com/privacy for details."
vary
Accept-Encoding
content-length
36957
request-context
appId=cid-v1:bac45fa9-8f8e-4ddb-8e70-d648fe57a27a
x-server-time
2022-02-16T01:46:21.169Z
referrer-policy
origin-when-cross-origin
server
Microsoft-IIS/10.0
date
Wed, 16 Feb 2022 01:46:20 GMT
x-role-instance
Cognito.Services_IN_7
content-type
application/javascript
pragma
no-cache
access-control-expose-headers
X-SessionToken,X-Server-Time
cache-control
no-cache, no-store, must-revalidate
x-request-time
1ms
content-security-policy
default-src 'self' https://*; img-src * data:; script-src https://* 'unsafe-inline' 'unsafe-eval'; style-src https://* 'unsafe-inline'; frame-src 'self' https://* mailto:
expires
-1
140.3c681a345e85b5f63175.js
static.cognitoforms.com/form/modern/ Frame 8BB3 		121 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/140.3c681a345e85b5f63175.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
987296189f8b1a81e92753d3b1e6ead067e68b362ce5315ac6af4ecc18ca9272

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cognitoforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 01:46:21 GMT
content-encoding
br
x-azure-ref-originshield
0w44FYgAAAABBX4D+IA+iRYYM0T0f/5ISQU1TMDRFREdFMTkxMAA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5
08JMENynP9Qh3WUTvLGkXQ==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Thu, 03 Feb 2022 16:54:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9E735EA175FF2
x-azure-ref
0bVcMYgAAAACgDgHzEm5KRabMx0Vot0i9RlJBRURHRTEwMDcANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
d9d25e03-201e-0034-13a7-1e9ff5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
155.3580cde700686dd9f081.js
static.cognitoforms.com/form/modern/ Frame 8BB3 		38 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/155.3580cde700686dd9f081.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b245b27f8ac2e960c979c5d82925c30e217524874881eac4675452849e5a435b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cognitoforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 01:46:21 GMT
content-encoding
br
x-azure-ref-originshield
0mh8GYgAAAABzeFmBlNLzTrFBwWUHe2STQU1TMDRFREdFMTgxNQA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5
9AtW8JTUttfTtkbAdxc/eQ==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Thu, 03 Feb 2022 16:54:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9E735EA251FA6
x-azure-ref
0bVcMYgAAAAARL6bNFwScQIYs4mNlC+b5RlJBRURHRTEwMDcANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
760cee43-e01e-003b-0a97-1ee999000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
154.8ce2b59188d13b55a652.js
static.cognitoforms.com/form/modern/ Frame 8BB3 		92 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/154.8ce2b59188d13b55a652.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
83c0510a92f130a0d189183d4e148c2ba37b08265f75fff578300b12fca7a5a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cognitoforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 01:46:21 GMT
content-encoding
br
x-azure-ref-originshield
0RPAFYgAAAADre7Yw6+u8RJsxO2+qW/+4QU1TMDRFREdFMTkxMgA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5
TagjAQ02vT2/u78Q9+0cOA==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Thu, 03 Feb 2022 16:54:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9E735EA248417
x-azure-ref
0bVcMYgAAAACn9Rid8fsISKtBzDm6dyn2RlJBRURHRTEwMDcANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
f7306364-101e-003f-7f82-1d649e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
153.9ca58454003a22b55cfe.js
static.cognitoforms.com/form/modern/ Frame 8BB3 		207 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/153.9ca58454003a22b55cfe.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
e03cdc1caac9c533c272d90d66283fc3a9302e0a44df542188821f3cdcab326f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cognitoforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 01:46:21 GMT
content-encoding
br
x-azure-ref-originshield
0ax8GYgAAAADUcB8/nbAjTbRBVTMkHhusQU1TMDRFREdFMTkxMgA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5
kefB1eWmInrxNshNnhfoJQ==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Thu, 03 Feb 2022 16:54:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9E735EA243652
x-azure-ref
0bVcMYgAAAABLMif3kdy3RqscHaKchULWRlJBRURHRTEwMDcANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
1c8ad5df-601e-0047-2f42-1dc766000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
139.04a149bf95a7b3a136e8.js
static.cognitoforms.com/form/modern/ Frame 8BB3 		188 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/139.04a149bf95a7b3a136e8.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
48e413a76487cba709bc886dc65101fa4540e9fd7706d2df3aee616ce44b7dce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cognitoforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 01:46:21 GMT
content-encoding
br
x-azure-ref-originshield
0IhEGYgAAAABGu8R+B5liQLisBJg9CqO0QU1TMDRFREdFMTgxNQA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5
uV2Ssz/9JhRJSxNAFfD99w==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Thu, 03 Feb 2022 16:54:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9E735EA169D7C
x-azure-ref
0bVcMYgAAAABJxRZiJRzTRL3ifVZp5JFARlJBRURHRTEwMDcANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
bec81475-f01e-0008-6a5d-1db632000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
truncated
/ Frame 8BB3 		497 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05d055c4cb935414f1cc2eb7ffec3f85f541991a10899c53baf31a1e630a78fd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf8
js
maps.googleapis.com/maps/api/ Frame 20B7 		164 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=rs&callback=onApiLoad
Requested by
Host: www.google.com
URL: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3580.5220617313985!2d-80.20610998497041!3d26.179690483448848!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x88d9041dfa7ac065%3A0x244727f348d4b6eb!2s4397%20N%20State%20Rd%207%2C%20Lauderdale%20Lakes%2C%20FL%2033319%2C%20USA!5e0!3m2!1sen!2srs!4v1644685958635!5m2!1sen!2srs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
c647453a432159332ad3cb5df3c7e122b0e1c03ddcc420a0e2aca1d5d53d0fde
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 01:31:42 GMT
content-encoding
gzip
server
mafe
age
879
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
server-timing
gfet4t7; dur=15
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54586
x-xss-protection
0
expires
Wed, 16 Feb 2022 02:01:42 GMT
1
www.cognitoforms.com/svc/load-form/form-def/Tvg7jDdv30WqXFGuvk-qBQ/ Frame 8BB3 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cognitoforms.com/svc/load-form/form-def/Tvg7jDdv30WqXFGuvk-qBQ/1
Requested by
Host: static.cognitoforms.com
URL: https://static.cognitoforms.com/form/modern/139.04a149bf95a7b3a136e8.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.4.241 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
50e19d50d6bbabc48ee863b9904a7d61ed31813259e4f60d2a5d449235c77f1c
Security Headers
Name Value
Strict-Transport-Security max-age=35136000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cognitoforms.com/f/Tvg7jDdv30WqXFGuvk-qBQ/1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=35136000; includeSubDomains
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-origin
*
p3p
CP="Cognito does not have a P3P policy. Visit https://cognitoforms.com/privacy for details."
content-length
6419
request-context
appId=cid-v1:bac45fa9-8f8e-4ddb-8e70-d648fe57a27a
x-server-time
2022-02-16T01:46:21.653Z
server
Microsoft-IIS/10.0
date
Wed, 16 Feb 2022 01:46:21 GMT
x-role-instance
Cognito.Services_IN_7
content-type
application/javascript; charset=utf-8
pragma
no-cache
access-control-expose-headers
X-SessionToken,X-Server-Time
cache-control
no-cache, no-store, must-revalidate
x-request-time
54ms
expires
-1
gen_204
maps.googleapis.com/maps/api/mapsjs/ Frame 20B7 		3 B
46 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=rs&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 01:46:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.google.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
init_embed.js
maps.gstatic.com/maps-api-v3/embed/js/47/7a/ Frame 20B7 		220 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.gstatic.com/maps-api-v3/embed/js/47/7a/init_embed.js
Requested by
Host: www.google.com
URL: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3580.5220617313985!2d-80.20610998497041!3d26.179690483448848!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x88d9041dfa7ac065%3A0x244727f348d4b6eb!2s4397%20N%20State%20Rd%207%2C%20Lauderdale%20Lakes%2C%20FL%2033319%2C%20USA!5e0!3m2!1sen!2srs!4v1644685958635!5m2!1sen!2srs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
347ba305e0271a63c6194c4491c697c062b49313aaa5e1ee6119fcbaad653e70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 20:34:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
537124
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
65681
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 20:22:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Feb 2023 20:34:17 GMT
common.js
maps.googleapis.com/maps-api-v3/api/js/47/7a/ Frame 20B7 		77 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/47/7a/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=rs&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
098695ed055199f9a99f3f7689cc444871533b9227764b0193025fdc6e78ab17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 00:35:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4253
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28806
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 20:23:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 16 Feb 2023 00:35:28 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/47/7a/ Frame 20B7 		297 KB
297 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/47/7a/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=rs&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da4ce6a7f2dd3eee8d5424c9b9c1ea0e5ccacd5797dbb10375a8a489b9f3c993
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 23:34:11 GMT
x-content-type-options
nosniff
age
7930
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
303799
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 20:23:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Feb 2023 23:34:11 GMT
map.js
maps.googleapis.com/maps-api-v3/api/js/47/7a/ Frame 20B7 		60 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/47/7a/map.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=rs&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c94927a230b441711db5512dccb43c84fcecce42c1961e9eb91f9fc4dcf99b0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 19:23:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22994
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22781
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 20:23:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Feb 2023 19:23:07 GMT
overlay.js
maps.googleapis.com/maps-api-v3/api/js/47/7a/ Frame 20B7 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/47/7a/overlay.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=rs&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c47f95e9a29b4fcad6992ec3cfa56b9d07e52d1e66673b4b97d52a8895d96676
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 18:26:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26396
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1368
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 20:23:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Feb 2023 18:26:25 GMT
google4.png
maps.gstatic.com/mapfiles/embed/images/ Frame 20B7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/embed/images/google4.png
Requested by
Host: freedomtaxrefund.com
URL: https://freedomtaxrefund.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
721fb9398629ae4ac2169b208a651f09a7d5e5a370323fcf8891428acc94a4ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 01:46:21 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2073
x-xss-protection
0
last-modified
Tue, 18 May 2021 19:15:00 GMT
server
sffe
report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
expires
Wed, 16 Feb 2022 01:46:21 GMT
onion.js
maps.googleapis.com/maps-api-v3/api/js/47/7a/ Frame 20B7 		25 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/47/7a/onion.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=rs&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c6f9736cf91966550d126318c461a04f4f0d179161529ebe884e7e234af1c6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 15 Feb 2022 01:32:27 GMT
x-content-type-options
nosniff
age
87234
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25693
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 20:23:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 15 Feb 2023 01:32:27 GMT
search_impl.js
maps.googleapis.com/maps-api-v3/api/js/47/7a/ Frame 20B7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/47/7a/search_impl.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?client=google-maps-embed&paint_origin=&libraries=geometry,search&v=3.exp&language=en&region=rs&callback=onApiLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d514a054f21f921ef508361726cd32a940e9e2e1ac414edd4391631af58591d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 17:37:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
547755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1260
x-xss-protection
0
last-modified
Tue, 25 Jan 2022 20:23:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 Feb 2023 17:37:06 GMT
css
fonts.googleapis.com/ Frame 8BB3 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/svc/load-form/form-def/Tvg7jDdv30WqXFGuvk-qBQ/1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:801::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
793817390b35bd74ec65da7f2a25f446089ffb34d71576fdb104838a841cfd9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cognitoforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 00:45:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 16 Feb 2022 01:46:21 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Feb 2022 01:46:21 GMT
58.846d31c9f1d1778b7321.js
static.cognitoforms.com/form/modern/ Frame 8BB3 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/58.846d31c9f1d1778b7321.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
b7fcf1c20c5f23a23d5487b6b6ec1122d00eb5ca22f694af86ccc6aa2b0b3c5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cognitoforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 01:46:21 GMT
content-encoding
br
x-azure-ref-originshield
0Mi4GYgAAAAAnsiZERnzRSKfaFWsp4MuaQU1TMDRFREdFMTgyMgA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5
YL6i5uucYHFsNBoc691SqQ==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Thu, 03 Feb 2022 16:54:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9E735EA463E0C
x-azure-ref
0bVcMYgAAAADETWgN07CoT68er+rNMzQZRlJBRURHRTEwMDcANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
171ba8e7-001e-006e-1c62-1df912000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
29.54cc00bea07c4649ecb2.js
static.cognitoforms.com/form/modern/ Frame 8BB3 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/29.54cc00bea07c4649ecb2.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
35d4c53d144317aa45cb2ba8b17adeb73cdbb1a2ddbb8cfd9020b80a88d30197

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cognitoforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 01:46:21 GMT
content-encoding
br
x-azure-ref-originshield
0yI4FYgAAAABsp/cy/fjwQbCWgdXS+l8+QU1TMDRFREdFMTkxNwA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5
LSkNmbJAG1NZ7EU+TM2BCA==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Thu, 03 Feb 2022 16:54:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9E735EA30AB6D
x-azure-ref
0bVcMYgAAAAAkbEZDJJ3LQ4lrGqsAbA5WRlJBRURHRTEwMDcANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
026cf298-901e-0031-2335-1d4d2e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
1
www.cognitoforms.com/svc/load-form/new-session/Tvg7jDdv30WqXFGuvk-qBQ/ Frame 8BB3 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cognitoforms.com/svc/load-form/new-session/Tvg7jDdv30WqXFGuvk-qBQ/1?embedContext=iframe
Requested by
Host: static.cognitoforms.com
URL: https://static.cognitoforms.com/form/modern/153.9ca58454003a22b55cfe.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.4.241 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
6a6c4976cad4b4d235badc49a2906c1877af0039eb8b7e868ad3d242a0b97969
Security Headers
Name Value
Strict-Transport-Security max-age=35136000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.cognitoforms.com/f/Tvg7jDdv30WqXFGuvk-qBQ/1
X-Requested-With
XmlHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=35136000; includeSubDomains
vary
Origin
access-control-allow-origin
https://www.cognitoforms.com
p3p
CP="Cognito does not have a P3P policy. Visit https://cognitoforms.com/privacy for details."
content-length
1767
request-context
appId=cid-v1:bac45fa9-8f8e-4ddb-8e70-d648fe57a27a
x-server-time
2022-02-16T01:46:21.888Z
server
Microsoft-IIS/10.0
date
Wed, 16 Feb 2022 01:46:21 GMT
x-role-instance
Cognito.Services_IN_7
content-type
application/json; charset=utf-8
pragma
no-cache
access-control-expose-headers
X-SessionToken,X-Server-Time
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-request-time
44ms
expires
-1
openhand_8_8.cur
maps.gstatic.com/mapfiles/ Frame 20B7 		326 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://maps.gstatic.com/mapfiles/openhand_8_8.cur
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 16 Feb 2022 01:46:21 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-tactile
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
last-modified
Tue, 18 May 2021 19:15:00 GMT
server
sffe
report-to
{"group":"geo-tactile","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-tactile"}]}
content-type
image/bmp
access-control-allow-origin
*
cache-control
private, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="geo-tactile"
expires
Wed, 16 Feb 2022 01:46:21 GMT
ViewportInfoService.GetViewportInfo
maps.googleapis.com/maps/api/js/ Frame 20B7 		35 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/ViewportInfoService.GetViewportInfo?1m6&1m2&1d26.166026010380442&2d-80.25542008800487&2m2&1d26.19288873412934&2d-80.15230189038812&2u16&4sen&5e0&6sm%40590000000&7b0&8e0&11e289&12e1&13shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&14b1&callback=_xdc_._9ajwf5&client=google-maps-embed&token=121863
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/47/7a/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
6d76ea937dcf5533f1fa4a1d930ee8208cb538cc4ff0b1728f657f4c606731b5
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 01:46:22 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment
server-timing
gfet4t7; dur=19
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3610
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
20.6808ca0f361408e3ac61.js
static.cognitoforms.com/form/modern/ Frame 8BB3 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/20.6808ca0f361408e3ac61.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
8a675aa92f8534908d01185a7ca590565615ee4385a88a5b5a789395ee359694

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cognitoforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 01:46:21 GMT
content-encoding
br
x-azure-ref-originshield
0UzEGYgAAAADvsOaKWEdlQp86Ap26tIY+QU1TMDRFREdFMTgxOAA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5
XR1ARJW8X22yhv4EE7YpBw==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Thu, 03 Feb 2022 16:54:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9E735EA28C50E
x-azure-ref
0blcMYgAAAABsDicBMCerQL9i/9baU/GmRlJBRURHRTEwMDcANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
13593011-701e-0016-1a05-1f5aea000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
21.501f04575d8ea63a6ad8.js
static.cognitoforms.com/form/modern/ Frame 8BB3 		1 KB
968 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/21.501f04575d8ea63a6ad8.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
3ae19d5d5f2ed1ba5aa1330f7c8a6ba2d7245f8b75345e9125967a38244c8bd2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cognitoforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 01:46:21 GMT
content-encoding
br
x-azure-ref-originshield
01u8FYgAAAABGl1krW+dWS4IbWP61aiR7QU1TMDRFREdFMTkxNwA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5
/K/ybKXYhQRJRin4dTG9tA==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Thu, 03 Feb 2022 16:54:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9E735EA31E295
x-azure-ref
0blcMYgAAAAChxEKTEcsYSKK8qKlfMRWeRlJBRURHRTEwMDcANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
97b3bc08-f01e-0008-03a9-1eb632000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
108.24eb78766e6df1ed10a5.js
static.cognitoforms.com/form/modern/ Frame 8BB3 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/108.24eb78766e6df1ed10a5.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
621a5a19aa5f2305d640063ce171a1dbf194d96997c307cd1e93e37064af1db7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cognitoforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 01:46:21 GMT
content-encoding
br
x-azure-ref-originshield
0teAGYgAAAAD5aWN5EhzKSI7YLUx7Rks6QU1TMDRFREdFMTkwOAA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5
C3nwGP6Dofnc5RLaeVRJGg==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Thu, 03 Feb 2022 16:54:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9E735E9FAA972
x-azure-ref
0blcMYgAAAABx7zeWsNyVQKb7p/AJ4DYrRlJBRURHRTEwMDcANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
ef87c446-901e-0021-0b49-1d8846000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
101.d04417fbb86564a642e7.js
static.cognitoforms.com/form/modern/ Frame 8BB3 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/101.d04417fbb86564a642e7.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
11393afb7a3f3bf4c1f74ae48166a8acc3ec1ef1adea6e5565973ffb1ab3a4a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cognitoforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 01:46:21 GMT
content-encoding
br
x-azure-ref-originshield
0hBAGYgAAAABqEKTgw+bFQ7wRY22ZTYSdQU1TMDRFREdFMTkxNgA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5
xJ6Lb7yrvDiEyKAuBGLGSQ==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Thu, 03 Feb 2022 16:54:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9E735E9EE3450
x-azure-ref
0blcMYgAAAAD/laTqGk6YT6Mze0osZrpWRlJBRURHRTEwMDcANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
81c3481b-901e-0043-50da-1e4a61000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
104.5c7710296d26dfedcfd5.js
static.cognitoforms.com/form/modern/ Frame 8BB3 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/104.5c7710296d26dfedcfd5.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
c843edc49247a1622157e772890c0db223b1fd2f7c63f2059380a2c0e834a774

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cognitoforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 01:46:21 GMT
content-encoding
br
x-azure-ref-originshield
0dOIGYgAAAACEedOFWIRqT7z3dxEw16NQQU1TMDRFREdFMTkxOAA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5
pbFl3cI3lrl9OWDncbdOBg==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Thu, 03 Feb 2022 16:54:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9E735E9F2AF9E
x-azure-ref
0blcMYgAAAAAIEc0UEvgIT5Eqjj42zmSBRlJBRURHRTEwMDcANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b6697b06-201e-000b-6f27-1f5756000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
0.06ed6a9bed8802d60b78.js
static.cognitoforms.com/form/modern/ Frame 8BB3 		272 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/0.06ed6a9bed8802d60b78.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
abc2e11580dc60819873b3b8fe41f91ee97b6a83b232851be271d31dd149ca07

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cognitoforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 01:46:21 GMT
x-azure-ref-originshield
0My4GYgAAAAAlD/4WBiSySqgJL482bMi5QU1TMDRFREdFMTgwOAA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5
INRkU5qGsOydjXXrn4J3+w==
x-cache
TCP_HIT
content-length
272
x-ms-lease-status
unlocked
last-modified
Thu, 03 Feb 2022 16:54:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9E735E9F261DB
x-azure-ref
0blcMYgAAAACciyJgZazVTrluJLLAiqZyRlJBRURHRTEwMDcANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
1fca6179-501e-0001-1c9c-1ef3e1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
1.ef95075721889b82360c.js
static.cognitoforms.com/form/modern/ Frame 8BB3 		561 B
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/1.ef95075721889b82360c.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
d95df2ffd409a6b4e7abafe600db3e91ad6e38b9666c894ccda238d8446f2f0f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cognitoforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 01:46:21 GMT
x-azure-ref-originshield
0hgsMYgAAAADHrsrIztE5SoYLb+pE4HvLQU1TMDRFREdFMTgxNQA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5
AqjjcA8JAIryOuogEPQHMQ==
x-cache
TCP_HIT
content-length
561
x-ms-lease-status
unlocked
last-modified
Thu, 03 Feb 2022 16:54:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9E735E9F4E38F
x-azure-ref
0blcMYgAAAABJfBenhN2dRoh5iC3Qfd23RlJBRURHRTEwMDcANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
198e9591-301e-0017-46a6-220536000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
2.3d9324d8d8808deb026b.js
static.cognitoforms.com/form/modern/ Frame 8BB3 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/2.3d9324d8d8808deb026b.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
65c6f032dc0e37b082d7a18e79bb9134bfc232868039e071e044f9da88ad54bb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cognitoforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 01:46:21 GMT
content-encoding
br
x-azure-ref-originshield
0teAGYgAAAABlQR34sqYMTKX809cIpZvKQU1TMDRFREdFMTkxNwA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5
cpeolc3oPEJ7tHT2gsIAng==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Thu, 03 Feb 2022 16:54:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9E735EA26DEEC
x-azure-ref
0blcMYgAAAADGyW/8q8WkTKUaPyG5fO1GRlJBRURHRTEwMDcANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
9d5ae4b9-301e-0007-1350-1dc05e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
7.82de3c47cebe7c9aedc9.js
static.cognitoforms.com/form/modern/ Frame 8BB3 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/7.82de3c47cebe7c9aedc9.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
1a1253124c25bd86e41410178ccbe94d5bf06dc6c02fff2c55acf26bc7292044

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cognitoforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 01:46:21 GMT
content-encoding
br
x-azure-ref-originshield
0teAGYgAAAABWNA2M4lvqRpncUHjKpvCoQU1TMDRFREdFMTgxMQA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5
eFDZ1pIcUY0UczZHRDhSOg==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Thu, 03 Feb 2022 16:55:00 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9E735EA526559
x-azure-ref
0blcMYgAAAAA+o0S4Tb9GTq74085DNplARlJBRURHRTEwMDcANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
9a5e36d4-501e-005c-773d-1df965000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
3.3e61018615c649de32da.js
static.cognitoforms.com/form/modern/ Frame 8BB3 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/3.3e61018615c649de32da.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
41686712d0c87c7e6c31ae044bbfae89fff6dd8a39d3848b39fbea962d97f12d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cognitoforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 01:46:21 GMT
content-encoding
br
x-azure-ref-originshield
0My4GYgAAAADuXenNIJJUT6RW2LNw1ftkQU1TMDRFREdFMTgxNAA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5
v5PYpFfKgeHEghst+B8WoQ==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Thu, 03 Feb 2022 16:54:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9E735EA31A83F
x-azure-ref
0blcMYgAAAAAjKivF8razTIDvCWuVRFD1RlJBRURHRTEwMDcANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
41a78055-901e-001e-3129-1f40e5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
11.9c08ddd5f8a7e042a430.js
static.cognitoforms.com/form/modern/ Frame 8BB3 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/11.9c08ddd5f8a7e042a430.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
66241ee251ee5b131179dc059f66fbc4176d0bc857b53f15e924b47200d034d9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cognitoforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 01:46:21 GMT
content-encoding
br
x-azure-ref-originshield
0Lo8FYgAAAACgfGRGQvfuSLPKmALqrDumQU1TMDRFREdFMTgwOQA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5
SVW14MJbFF41Za9KNeB51A==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Thu, 03 Feb 2022 16:54:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9E735E9FAE3C6
x-azure-ref
0blcMYgAAAAB3E8fyyKDJS7/9US7JHK1DRlJBRURHRTEwMDcANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
12b11599-601e-0025-7b6c-1d0541000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
113.0eb1aa71a7b9fa1f0c93.js
static.cognitoforms.com/form/modern/ Frame 8BB3 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/113.0eb1aa71a7b9fa1f0c93.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
11c1e44ffac8a5a2af81c5808c80e78cf3a9e7c1587f6d6f80d24b1d44533b98

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cognitoforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 01:46:21 GMT
content-encoding
br
x-azure-ref-originshield
0gUgKYgAAAADsXfZMhgskRollMrcKFbE8QU1TMDRFREdFMTgxNwA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5
yfU+UGIJhVbFwULQipNARg==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Thu, 03 Feb 2022 16:54:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9E735E9FD3E9B
x-azure-ref
0blcMYgAAAADIXwi1hdE+SbzylNdlUi6NRlJBRURHRTEwMDcANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
41e7ca57-201e-0034-240e-209ff5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
111.7a952bac94c0f17aae6b.js
static.cognitoforms.com/form/modern/ Frame 8BB3 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cognitoforms.com/form/modern/111.7a952bac94c0f17aae6b.js
Requested by
Host: www.cognitoforms.com
URL: https://www.cognitoforms.com/f/seamless.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
5a0b520605920267a38b9ba3bff2c57619e1b417359f23fae4d66753ebe5df71

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cognitoforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 16 Feb 2022 01:46:21 GMT
content-encoding
br
x-azure-ref-originshield
0teAGYgAAAADcf1nVM1MtSb7cbK2A8TtdQU1TMDRFREdFMTkxMwA3NmYzYzE3Ny1kZGYzLTQ2MDktODNmYi00ZjQ2YTY1Y2JiZWY=
content-md5
kXVJf7tEvkur4Qzt+XBgnA==
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Thu, 03 Feb 2022 16:54:59 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D9E735E9FE1483
x-azure-ref
0blcMYgAAAADqMU2G94b2TbimyzqLp4KYRlJBRURHRTEwMDcANzZmM2MxNzctZGRmMy00NjA5LTgzZmItNGY0NmE2NWNiYmVm
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b496e592-201e-0034-5191-1d9ff5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=31536000
x-ms-version
2009-09-19
AuthenticationService.Authenticate
maps.googleapis.com/maps/api/js/ Frame 20B7 		62 B
84 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7m1&1e0&callback=_xdc_._lkdbea&client=google-maps-embed&token=113829
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/47/7a/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
e8787b986ce1452c351a4976cb95b95be50429a278530debf91d524e72a65ec8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 01:46:22 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment
server-timing
gfet4t7; dur=3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 8BB3 		225 B
242 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:700&text=Powered%20by%20Cognito%20Forms.Try%20It%20Now
Requested by
Host: static.cognitoforms.com
URL: https://static.cognitoforms.com/form/modern/154.8ce2b59188d13b55a652.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:801::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
408593915e0d55900fe4e1f774a1bc1fed5e0b87cfa3a537508ed5ce90fb2039
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.cognitoforms.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 16 Feb 2022 01:46:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 16 Feb 2022 01:46:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 16 Feb 2022 01:46:22 GMT
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v21/ Frame 8BB3 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensanscondensed/v21/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:810::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cognitoforms.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 00:13:13 GMT
x-content-type-options
nosniff
age
523989
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16324
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:56:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 10 Feb 2023 00:13:13 GMT
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v21/ Frame 8BB3 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensanscondensed/v21/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMRw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:810::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cognitoforms.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 00:13:37 GMT
x-content-type-options
nosniff
age
523965
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14964
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 18:56:58 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 10 Feb 2023 00:13:37 GMT
QuotaService.RecordEvent
maps.googleapis.com/maps/api/js/ Frame 20B7 		62 B
83 B 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js/QuotaService.RecordEvent?1shttps%3A%2F%2Fwww.google.com%2Fmaps%2Fembed&2sgoogle-maps-embed&7sow873i&10e1&callback=_xdc_._jcpmmd&client=google-maps-embed&token=47656
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/47/7a/common.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
mafe /
Resource Hash
9335ca07803d3360d8e608c7f1126fc2204d51c8036ac80a3880d5c267f44397
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 16 Feb 2022 01:46:22 GMT
content-encoding
gzip
server
mafe
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
no-cache, must-revalidate
content-disposition
attachment
server-timing
gfet4t7; dur=3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log
www.cognitoforms.com/svc/ Frame 8BB3 		0
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cognitoforms.com/svc/log
Requested by
Host: static.cognitoforms.com
URL: https://static.cognitoforms.com/form/modern/153.9ca58454003a22b55cfe.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.4.241 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=35136000; includeSubDomains

Request headers

Referer
https://www.cognitoforms.com/f/Tvg7jDdv30WqXFGuvk-qBQ/1
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-type
application/json

Response headers

strict-transport-security
max-age=35136000; includeSubDomains
vary
Origin
access-control-allow-origin
https://www.cognitoforms.com
p3p
CP="Cognito does not have a P3P policy. Visit https://cognitoforms.com/privacy for details."
content-length
0
request-context
appId=cid-v1:bac45fa9-8f8e-4ddb-8e70-d648fe57a27a
x-server-time
2022-02-16T01:46:22.200Z
server
Microsoft-IIS/10.0
date
Wed, 16 Feb 2022 01:46:22 GMT
x-role-instance
Cognito.Services_IN_7
pragma
no-cache
access-control-expose-headers
X-SessionToken,X-Server-Time
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-request-time
1087ms
expires
-1

Verdicts & Comments Add Verdict or Comment

43 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone function| $ function| jQuery object| FontAwesomeKitConfig function| IScroll object| cfWebpackJsonp object| core function| Cognito string| __webpack_public_path__ object| __CARDSETTER_PUBLIC_REDUX_STATE__ object| __CARDSETTER_PUBLIC_APOLLO_STATE__ object| jQuery111303507497437526781 number| testimonialsInterval object| __LOADABLE_LOADED_CHUNKS__ function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill number| 2f1acc6c3a606b082e5eef5e54414ffb function| __extends function| __assign function| __rest function| __decorate function| __param function| __metadata function| __awaiter function| __generator function| __exportStar function| __values function| __read function| __spread function| __spreadArrays function| __await function| __asyncGenerator function| __asyncDelegator function| __asyncValues function| __makeTemplateObject function| __importStar function| __importDefault function| Quill object| __APOLLO_CLIENT__

2 Cookies

Domain/Path Name / Value
www.cognitoforms.com/ Name: ai_user
Value: vrDen|2022-02-16T01:46:22.014Z
www.cognitoforms.com/ Name: ai_session
Value: i9S+W|1644975982153.7|1644975982153.7

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cardsetter.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
freedomtaxrefund.com
ka-f.fontawesome.com
kit.fontawesome.com
maps.googleapis.com
maps.gstatic.com
static.cognitoforms.com
www.cognitoforms.com
www.freedomtaxrefund.com
www.google.com
23.96.4.241
2606:4700::6810:125e
2606:4700::6812:1734
2620:1ec:bdf::44
2a00:1450:4001:801::2003
2a00:1450:4001:80e::200a
2a00:1450:400e:801::2004
2a00:1450:400e:801::200a
2a00:1450:400e:80e::200a
2a00:1450:400e:810::2003
2a06:98c1:3120::f
34.83.38.241
05d055c4cb935414f1cc2eb7ffec3f85f541991a10899c53baf31a1e630a78fd
098695ed055199f9a99f3f7689cc444871533b9227764b0193025fdc6e78ab17
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
0c6f9736cf91966550d126318c461a04f4f0d179161529ebe884e7e234af1c6c
11393afb7a3f3bf4c1f74ae48166a8acc3ec1ef1adea6e5565973ffb1ab3a4a5
11c1e44ffac8a5a2af81c5808c80e78cf3a9e7c1587f6d6f80d24b1d44533b98
1a0ba9ad4fee38586304bea3273545f7692a214ff2a3742f515b0c17de7c12b3
1a1253124c25bd86e41410178ccbe94d5bf06dc6c02fff2c55acf26bc7292044
1ca4c29158f1f930b2cf696a87f1a5c6e242efb401e6cec78e0986a7f732c55c
1d514a054f21f921ef508361726cd32a940e9e2e1ac414edd4391631af58591d
2107a3465e87623f98f69f02f7e5bd66b67268784ee211090f7502774ad0085d
23173c3ea07b31e220006cf4684515fe0d7b5e5b8dc23a10b388567eb9eafdc7
2f92407137772390642807181f66682460324b65bc718eff81238dbef9eda495
32c1cf52bfba378e0488557e63a71e251bd2ca5519fe73665d483d6f0f19584a
347ba305e0271a63c6194c4491c697c062b49313aaa5e1ee6119fcbaad653e70
35d4c53d144317aa45cb2ba8b17adeb73cdbb1a2ddbb8cfd9020b80a88d30197
36cee952a1cc4af1b3784e5f52731e544f323e198f32248ce18947ac80d27920
38cd770dbbb79722083eac0846f9d4776b7f2ac51c0fb498137aead03050b196
3ae19d5d5f2ed1ba5aa1330f7c8a6ba2d7245f8b75345e9125967a38244c8bd2
408593915e0d55900fe4e1f774a1bc1fed5e0b87cfa3a537508ed5ce90fb2039
41686712d0c87c7e6c31ae044bbfae89fff6dd8a39d3848b39fbea962d97f12d
48e413a76487cba709bc886dc65101fa4540e9fd7706d2df3aee616ce44b7dce
50e19d50d6bbabc48ee863b9904a7d61ed31813259e4f60d2a5d449235c77f1c
529c90edaa72f59d520b28990d2c221b4b75d2c27560213a8518d7669ae32a6c
52d5d24d30ef6cd9ffe67b7830bc6a58028142044a7e9e584e4bd685b908e0d6
58d1bb2f4f1e5a6ed723c936429b37a10c1ab9faa7bdfc8795caa09e61ae730f
59283f95a847220905eb3934b86da7c752a4b1f7581852876189cd9cedf5174a
5a0b520605920267a38b9ba3bff2c57619e1b417359f23fae4d66753ebe5df71
621a5a19aa5f2305d640063ce171a1dbf194d96997c307cd1e93e37064af1db7
65c6f032dc0e37b082d7a18e79bb9134bfc232868039e071e044f9da88ad54bb
66241ee251ee5b131179dc059f66fbc4176d0bc857b53f15e924b47200d034d9
69a2532196c3fa6b003bab159a9af83a56fec3e189a450c3eb9c4b1122a3bd17
6a6c4976cad4b4d235badc49a2906c1877af0039eb8b7e868ad3d242a0b97969
6b0b111ca14c2147a0f0cb51f1317290eb5ec19b4a9bea595a5ad7ffb7d9661a
6d76ea937dcf5533f1fa4a1d930ee8208cb538cc4ff0b1728f657f4c606731b5
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
721fb9398629ae4ac2169b208a651f09a7d5e5a370323fcf8891428acc94a4ea
7342f390b12f636d14e25f698fc5e38cf6240994dc0c07fefbbb4e78ec4d03c7
793817390b35bd74ec65da7f2a25f446089ffb34d71576fdb104838a841cfd9e
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
83c0510a92f130a0d189183d4e148c2ba37b08265f75fff578300b12fca7a5a3
8a675aa92f8534908d01185a7ca590565615ee4385a88a5b5a789395ee359694
8d83b16e8e509c614fedea4b882cf8d045e4f195506a5184258b68bae8693069
9335ca07803d3360d8e608c7f1126fc2204d51c8036ac80a3880d5c267f44397
9473375ad87ce6b6a0ffcf10091df24b56b0492ac233b5d106716f4a728ec71c
95ea62b1500600dbaf8354a2a2a8f0f9e9d023217c53bb215a9aaa0524a44efb
987296189f8b1a81e92753d3b1e6ead067e68b362ce5315ac6af4ecc18ca9272
a5490df5af20a737d00e6020ad9801673b3b43a9da5905ca0f84ad71ec0b1173
a96b79230a7166f85e822caf6ebc7f0481a83c98099e1004c5b9b9aba3c4743c
abc2e11580dc60819873b3b8fe41f91ee97b6a83b232851be271d31dd149ca07
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b245b27f8ac2e960c979c5d82925c30e217524874881eac4675452849e5a435b
b7fcf1c20c5f23a23d5487b6b6ec1122d00eb5ca22f694af86ccc6aa2b0b3c5d
b810cb33011deed26409b4712ba37631f155248959015d6e41f40e7c7d2f3c2d
bf85f082ac0307f67e36e703a07cd187c3081bbb396f42c4c6a3470cdc9fae80
c47f95e9a29b4fcad6992ec3cfa56b9d07e52d1e66673b4b97d52a8895d96676
c647453a432159332ad3cb5df3c7e122b0e1c03ddcc420a0e2aca1d5d53d0fde
c843edc49247a1622157e772890c0db223b1fd2f7c63f2059380a2c0e834a774
c94927a230b441711db5512dccb43c84fcecce42c1961e9eb91f9fc4dcf99b0a
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d95df2ffd409a6b4e7abafe600db3e91ad6e38b9666c894ccda238d8446f2f0f
da4ce6a7f2dd3eee8d5424c9b9c1ea0e5ccacd5797dbb10375a8a489b9f3c993
e03cdc1caac9c533c272d90d66283fc3a9302e0a44df542188821f3cdcab326f
e0828d30d904cdb14a90cff420541165a1eb0567dee4300186565f367018fd06
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ac21195cd239608cdf470b20c81a1d8de25078509d8bee2eb740ed86ca367c
e8787b986ce1452c351a4976cb95b95be50429a278530debf91d524e72a65ec8
eee5ebb47afff7b721c9a558a3521342370e4466ba4bd01357364672ae384681
f8d6c91271d85f726d1ebd434e4fa3af40d9db3ef79ff334ad5cb1e291231b16
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda