retirementtaxbill.com Open in urlscan Pro
18.119.125.24  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response retirementtaxbill.com/	1 KB 862 B	352ms 106ms	Document text/html	18.119.125.24 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://retirementtaxbill.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.119.125.24 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-119-125-24.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 956bf0a97b1d1e65658bf972659aaf4ae509dd784de9faffcfb20ec70def5d5f Request headers Host retirementtaxbill.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Server nginx/1.18.0 (Ubuntu) Date Tue, 28 Sep 2021 21:10:31 GMT Content-Type text/html Last-Modified Tue, 28 Sep 2021 18:54:00 GMT Transfer-Encoding chunked Connection keep-alive ETag W/"615364c8-4f1" Content-Encoding gzip
GET H/1.1	200 OK	app.4f70d664.css retirementtaxbill.com/css/	2 KB 2 KB	104ms 104ms	Stylesheet text/css	18.119.125.24 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://retirementtaxbill.com/css/app.4f70d664.css Requested by Host: retirementtaxbill.com URL: https://retirementtaxbill.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.119.125.24 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-119-125-24.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 8a8a0dbf91f97339d0179d30b6c1c538f6b07b7de612acea2936428d0dfaa3ba Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host retirementtaxbill.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://retirementtaxbill.com/ Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://retirementtaxbill.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Tue, 28 Sep 2021 21:10:31 GMT Last-Modified Tue, 28 Sep 2021 18:53:56 GMT Server nginx/1.18.0 (Ubuntu) ETag "615364c4-72e" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 1838
GET H/1.1	200 OK	chunk-vendors.958b4489.css retirementtaxbill.com/css/	378 KB 379 KB	314ms 210ms	Stylesheet text/css	18.119.125.24 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://retirementtaxbill.com/css/chunk-vendors.958b4489.css Requested by Host: retirementtaxbill.com URL: https://retirementtaxbill.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.119.125.24 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-119-125-24.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 04fb7f7a91fa7544024d0d5b4dae27be3e27f949d14433135dfc3f70f51a3a97 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host retirementtaxbill.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,*/*;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://retirementtaxbill.com/ Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://retirementtaxbill.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Tue, 28 Sep 2021 21:10:31 GMT Last-Modified Tue, 28 Sep 2021 18:53:56 GMT Server nginx/1.18.0 (Ubuntu) ETag "615364c4-5e97e" Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 387454
GET H/1.1	200 OK	app.18afb032.js Show response retirementtaxbill.com/js/	22 KB 22 KB	411ms 204ms	Script application/javascript	18.119.125.24 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://retirementtaxbill.com/js/app.18afb032.js Requested by Host: retirementtaxbill.com URL: https://retirementtaxbill.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.119.125.24 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-119-125-24.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 7d75968cafc48a827aa4d6be3ec4ac62894636a0414a60b8609d0470a61d5ae9 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host retirementtaxbill.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://retirementtaxbill.com/ Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://retirementtaxbill.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Tue, 28 Sep 2021 21:10:31 GMT Last-Modified Tue, 28 Sep 2021 18:53:58 GMT Server nginx/1.18.0 (Ubuntu) ETag "615364c6-5640" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 22080
GET H/1.1	200 OK	chunk-vendors.a1bb949c.js Show response retirementtaxbill.com/js/	425 KB 425 KB	412ms 204ms	Script application/javascript	18.119.125.24 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://retirementtaxbill.com/js/chunk-vendors.a1bb949c.js Requested by Host: retirementtaxbill.com URL: https://retirementtaxbill.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.119.125.24 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-119-125-24.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 58b2b9df4beaebf132e1ed0bc7b0e0d7464b576136ac0bd1a2fdd92cc78ce9a4 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host retirementtaxbill.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept */* Cache-Control no-cache Sec-Fetch-Dest script Referer https://retirementtaxbill.com/ Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://retirementtaxbill.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Tue, 28 Sep 2021 21:10:31 GMT Last-Modified Tue, 28 Sep 2021 18:53:58 GMT Server nginx/1.18.0 (Ubuntu) ETag "615364c6-6a428" Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 435240
GET H2	200	css2 fonts.googleapis.com/	14 KB 1 KB	93ms 32ms	Stylesheet text/css	142.250.185.170 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700;800&display=swap Requested by Host: retirementtaxbill.com URL: https://retirementtaxbill.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.170 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f10.1e100.net Software ESF / Resource Hash 130e732db4342be303b045a8f292a6b809b7eea95ead3c1975a63d109f3c3e52 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://retirementtaxbill.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 28 Sep 2021 20:04:02 GMT server ESF date Tue, 28 Sep 2021 21:10:31 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 28 Sep 2021 21:10:31 GMT
GET H2	200	materialdesignicons.min.css cdn.jsdelivr.net/npm/@mdi/font@5.x/css/	268 KB 43 KB	39ms 7ms	Stylesheet text/css	151.101.65.229 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@mdi/font@5.x/css/materialdesignicons.min.css Requested by Host: retirementtaxbill.com URL: https://retirementtaxbill.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.229 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 9b9c9c2d93395ec8f6a7e8220ace8030af3cd8ce73ec9b67f57e4712b54432cb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Accept-Language de-DE,de;q=0.9 Referer https://retirementtaxbill.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 34130 x-jsd-version 5.9.55 x-cache HIT, HIT cross-origin-resource-policy cross-origin content-length 44082 etag W/"42ee2-CKTXny4oZWgGaKw+ActLLIvSXKE" x-served-by cache-fra19129-FRA, cache-hhn4062-HHN x-jsd-version-type version date Tue, 28 Sep 2021 21:10:31 GMT vary Accept-Encoding content-type text/css; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
GET H/1.1	200 OK	605875159 Show response player.vimeo.com/video/ Frame DF5E	16 KB 8 KB	269ms 223ms	Document text/html	151.101.0.217 FASTLY
General Check archive.org Show headers Download Go to Full URL https://player.vimeo.com/video/605875159?h=1e06f9d73c Requested by Host: retirementtaxbill.com URL: https://retirementtaxbill.com/js/chunk-vendors.a1bb949c.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.0.217 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 13be591bddc944c13a0a9b16beaa2e4f08dd2c94a2306f82ef6426329bb71cc7 Security Headers Name Value Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Host player.vimeo.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://retirementtaxbill.com/ Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://retirementtaxbill.com/ Response headers Connection keep-alive Content-Length 5408 Server nginx Content-Type text/html; charset=UTF-8 X-Xss-Protection 1; mode=block Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://wirewax.s3.eu-west-1.amazonaws.com https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com https://*.wirewax.com https://wirewax.s3.eu-west-1.amazonaws.com https://sqs.us-east-1.amazonaws.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://wirewax.s3.eu-west-1.amazonaws.com https://studio-media.wirewax.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com X-Content-Type-Options nosniff Content-Encoding gzip Strict-Transport-Security max-age=31536000; includeSubDomains; preload Link <https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin P3p CP="This is not a P3P policy! See https://vimeo.com/privacy" Expires Tue, 28 Sep 2021 21:20:32 GMT Via 1.1 varnish, 1.1 varnish Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 X-Varnish-Cache 0 X-VServer infra-playproxy-b-1 X-Vimeo-DC ge Accept-Ranges bytes Date Tue, 28 Sep 2021 21:10:32 GMT Age 0 X-Served-By cache-hhn4069-HHN X-Cache MISS X-Cache-Hits 0 X-Timer S1632863432.329668,VS0,VE217 Vary Accept-Encoding X-Player-Backend p
GET H/1.1	200 OK	herobg.dffb2ad5.png retirementtaxbill.com/img/	1018 KB 1018 KB	104ms 103ms	Image image/png	18.119.125.24 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://retirementtaxbill.com/img/herobg.dffb2ad5.png Requested by Host: retirementtaxbill.com URL: https://retirementtaxbill.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 18.119.125.24 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-119-125-24.us-east-2.compute.amazonaws.com Software nginx/1.18.0 (Ubuntu) / Resource Hash 70488ef7f38058eb3bfcea7f96eb12183f864af75393c7d6d643a96122841832 Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host retirementtaxbill.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 Cache-Control no-cache Sec-Fetch-Dest image Referer https://retirementtaxbill.com/ Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://retirementtaxbill.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Tue, 28 Sep 2021 21:10:32 GMT Last-Modified Tue, 21 Sep 2021 17:41:06 GMT Server nginx/1.18.0 (Ubuntu) ETag "614a1932-fe895" Content-Type image/png Connection keep-alive Accept-Ranges bytes Content-Length 1042581
GET H2	200	memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 fonts.gstatic.com/s/opensans/v26/	44 KB 44 KB	58ms 16ms	Font font/woff2	172.217.23.99 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v26/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@300;400;600;700;800&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.99 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f3.1e100.net Software sffe / Resource Hash 538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://retirementtaxbill.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Thu, 23 Sep 2021 17:04:31 GMT x-content-type-options nosniff age 446761 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 44760 x-xss-protection 0 last-modified Thu, 23 Sep 2021 16:50:17 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Fri, 23 Sep 2022 17:04:31 GMT
GET H2	200	materialdesignicons-webfont.woff2 cdn.jsdelivr.net/npm/@mdi/font@5.x/fonts/	318 KB 318 KB	21ms 7ms	Font font/woff2	151.101.65.229 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@mdi/font@5.x/fonts/materialdesignicons-webfont.woff2?v=5.9.55 Requested by Host: cdn.jsdelivr.net URL: https://cdn.jsdelivr.net/npm/@mdi/font@5.x/css/materialdesignicons.min.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.65.229 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash da7fba3ca3e0b9cd42a9cd10c7c6ed16d2fdb938174116601cd3d51033c6f490 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://cdn.jsdelivr.net/npm/@mdi/font@5.x/css/materialdesignicons.min.css Origin https://retirementtaxbill.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff age 38042 x-jsd-version 5.9.55 x-cache HIT, HIT cross-origin-resource-policy cross-origin content-length 325244 etag W/"4f67c-W8lIr//mYzY5FU4CS/BHzz74EyY" x-served-by cache-fra19152-FRA, cache-hhn4046-HHN x-jsd-version-type version date Tue, 28 Sep 2021 21:10:32 GMT vary Accept-Encoding content-type font/woff2 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 accept-ranges bytes timing-allow-origin *
POST H/1.1	200 OK	get-client-branding.php Show response beta.stonewoodfinancial.com/scripts/proposals/rmd/	82 B 329 B	348ms 104ms	XHR text/html	18.224.237.19 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://beta.stonewoodfinancial.com/scripts/proposals/rmd/get-client-branding.php Requested by Host: retirementtaxbill.com URL: https://retirementtaxbill.com/js/chunk-vendors.a1bb949c.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.224.237.19 Columbus, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-224-237-19.us-east-2.compute.amazonaws.com Software nginx/1.10.3 (Ubuntu) / Resource Hash 9c6791ac249ec8b25e26569b096c3f8c00b10103fe05142743d6fbf4ef4461b6 Request headers Accept application/json, text/plain, */* Referer https://retirementtaxbill.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers Access-Control-Allow-Origin * Date Tue, 28 Sep 2021 21:10:32 GMT Content-Encoding gzip Server nginx/1.10.3 (Ubuntu) Connection keep-alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	1242443005-e5d1697e801f51824317e1a55a8b5959ea789988abd4781000c6862d2e416321-d.jpg i.vimeocdn.com/video/ Frame DF5E	1 KB 2 KB	61ms 7ms	Image image/jpeg	151.101.114.109 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/1242443005-e5d1697e801f51824317e1a55a8b5959ea789988abd4781000c6862d2e416321-d.jpg?mw=80&q=85 Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/605875159?h=1e06f9d73c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 85864cf9c88dc3d91172eac7363e79ed51f73f51ed3818332a14bdc2b251c72e Request headers Accept-Language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 28 Sep 2021 21:10:32 GMT via vvarnish, 1.1 varnish, 1.1 varnish age 374868 x-viewmaster-lossless-format false x-cache miss, HIT, HIT x-backend-server varnish content-length 1365 viewmaster-server viewmaster-us-central1-64ld x-served-by cache-dfw18656-DFW, cache-hhn4029-HHN x-timer S1632863433.614097,VS0,VE1 etag dc0a26dc775a8e43f0b04eabbce2bba0 content-type image/jpeg access-control-allow-origin * cache-control public, max-age=2592000 accept-ranges bytes x-cache-hits 1, 1
GET H2	200	player.de-DE.js Show response f.vimeocdn.com/p/3.42.0/js/ Frame DF5E	660 KB 155 KB	50ms 8ms	Script application/javascript	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/p/3.42.0/js/player.de-DE.js Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/605875159?h=1e06f9d73c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash bbdefcc08f6065d13ad8102174a8bad10099e078aacfa97b68d2aa704dd68475 Request headers Accept-Language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 28 Sep 2021 21:10:32 GMT via 1.1 varnish, 1.1 varnish age 100385 x-guploader-uploadid ADPycdtN6S81jbSghYV8JuQb_gS_CYFt3P3Gtebc7YiGMzynG6D3ebk86GW6ev_W1XKXi3-_AFDmy8-wOs3Wit2CdYgZo2-sSA x-cache MISS, HIT content-encoding br content-length 158447 x-served-by cache-bwi5136-BWI, cache-fra19172-FRA last-modified Mon, 27 Sep 2021 16:57:49 GMT server UploadServer x-timer S1632863433.603307,VS0,VE0 etag "5853d785710766040b119ab994b8e98c" vary Accept-Encoding,x-http-method-override content-type application/javascript cache-control max-age=1209600 accept-ranges bytes x-cache-hits 0, 22537
GET H2	200	player.css f.vimeocdn.com/p/3.42.0/css/ Frame DF5E	171 KB 18 KB	49ms 7ms	Stylesheet text/css	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/p/3.42.0/css/player.css Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/605875159?h=1e06f9d73c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software UploadServer / Resource Hash 4fa54b04817c58b52eff3fe22c8c025c28fab53cf02b37686381d49034afaee3 Request headers Accept-Language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 28 Sep 2021 21:10:32 GMT via 1.1 varnish, 1.1 varnish age 100389 x-guploader-uploadid ADPycdsiR4U21deQiTg6Muh7ttGr9IXuA7kjYJIQ28HG5MfwzZYPrW5CSPtl4tX5-2ql5dGkhZU9p_Pl8nmaS_gIuwHezVyybw x-cache MISS, HIT content-encoding br content-length 18387 x-served-by cache-bwi5162-BWI, cache-fra19172-FRA last-modified Mon, 27 Sep 2021 16:57:50 GMT server UploadServer x-timer S1632863433.603204,VS0,VE0 etag "5456cef59994fd4b6109c412f94ed989" vary Accept-Encoding,x-http-method-override content-type text/css access-control-allow-origin * cache-control max-age=1209600 accept-ranges bytes x-cache-hits 0, 70909
GET H2	200	vuid.min.js Show response f.vimeocdn.com/js_opt/modules/utils/ Frame DF5E	3 KB 1 KB	61ms 19ms	Script text/javascript	151.101.14.109 FASTLY
General Check archive.org Show headers Download Go to Full URL https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/605875159?h=1e06f9d73c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software Apache / Resource Hash d7d00e88ba46fbfafd5c03c54553c1146fd850e7128fc85ae6d6e52b171837f4 Request headers Accept-Language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 28 Sep 2021 21:10:32 GMT content-encoding gzip age 14525120 x-cache HIT, HIT x-cache-hits 2, 834563 content-length 1238 x-served-by cache-bwi5144-BWI, cache-fra19172-FRA last-modified Tue, 13 Apr 2021 16:24:13 GMT server Apache cache-control max-age=315360000 x-timer S1632863433.603304,VS0,VE0 etag "a68-5bfdd0f8b0540" vary Accept-Encoding content-type text/javascript; charset=utf-8 via 1.1 varnish, 1.1 varnish x-vimeo-dc ge accept-ranges bytes timing-allow-origin * expires Fri, 11 Apr 2031 18:25:13 GMT
POST H/1.1	204 No Content	vuid vimeo.com/ablincoln/ Frame DF5E	0 790 B	167ms 136ms	Ping text/plain	151.101.0.217 FASTLY
General Check archive.org Show headers Download Go to Full URL https://vimeo.com/ablincoln/vuid?pid=8178fd3016ac0b832467d28d4d7198848048c1721632863432 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.0.217 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Referer https://player.vimeo.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains; preload Via 1.1 varnish, 1.1 varnish X-Content-Type-Options nosniff Content-Security-Policy-Report-Only default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp X-Cache MISS, MISS Connection keep-alive X-XSS-Protection 1; mode=block X-Served-By cache-bwi5161-BWI, cache-hhn4025-HHN X-Vimeo-DC ge Server nginx X-Timer S1632863433.660321,VS0,VE130 X-Frame-Options sameorigin Date Tue, 28 Sep 2021 21:10:32 GMT Vary User-Agent Expires Tue, 28 Sep 2021 09:10:32 GMT Cache-Control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 X-BApp-Server pweb-v15348-p9g44 X-UA-Compatible IE=edge Accept-Ranges bytes X-Cache-Hits 0, 0
POST H2	200	player-test-impression fresnel.vimeocdn.com/add/ Frame DF5E	0 110 B	158ms 115ms	Ping text/plain	34.120.202.204 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fresnel.vimeocdn.com/add/player-test-impression?beacon=1 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/p/3.42.0/js/player.de-DE.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 204.202.120.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://player.vimeo.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://player.vimeo.com date Tue, 28 Sep 2021 21:10:32 GMT via 1.1 google access-control-allow-credentials true alt-svc clear content-length 0
GET H2	200	1242443005-e5d1697e801f51824317e1a55a8b5959ea789988abd4781000c6862d2e416321-d i.vimeocdn.com/video/ Frame DF5E	11 KB 12 KB	130ms 130ms	Image image/avif	151.101.114.109 FASTLY
General Check archive.org Show headers Download Go to Show image Full URL https://i.vimeocdn.com/video/1242443005-e5d1697e801f51824317e1a55a8b5959ea789988abd4781000c6862d2e416321-d?mw=600&mh=338 Requested by Host: player.vimeo.com URL: https://player.vimeo.com/video/605875159?h=1e06f9d73c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 7f963bfacdc2ab180ef9d371719bd4a1e096be4b8e5040915f76fe01139c8903 Request headers Accept-Language de-DE,de;q=0.9 Referer https://player.vimeo.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Tue, 28 Sep 2021 21:10:32 GMT via vvarnish, 1.1 varnish, 1.1 varnish age 105098 x-viewmaster-lossless-format false x-cache miss, HIT, MISS x-backend-server varnish content-length 11733 viewmaster-server viewmaster-us-central1-33sl x-served-by cache-dfw18624-DFW, cache-hhn4029-HHN x-timer S1632863433.702302,VS0,VE124 etag 2960b05fd851c157c41d6f18b56f64a6 vary Accept content-type image/avif access-control-allow-origin * cache-control public, max-age=2592000 accept-ranges bytes x-cache-hits 1, 0
POST H2	200	player-stats fresnel.vimeocdn.com/add/ Frame DF5E	0 40 B	152ms 116ms	Ping text/plain	34.120.202.204 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=8178fd3016ac0b832467d28d4d7198848048c1721632863432 Requested by Host: f.vimeocdn.com URL: https://f.vimeocdn.com/p/3.42.0/js/player.de-DE.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 204.202.120.34.bc.googleusercontent.com Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://player.vimeo.com/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers access-control-allow-origin https://player.vimeo.com date Tue, 28 Sep 2021 21:10:32 GMT via 1.1 google access-control-allow-credentials true alt-svc clear content-length 0

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster object| webpackJsonp

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.vimeo.com/	1970-01-20 15:05:35	Name: vuid Value: pl2082059865.135996608

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

beta.stonewoodfinancial.com
cdn.jsdelivr.net
f.vimeocdn.com
fonts.googleapis.com
fonts.gstatic.com
fresnel.vimeocdn.com
i.vimeocdn.com
player.vimeo.com
retirementtaxbill.com
vimeo.com
142.250.185.170
151.101.0.217
151.101.114.109
151.101.14.109
151.101.65.229
172.217.23.99
18.119.125.24
18.224.237.19
34.120.202.204
04fb7f7a91fa7544024d0d5b4dae27be3e27f949d14433135dfc3f70f51a3a97
130e732db4342be303b045a8f292a6b809b7eea95ead3c1975a63d109f3c3e52
13be591bddc944c13a0a9b16beaa2e4f08dd2c94a2306f82ef6426329bb71cc7
4fa54b04817c58b52eff3fe22c8c025c28fab53cf02b37686381d49034afaee3
538dd4ff6e384a44155168326ac40a6c20a93cd212b1fbf88ae7b0c44f9ab0bd
58b2b9df4beaebf132e1ed0bc7b0e0d7464b576136ac0bd1a2fdd92cc78ce9a4
70488ef7f38058eb3bfcea7f96eb12183f864af75393c7d6d643a96122841832
7d75968cafc48a827aa4d6be3ec4ac62894636a0414a60b8609d0470a61d5ae9
7f963bfacdc2ab180ef9d371719bd4a1e096be4b8e5040915f76fe01139c8903
85864cf9c88dc3d91172eac7363e79ed51f73f51ed3818332a14bdc2b251c72e
8a8a0dbf91f97339d0179d30b6c1c538f6b07b7de612acea2936428d0dfaa3ba
956bf0a97b1d1e65658bf972659aaf4ae509dd784de9faffcfb20ec70def5d5f
9b9c9c2d93395ec8f6a7e8220ace8030af3cd8ce73ec9b67f57e4712b54432cb
9c6791ac249ec8b25e26569b096c3f8c00b10103fe05142743d6fbf4ef4461b6
bbdefcc08f6065d13ad8102174a8bad10099e078aacfa97b68d2aa704dd68475
d7d00e88ba46fbfafd5c03c54553c1146fd850e7128fc85ae6d6e52b171837f4
da7fba3ca3e0b9cd42a9cd10c7c6ed16d2fdb938174116601cd3d51033c6f490
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855