urlscan.io logo urlscan.io
SecurityTrails logo

taxestogo.com Open in urlscan Pro
104.18.40.81  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://isomtaxapp.com/
Effective URL: https://taxestogo.com/App/Download/83972
Submission Tags: suspect
Submission: On November 16 via api from BR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 4 countries across 12 domains to perform 38 HTTP transactions. The main IP is 104.18.40.81, located in and belongs to CLOUDFLARENET, US. The main domain is taxestogo.com.
TLS certificate: Issued by WR1 on October 30th 2024. Valid for: 3 months.
This is the only time taxestogo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.33.251.168 16509 (AMAZON-02)
21 104.18.40.81 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 142.250.186.99 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 65.9.7.195 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.185.99 15169 (GOOGLE)
38 12
1    3.33.251.168 (United States)

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com
isomtaxapp.com
21    104.18.40.81 (None, )

ASN13335 (CLOUDFLARENET, US)
taxestogo.com
2    2606:4700::6812:320 (United States)

ASN13335 (CLOUDFLARENET, US)
sly01337.jscrambler.com
1    2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net
fonts.gstatic.com
2    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    65.9.7.195 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-7-195.fra56.r.cloudfront.net
d22xmn10vbouk4.cloudfront.net
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c0d::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
www.google.de
Apex Domain
Subdomains		 Transfer
21 taxestogo.com
taxestogo.com
173 KB
4 gstatic.com
fonts.gstatic.com
31 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
22 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
177 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
2 jscrambler.com
sly01337.jscrambler.com — Cisco Umbrella Rank: 547724
151 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 10745
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
552 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4108
1 cloudfront.net
d22xmn10vbouk4.cloudfront.net
19 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 617
7 KB
1 isomtaxapp.com
isomtaxapp.com
328 B
38 12
Domain Requested by
21 taxestogo.com taxestogo.com
sly01337.jscrambler.com
4 fonts.gstatic.com fonts.googleapis.com
2 www.google-analytics.com sly01337.jscrambler.com
2 www.googletagmanager.com taxestogo.com
sly01337.jscrambler.com
2 fonts.googleapis.com taxestogo.com
2 sly01337.jscrambler.com taxestogo.com
sly01337.jscrambler.com
1 www.google.de taxestogo.com
1 stats.g.doubleclick.net sly01337.jscrambler.com
1 region1.analytics.google.com sly01337.jscrambler.com
1 d22xmn10vbouk4.cloudfront.net sly01337.jscrambler.com
1 static.cloudflareinsights.com taxestogo.com
1 isomtaxapp.com 1 redirects
38 12

This site contains no links.

Subject Issuer Validity Valid
taxestogo.com
WR1		 2024-10-30 -
2025-01-28		 3 months crt.sh
*.jscrambler.com
Thawte TLS RSA CA G1		 2024-03-13 -
2025-04-13		 a year crt.sh
cloudflareinsights.com
WE1		 2024-11-01 -
2025-01-30		 3 months crt.sh
upload.video.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google.de
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://taxestogo.com/App/Download/83972
Frame ID: C5AC0DAEA9554BE508F76A24DCFE250A
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Isom Capital Tax | Referral Download

Page URL History Show full URLs

  1. http://isomtaxapp.com/ HTTP 307
    https://isomtaxapp.com/ HTTP 301
    https://taxestogo.com/App/Download/83972 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

38
Requests

100 %
HTTPS

58 %
IPv6

12
Domains

12
Subdomains

12
IPs

4
Countries

582 kB
Transfer

1993 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://isomtaxapp.com/ HTTP 307
    https://isomtaxapp.com/ HTTP 301
    https://taxestogo.com/App/Download/83972 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 83972
taxestogo.com/App/Download/
Redirect Chain
  • http://isomtaxapp.com/
  • https://isomtaxapp.com/
  • https://taxestogo.com/App/Download/83972
79 KB
52 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://taxestogo.com/App/Download/83972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dffed7a863fa1a815c9af1ad942cb77aea9cd97875fdcf9b08552c2670b1c31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0

Response headers

accept-ch
Sec-CH-UA-Full-Version-List
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
8e38582dad45e527-TXL
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 16 Nov 2024 14:59:22 GMT
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC"
x-aspnet-version
4.0.30319
x-aspnetmvc-version
x-who
PRC6

Redirect headers

Connection
close
Content-Length
75
Content-Type
text/html; charset=utf-8
Date
Sat, 16 Nov 2024 14:59:21 GMT
Location
https://taxestogo.com/App/Download/83972
Server
ip-100-74-4-88.eu-west-2.compute.internal
Vary
Accept-Encoding
X-Request-Id
eff3c4be-9908-4ef1-93d9-633fd40b4f69
bootstrap.css
taxestogo.com/Content/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://taxestogo.com/Content/bootstrap.css
Requested by
Host: taxestogo.com
URL: https://taxestogo.com/App/Download/83972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://taxestogo.com/App/Download/83972

Response headers

x-who
PRA8
content-encoding
br
cf-cache-status
HIT
etag
W/"76fcdcdf7e36db1:0"
accept-ch
Sec-CH-UA-Full-Version-List
cf-ray
8e38582f6e8ae527-TXL
date
Sat, 16 Nov 2024 14:59:22 GMT
content-type
text/css
last-modified
Thu, 14 Nov 2024 10:20:48 GMT
x-aspnetmvc-version
server
cloudflare
vary
Accept-Encoding
animate.css
taxestogo.com/Content/ 		71 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://taxestogo.com/Content/animate.css
Requested by
Host: taxestogo.com
URL: https://taxestogo.com/App/Download/83972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d34c3af0d3b74cbb878ca4472668ebae02410ed1bfe8e85b244bb582d1dcb2ea

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://taxestogo.com/App/Download/83972

Response headers

x-who
PRA9
content-encoding
br
cf-cache-status
HIT
etag
W/"3ad2ade7e36db1:0"
accept-ch
Sec-CH-UA-Full-Version-List
cf-ray
8e38582f6e8de527-TXL
date
Sat, 16 Nov 2024 14:59:22 GMT
content-type
text/css
last-modified
Thu, 14 Nov 2024 10:20:45 GMT
vary
Accept-Encoding
server
cloudflare
font-awesome.css
taxestogo.com/Content/fonts/font-awesome/css/ 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://taxestogo.com/Content/fonts/font-awesome/css/font-awesome.css
Requested by
Host: taxestogo.com
URL: https://taxestogo.com/App/Download/83972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b5b6ddb40da6bad3c360ea658fc956a4d9226783ccfca9356a2aac5c49e1af2

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://taxestogo.com/App/Download/83972

Response headers

x-who
PRA5
content-encoding
br
cf-cache-status
HIT
etag
W/"5bc90dd7e36db1:0"
accept-ch
Sec-CH-UA-Full-Version-List
cf-ray
8e38582f6e90e527-TXL
date
Sat, 16 Nov 2024 14:59:22 GMT
content-type
text/css
last-modified
Thu, 14 Nov 2024 10:20:43 GMT
x-aspnetmvc-version
server
cloudflare
vary
Accept-Encoding
flexslider.css
taxestogo.com/Content/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://taxestogo.com/Content/flexslider.css
Requested by
Host: taxestogo.com
URL: https://taxestogo.com/App/Download/83972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5866500ce35d12dd24ad7bc4d1d96762ed895784ad46bae3dcf2715b73b75fa

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://taxestogo.com/App/Download/83972

Response headers

x-who
PRA10
content-encoding
br
cf-cache-status
HIT
etag
W/"c0da83de7e36db1:0"
accept-ch
Sec-CH-UA-Full-Version-List
cf-ray
8e38582f6e93e527-TXL
date
Sat, 16 Nov 2024 14:59:22 GMT
content-type
text/css
last-modified
Thu, 14 Nov 2024 10:20:46 GMT
vary
Accept-Encoding
server
cloudflare
owl.carousel.css
taxestogo.com/Content/ 		1 KB
605 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://taxestogo.com/Content/owl.carousel.css
Requested by
Host: taxestogo.com
URL: https://taxestogo.com/App/Download/83972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dc77ee90dc2225b57b31d28fe06213cd6c491bdc7249a6e70ebd003b72c5702

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://taxestogo.com/App/Download/83972

Response headers

x-who
PRA6
content-encoding
br
cf-cache-status
HIT
etag
W/"4853c4dc7e36db1:0"
accept-ch
Sec-CH-UA-Full-Version-List
cf-ray
8e38582f6e98e527-TXL
date
Sat, 16 Nov 2024 14:59:22 GMT
content-type
text/css
last-modified
Thu, 14 Nov 2024 10:20:43 GMT
x-aspnetmvc-version
server
cloudflare
vary
Accept-Encoding
owl.theme.css
taxestogo.com/Content/ 		2 KB
712 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://taxestogo.com/Content/owl.theme.css
Requested by
Host: taxestogo.com
URL: https://taxestogo.com/App/Download/83972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91ee720f3c25ec6b209d88019c20e2592340ff1fe1c94f3d5431e5fd1e77e5dc

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://taxestogo.com/App/Download/83972

Response headers

x-who
PRA16
content-encoding
br
cf-cache-status
HIT
etag
W/"143eacdf7e36db1:0"
accept-ch
Sec-CH-UA-Full-Version-List
cf-ray
8e38582f6e9ce527-TXL
date
Sat, 16 Nov 2024 14:59:22 GMT
content-type
text/css
last-modified
Thu, 14 Nov 2024 10:20:48 GMT
vary
Accept-Encoding
server
cloudflare
owl.transitions.css
taxestogo.com/Content/ 		4 KB
814 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://taxestogo.com/Content/owl.transitions.css
Requested by
Host: taxestogo.com
URL: https://taxestogo.com/App/Download/83972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
711bc5b0b8c40e39b2560e65797d175e72a89b49ebbc266a7c7b581c4bec4b21

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://taxestogo.com/App/Download/83972

Response headers

x-who
PRA1
content-encoding
br
cf-cache-status
HIT
etag
W/"e85944e47e36db1:0"
accept-ch
Sec-CH-UA-Full-Version-List
cf-ray
8e38582f6e9ee527-TXL
date
Sat, 16 Nov 2024 14:59:22 GMT
content-type
text/css
last-modified
Thu, 14 Nov 2024 10:20:56 GMT
vary
Accept-Encoding
server
cloudflare
style.css
taxestogo.com/Content/scss/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://taxestogo.com/Content/scss/style.css
Requested by
Host: taxestogo.com
URL: https://taxestogo.com/App/Download/83972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd542dddfea5cef7e64e50e080af32a2b9ac04b18e8be56cfa7c833419ea9ef7

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://taxestogo.com/App/Download/83972

Response headers

x-who
PRA4
content-encoding
br
cf-cache-status
HIT
etag
W/"38c8cedc7e36db1:0"
accept-ch
Sec-CH-UA-Full-Version-List
cf-ray
8e38582f6ea2e527-TXL
date
Sat, 16 Nov 2024 14:59:22 GMT
content-type
text/css
last-modified
Thu, 14 Nov 2024 10:20:43 GMT
x-aspnetmvc-version
server
cloudflare
vary
Accept-Encoding
1588655105.js
sly01337.jscrambler.com/cc/ 		683 KB
151 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sly01337.jscrambler.com/cc/1588655105.js
Requested by
Host: taxestogo.com
URL: https://taxestogo.com/App/Download/83972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5983b097f3a77c9b1c98cc03cc0fd787ee4cc5e9c02df3527765ee961a66dc9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://taxestogo.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=0, s-maxage=30, stale-while-revalidate=30
content-encoding
gzip
cf-cache-status
HIT
etag
W/"1730381098888"
x-content-type-options
nosniff
cf-ray
8e3858320cb8aca4-TXL
date
Sat, 16 Nov 2024 14:59:22 GMT
x-xss-protection
1;mode=block
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
server
cloudflare
modernizr-2.6.2.js
taxestogo.com/Scripts/ 		50 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://taxestogo.com/Scripts/modernizr-2.6.2.js
Requested by
Host: taxestogo.com
URL: https://taxestogo.com/App/Download/83972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a06c8a7e392e128a69c6b160cd54d613191a3446f24c8adff3cb93d916fc8fe7

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://taxestogo.com/App/Download/83972

Response headers

x-who
PRA7
content-encoding
br
cf-cache-status
HIT
etag
W/"17af3fde7e36db1:0"
accept-ch
Sec-CH-UA-Full-Version-List
cf-ray
8e38582f6ea4e527-TXL
date
Sat, 16 Nov 2024 14:59:22 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 10:20:46 GMT
x-aspnetmvc-version
server
cloudflare
vary
Accept-Encoding
jquery-3.1.1.js
taxestogo.com/Scripts/ 		100 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://taxestogo.com/Scripts/jquery-3.1.1.js
Requested by
Host: taxestogo.com
URL: https://taxestogo.com/App/Download/83972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
934aa093fe0606814af7fd59ee273b1cf6c14ae45b6c60a2083040b1fcff182d

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://taxestogo.com/App/Download/83972

Response headers

x-who
PRA2
content-encoding
br
cf-cache-status
HIT
etag
W/"a92a7edc7e36db1:0"
accept-ch
Sec-CH-UA-Full-Version-List
cf-ray
8e38582f9fa5e527-TXL
date
Sat, 16 Nov 2024 14:59:22 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 10:20:43 GMT
x-aspnetmvc-version
server
cloudflare
vary
Accept-Encoding
jquery-migrate.js
taxestogo.com/Scripts/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://taxestogo.com/Scripts/jquery-migrate.js
Requested by
Host: taxestogo.com
URL: https://taxestogo.com/App/Download/83972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://taxestogo.com/App/Download/83972

Response headers

x-who
PRA5
content-encoding
br
cf-cache-status
HIT
etag
W/"d32f44dd7e36db1:0"
accept-ch
Sec-CH-UA-Full-Version-List
cf-ray
8e38582f9fa8e527-TXL
date
Sat, 16 Nov 2024 14:59:22 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 10:20:44 GMT
x-aspnetmvc-version
server
cloudflare
vary
Accept-Encoding
jquery.scrollTo.js
taxestogo.com/Scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://taxestogo.com/Scripts/jquery.scrollTo.js
Requested by
Host: taxestogo.com
URL: https://taxestogo.com/App/Download/83972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e6edd9079f88ec95d66142c9d30f5c072e3c2e2be2bbe4514fca2e7025cad3e

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://taxestogo.com/App/Download/83972

Response headers

x-who
PRA12
content-encoding
br
cf-cache-status
HIT
etag
W/"86cfbfde7e36db1:0"
accept-ch
Sec-CH-UA-Full-Version-List
cf-ray
8e38582f9fabe527-TXL
date
Sat, 16 Nov 2024 14:59:22 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 10:20:46 GMT
vary
Accept-Encoding
server
cloudflare
bootstrap.js
taxestogo.com/Scripts/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://taxestogo.com/Scripts/bootstrap.js
Requested by
Host: taxestogo.com
URL: https://taxestogo.com/App/Download/83972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://taxestogo.com/App/Download/83972

Response headers

x-who
PRC15
content-encoding
br
cf-cache-status
HIT
etag
W/"a6ccf2df7e36db1:0"
accept-ch
Sec-CH-UA-Full-Version-List
cf-ray
8e38582f9fade527-TXL
date
Sat, 16 Nov 2024 14:59:22 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 10:20:48 GMT
vary
Accept-Encoding
server
cloudflare
jquery.easing.1.3.js
taxestogo.com/Scripts/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://taxestogo.com/Scripts/jquery.easing.1.3.js
Requested by
Host: taxestogo.com
URL: https://taxestogo.com/App/Download/83972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6c2814936ac13f206f1e09255f75d3faafbb29bddbe22e93fd6464f817ca49e

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://taxestogo.com/App/Download/83972

Response headers

x-who
PRA15
content-encoding
br
cf-cache-status
HIT
etag
W/"f83e4e07e36db1:0"
accept-ch
Sec-CH-UA-Full-Version-List
cf-ray
8e38582f9fb0e527-TXL
date
Sat, 16 Nov 2024 14:59:22 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 10:20:48 GMT
vary
Accept-Encoding
server
cloudflare
jquery.flexslider.js
taxestogo.com/Scripts/flexslider/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://taxestogo.com/Scripts/flexslider/jquery.flexslider.js
Requested by
Host: taxestogo.com
URL: https://taxestogo.com/App/Download/83972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df3f85779a6ccee916f58e95d0e385d2f439bb0345d2f83fe404f6649a391912

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://taxestogo.com/App/Download/83972

Response headers

x-who
PRC13
content-encoding
br
cf-cache-status
HIT
etag
W/"476d69df7e36db1:0"
accept-ch
Sec-CH-UA-Full-Version-List
cf-ray
8e38582f9fb3e527-TXL
date
Sat, 16 Nov 2024 14:59:22 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 10:20:47 GMT
vary
Accept-Encoding
server
cloudflare
wow.js
taxestogo.com/Scripts/wow/dist/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://taxestogo.com/Scripts/wow/dist/wow.js
Requested by
Host: taxestogo.com
URL: https://taxestogo.com/App/Download/83972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfa1739ee346d63a3d3cfdff8c18cbe8fdedbcb32d4b0895028c193ce828e7a5

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://taxestogo.com/App/Download/83972

Response headers

x-who
PRA11
content-encoding
br
cf-cache-status
HIT
etag
W/"d482e4de7e36db1:0"
accept-ch
Sec-CH-UA-Full-Version-List
cf-ray
8e38582f9fb4e527-TXL
date
Sat, 16 Nov 2024 14:59:22 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 10:20:47 GMT
vary
Accept-Encoding
server
cloudflare
owl.carousel.js
taxestogo.com/Scripts/owl-carousel/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://taxestogo.com/Scripts/owl-carousel/owl.carousel.js
Requested by
Host: taxestogo.com
URL: https://taxestogo.com/App/Download/83972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://taxestogo.com/App/Download/83972

Response headers

x-who
PRA13
content-encoding
br
cf-cache-status
HIT
etag
W/"895665df7e36db1:0"
accept-ch
Sec-CH-UA-Full-Version-List
cf-ray
8e38582f9fb5e527-TXL
date
Sat, 16 Nov 2024 14:59:22 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 10:20:47 GMT
vary
Accept-Encoding
server
cloudflare
custom.js
taxestogo.com/Scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://taxestogo.com/Scripts/custom.js
Requested by
Host: taxestogo.com
URL: https://taxestogo.com/App/Download/83972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fa5244a8fc2ddd1be0b724fc35287a7da28b83452b92a756815a182afacd4da

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://taxestogo.com/App/Download/83972

Response headers

x-who
PRA14
content-encoding
br
cf-cache-status
HIT
etag
W/"9597e6df7e36db1:0"
accept-ch
Sec-CH-UA-Full-Version-List
cf-ray
8e38582f9fb8e527-TXL
date
Sat, 16 Nov 2024 14:59:22 GMT
content-type
application/javascript
last-modified
Thu, 14 Nov 2024 10:20:48 GMT
vary
Accept-Encoding
server
cloudflare
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: taxestogo.com
URL: https://taxestogo.com/App/Download/83972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://taxestogo.com
Referer
https://taxestogo.com/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8e385831f9b5e509-TXL
access-control-allow-origin
*
date
Sat, 16 Nov 2024 14:59:22 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
css
fonts.googleapis.com/ 		4 KB
905 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:400,700,600,500,300
Requested by
Host: taxestogo.com
URL: https://taxestogo.com/Content/scss/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
77a1fce6fc47668e66d87e300b665b5901aa0e62c98e2a48e023093a5b9fd9e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://taxestogo.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 14:59:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 14:59:22 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
css
fonts.googleapis.com/ 		403 B
369 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Indie+Flower
Requested by
Host: taxestogo.com
URL: https://taxestogo.com/Content/scss/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3ca7f2b286ce3ff0d9bd8dc59162388b9c130acd12fcf424975c291d67e3ff01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://taxestogo.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 14:59:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 14:59:22 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,700,600,500,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
643e38d8c288a1da34a14a68a5012441929108d50054414ce8cc33fad36a2354
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://taxestogo.com
Referer
https://fonts.googleapis.com/

Response headers

age
255771
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 15:56:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 15:56:31 GMT
last-modified
Fri, 22 Mar 2024 00:02:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7844
x-xss-protection
0
server
sffe
gtm.js
www.googletagmanager.com/ 		217 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MVD5BC
Requested by
Host: taxestogo.com
URL: https://taxestogo.com/App/Download/83972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d61249f63ad5f4a14342441f0f896100ceb26c7dc4844a0baffbf10ab6a227de
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://taxestogo.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Sat, 16 Nov 2024 14:59:22 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 14:59:22 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Sat, 16 Nov 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
79836
x-xss-protection
0
server
Google Tag Manager
truncated
/ 		51 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2473b579e5c047c6d4e77e4cd034ff6b027d31b4c8fcc7f5fa6e4c680af2d6d5

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer

Response headers

Content-Type
image/png
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,700,600,500,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
3dc5d0c52428fe1696264907a1054ebbaac07f8cbe45832c105f819c2ae397c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://taxestogo.com
Referer
https://fonts.googleapis.com/

Response headers

age
256446
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 15:45:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 15:45:16 GMT
last-modified
Fri, 22 Mar 2024 00:00:51 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7900
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFd2JQEk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,700,600,500,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
197a3cbd7290c242c5c765268cdd69a9a39867fdc80cd13071f243a81c56fb76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://taxestogo.com
Referer
https://fonts.googleapis.com/

Response headers

age
256541
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 15:43:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 15:43:41 GMT
last-modified
Fri, 22 Mar 2024 00:00:31 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7848
x-xss-protection
0
server
sffe
pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFd2JQEk.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400,700,600,500,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
289e0afc8be731a86822349e54557296f145926496bd2138db1bac0db77f77a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Origin
https://taxestogo.com
Referer
https://fonts.googleapis.com/

Response headers

age
396092
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 12 Nov 2025 00:57:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 12 Nov 2024 00:57:50 GMT
last-modified
Fri, 22 Mar 2024 00:00:33 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7740
x-xss-protection
0
server
sffe
opafktdbbto
sly01337.jscrambler.com/ 		612 B
726 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sly01337.jscrambler.com/opafktdbbto
Requested by
Host: sly01337.jscrambler.com
URL: https://sly01337.jscrambler.com/cc/1588655105.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:320 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
304442b12b466fc80087d89036020d3edf5eab2a322429ee2b9f2f70aee9934a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1;mode=block

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type
text/plain;charset=UTF-8
Referer
https://taxestogo.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
DYNAMIC
etag
W/"264-v8yEKL+TqSlsxAChFB1C648AKvg"
x-content-type-options
nosniff
cf-ray
8e38583449bc2685-TXL
access-control-allow-origin
*
date
Sat, 16 Nov 2024 14:59:23 GMT
x-xss-protection
1;mode=block
content-type
text/plain; charset=utf-8
vary
Accept-Encoding
server
cloudflare
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: sly01337.jscrambler.com
URL: https://sly01337.jscrambler.com/cc/1588655105.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://taxestogo.com/

Response headers

content-encoding
gzip
age
5356
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Sat, 16 Nov 2024 15:30:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 13:30:07 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
328e1aec623111eea7690af2724de0e9.js
d22xmn10vbouk4.cloudfront.net/ 		69 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d22xmn10vbouk4.cloudfront.net/328e1aec623111eea7690af2724de0e9.js
Requested by
Host: sly01337.jscrambler.com
URL: https://sly01337.jscrambler.com/cc/1588655105.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.195 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-195.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c8a6c350e536a1acd01f5f26e14c4ee5c45327c125809ce03868a3e46ebcc92b

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://taxestogo.com/

Response headers

vary
accept-encoding
cache-control
public, max-age=601
content-encoding
gzip
etag
W/"64023dcce2c5fe72115241f19d0ad834"
via
1.1 fdd677a35b242f0199586a71e2f6859e.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
9W1l7TGGNRu8rkdI8sjwVFyWMXeKIk6lzH2g-gr_1IO8VN2HchVD8g==
date
Sat, 16 Nov 2024 14:59:24 GMT
content-type
text/javascript
last-modified
Sat, 16 Nov 2024 00:04:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
x-amz-server-side-encryption
AES256
collect
www.google-analytics.com/j/ 		15 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=153984102&t=pageview&_s=1&dl=https%3A%2F%2Ftaxestogo.com%2FApp%2FDownload%2F83972&ul=de-de&de=UTF-8&dt=Isom%20Capital%20Tax%20%7C%20Referral%20Download&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=627385431&gjid=841371196&cid=836725813.1731769163&tid=UA-83283-26&_gid=200495260.1731769163&_r=1&_slc=1&gtm=45He4bc0n71MVD5BCv72792934za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855&npa=1&z=406910703
Requested by
Host: sly01337.jscrambler.com
URL: https://sly01337.jscrambler.com/cc/1588655105.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
39c8a6a8a1df858ec3aae690a7ab387556170936c74fed66da9cae08f213f865
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Content-Type
text/plain
Referer
https://taxestogo.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 14:59:23 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://taxestogo.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
js
www.googletagmanager.com/gtag/ 		280 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-V0FY2Q94L2&cx=c&_slc=1
Requested by
Host: sly01337.jscrambler.com
URL: https://sly01337.jscrambler.com/cc/1588655105.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c04ec3a005727ce701580a1fc6458c82eaa862b9a1c8a54c1af17c08b8ccbf35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://taxestogo.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sat, 16 Nov 2024 14:59:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 14:59:23 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
100303
x-xss-protection
0
server
Google Tag Manager
collect
region1.analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-V0FY2Q94L2&gtm=45je4bc0v9126564846za200&_p=1731769162504&_gaz=1&gcd=13l3l3l2l3l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067554~102067808~102077855&ul=de-de&sr=1600x1200&cid=836725813.1731769163&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Ftaxestogo.com%2FApp%2FDownload%2F83972&dt=Isom%20Capital%20Tax%20%7C%20Referral%20Download&sid=1731769163&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1601
Requested by
Host: sly01337.jscrambler.com
URL: https://sly01337.jscrambler.com/cc/1588655105.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://taxestogo.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://taxestogo.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 14:59:23 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
552 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-V0FY2Q94L2&cid=836725813.1731769163&gtm=45je4bc0v9126564846za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l3l1&npa=1&frm=0&tag_exp=101925629~102067554~102067808~102077855
Requested by
Host: sly01337.jscrambler.com
URL: https://sly01337.jscrambler.com/cc/1588655105.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://taxestogo.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://taxestogo.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 16 Nov 2024 14:59:23 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-V0FY2Q94L2&cid=836725813.1731769163&gtm=45je4bc0v9126564846za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l3l1&npa=1&frm=0&tag_exp=101925629~102067554~102067808~102077855&tag_exp=101925629~102067554~102067808~102077855&z=638407307
Requested by
Host: taxestogo.com
URL: https://taxestogo.com/App/Download/83972
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://taxestogo.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Sat, 16 Nov 2024 14:59:23 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
rum
taxestogo.com/cdn-cgi/ 		0
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://taxestogo.com/cdn-cgi/rum?
Requested by
Host: sly01337.jscrambler.com
URL: https://sly01337.jscrambler.com/cc/1588655105.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
content-type
application/json
Referer
https://taxestogo.com/App/Download/83972

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8e3858388f72e527-TXL
access-control-allow-origin
https://taxestogo.com
date
Sat, 16 Nov 2024 14:59:23 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
favicon.ico
taxestogo.com/ 		1 KB
636 B 		Other
General
Check archive.org
Download Go to
Full URL
https://taxestogo.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.40.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

User-Agent
Mozilla/5.0 (Android 13; Mobile; rv:112.0) Gecko/112.0 Firefox/112.0
Referer
https://taxestogo.com/App/Download/83972

Response headers

x-who
PRC3
content-encoding
br
cf-cache-status
HIT
accept-ch
Sec-CH-UA-Full-Version-List
cf-ray
8e3858389f7fe527-TXL
date
Sat, 16 Nov 2024 14:59:23 GMT
content-type
text/html
vary
Accept-Encoding
x-aspnetmvc-version
server
cloudflare

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| html5 object| Modernizr object| dataLayer function| navigateToPrivacyPolicy function| $ function| jQuery function| WOW object| __cfBeacon object| wgxpath object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| tiMonitor function| EMPTY_FUN object| taginspector string| ua

6 Cookies

Domain/Path Name / Value
.taxestogo.com/ Name: __cf_bm
Value: D4wkREG_geURJtzxCSK1HqQM_ECDOLUaVRb3LQj6xpM-1731769162-1.0.1.1-hxLX7XTZVnIpc6mDYASfTG3XEF.PyHOaw9enA6MnRcy7HBAd020z2u8T62Gau0XodWsnmkARzNN83LPikzcBZQ
taxestogo.com/ Name: __cflb
Value: 0H28vk4vRxJ6AJUsEnnSQFbqgA864K8tPggfB5Ey6ps
.taxestogo.com/ Name: _ga
Value: GA1.2.836725813.1731769163
.taxestogo.com/ Name: _gid
Value: GA1.2.200495260.1731769163
.taxestogo.com/ Name: _gat_UA-83283-26
Value: 1
.taxestogo.com/ Name: _ga_V0FY2Q94L2
Value: GS1.2.1731769163.1.0.1731769163.60.0.0

3 Console Messages

Source Level URL
Text
rendering warning URL: https://taxestogo.com/App/Download/83972(Line 4)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
rendering warning URL: https://taxestogo.com/App/Download/83972(Line 7)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
network error URL: https://taxestogo.com/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d22xmn10vbouk4.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
isomtaxapp.com
region1.analytics.google.com
sly01337.jscrambler.com
static.cloudflareinsights.com
stats.g.doubleclick.net
taxestogo.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
104.18.40.81
142.250.185.99
142.250.186.99
2001:4860:4802:32::36
2606:4700::6810:5049
2606:4700::6812:320
2a00:1450:4001:800::200e
2a00:1450:4001:827::2008
2a00:1450:4001:831::200a
2a00:1450:400c:c0d::9b
3.33.251.168
65.9.7.195
197a3cbd7290c242c5c765268cdd69a9a39867fdc80cd13071f243a81c56fb76
1b5b6ddb40da6bad3c360ea658fc956a4d9226783ccfca9356a2aac5c49e1af2
2473b579e5c047c6d4e77e4cd034ff6b027d31b4c8fcc7f5fa6e4c680af2d6d5
289e0afc8be731a86822349e54557296f145926496bd2138db1bac0db77f77a2
2dffed7a863fa1a815c9af1ad942cb77aea9cd97875fdcf9b08552c2670b1c31
304442b12b466fc80087d89036020d3edf5eab2a322429ee2b9f2f70aee9934a
39c8a6a8a1df858ec3aae690a7ab387556170936c74fed66da9cae08f213f865
3ca7f2b286ce3ff0d9bd8dc59162388b9c130acd12fcf424975c291d67e3ff01
3dc5d0c52428fe1696264907a1054ebbaac07f8cbe45832c105f819c2ae397c0
4dc77ee90dc2225b57b31d28fe06213cd6c491bdc7249a6e70ebd003b72c5702
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5983b097f3a77c9b1c98cc03cc0fd787ee4cc5e9c02df3527765ee961a66dc9a
643e38d8c288a1da34a14a68a5012441929108d50054414ce8cc33fad36a2354
711bc5b0b8c40e39b2560e65797d175e72a89b49ebbc266a7c7b581c4bec4b21
77a1fce6fc47668e66d87e300b665b5901aa0e62c98e2a48e023093a5b9fd9e1
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8e6edd9079f88ec95d66142c9d30f5c072e3c2e2be2bbe4514fca2e7025cad3e
8fa5244a8fc2ddd1be0b724fc35287a7da28b83452b92a756815a182afacd4da
91ee720f3c25ec6b209d88019c20e2592340ff1fe1c94f3d5431e5fd1e77e5dc
934aa093fe0606814af7fd59ee273b1cf6c14ae45b6c60a2083040b1fcff182d
a06c8a7e392e128a69c6b160cd54d613191a3446f24c8adff3cb93d916fc8fe7
b5866500ce35d12dd24ad7bc4d1d96762ed895784ad46bae3dcf2715b73b75fa
c04ec3a005727ce701580a1fc6458c82eaa862b9a1c8a54c1af17c08b8ccbf35
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
c8a6c350e536a1acd01f5f26e14c4ee5c45327c125809ce03868a3e46ebcc92b
cfa1739ee346d63a3d3cfdff8c18cbe8fdedbcb32d4b0895028c193ce828e7a5
d34c3af0d3b74cbb878ca4472668ebae02410ed1bfe8e85b244bb582d1dcb2ea
d61249f63ad5f4a14342441f0f896100ceb26c7dc4844a0baffbf10ab6a227de
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f
dd542dddfea5cef7e64e50e080af32a2b9ac04b18e8be56cfa7c833419ea9ef7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df3f85779a6ccee916f58e95d0e385d2f439bb0345d2f83fe404f6649a391912
e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6c2814936ac13f206f1e09255f75d3faafbb29bddbe22e93fd6464f817ca49e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c