Submitted URL: https://trk.klclick1.com/ls/click?upn=A6elOLaRRsLgPRCa2RXC3igJAh31pXE8zZhQ6pd3ETx6oqhd95KpYt5c3gH-2FrJiGOe9H4kFYtosxI7ju9...
Effective URL: https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3...
Submission: On October 13 via manual from US — Scanned from DE

Summary

This website contacted 21 IPs in 3 countries across 15 domains to perform 67 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is file.easytaxreturns.com.
TLS certificate: Issued by GTS CA 1P5 on September 13th 2023. Valid for: 3 months.
This is the only time file.easytaxreturns.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
26 easytaxreturns.com
file.easytaxreturns.com
2 MB
8 filelater.com
api.filelater.com
3 KB
6 klaviyo.com
static.klaviyo.com — Cisco Umbrella Rank: 3470
static-tracking.klaviyo.com — Cisco Umbrella Rank: 4310
43 KB
6 google.com
apis.google.com — Cisco Umbrella Rank: 125
accounts.google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2714
www.google.com — Cisco Umbrella Rank: 2
65 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 187
177 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com Failed
84 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 6147
562 B
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
2 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 901
script.hotjar.com — Cisco Umbrella Rank: 1101
60 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 56
175 KB
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2992
257 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 116
185 B
1 upscope.io
code.upscope.io — Cisco Umbrella Rank: 32479
508 B
1 windows.net
itspublic.blob.core.windows.net
21 KB
1 klclick1.com
trk.klclick1.com — Cisco Umbrella Rank: 21486
489 B
67 15
Domain Requested by
26 file.easytaxreturns.com file.easytaxreturns.com
www.googletagmanager.com
8 api.filelater.com file.easytaxreturns.com
4 connect.facebook.net file.easytaxreturns.com
connect.facebook.net
4 fonts.gstatic.com file.easytaxreturns.com
3 static-tracking.klaviyo.com static.klaviyo.com
3 static.klaviyo.com file.easytaxreturns.com
static.klaviyo.com
2 www.google.de
2 accounts.google.com apis.google.com
file.easytaxreturns.com
2 www.googletagmanager.com file.easytaxreturns.com
www.googletagmanager.com
2 apis.google.com file.easytaxreturns.com
apis.google.com
1 vc.hotjar.io script.hotjar.com
1 www.facebook.com
1 script.hotjar.com static.hotjar.com
1 www.google.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 code.upscope.io file.easytaxreturns.com
1 googleads.g.doubleclick.net www.googletagmanager.com
1 static.hotjar.com www.googletagmanager.com
1 itspublic.blob.core.windows.net
1 trk.klclick1.com 1 redirects
0 www.gstatic.com Failed accounts.google.com
67 22

This site contains links to these domains. Also see Links.

Domain
policies.google.com
www.easytaxreturns.com
Subject Issuer Validity Valid
easytaxreturns.com
GTS CA 1P5
2023-09-13 -
2023-12-12
3 months crt.sh
*.apis.google.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
filelater.com
Cloudflare Inc ECC CA-3
2023-02-22 -
2024-02-22
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
static.klaviyo.com
R3
2023-09-15 -
2023-12-14
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-07-23 -
2023-10-21
3 months crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 01
2023-09-27 -
2024-09-27
a year crt.sh
accounts.google.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
static-tracking.klaviyo.com
R3
2023-09-23 -
2023-12-22
3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01
2023-03-09 -
2024-04-06
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
upscope.io
Amazon RSA 2048 M02
2022-11-22 -
2023-12-21
a year crt.sh
www.google.de
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
www.google.com
GTS CA 1C3
2023-09-18 -
2023-12-11
3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M01
2023-03-09 -
2024-04-06
a year crt.sh

This page contains 2 frames:

Primary Page: https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
Frame ID: AD6DD0E03F7B3C2E79682CBA8376B658
Requests: 60 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 92862A8BDAA364877EC39F47E643CEEE
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Login - EasyTaxReturns.com

Page URL History Show full URLs

  1. https://trk.klclick1.com/ls/click?upn=A6elOLaRRsLgPRCa2RXC3igJAh31pXE8zZhQ6pd3ETx6oqhd95KpYt5c3gH-2Fr... HTTP 302
    https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Re... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • klaviyo\.com

Page Statistics

67
Requests

99 %
HTTPS

67 %
IPv6

15
Domains

22
Subdomains

21
IPs

3
Countries

2717 kB
Transfer

5847 kB
Size

14
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://trk.klclick1.com/ls/click?upn=A6elOLaRRsLgPRCa2RXC3igJAh31pXE8zZhQ6pd3ETx6oqhd95KpYt5c3gH-2FrJiGOe9H4kFYtosxI7ju9Y2FePZ5K9Bc0d0TXrWrRKfxFAvcYmV2QMrEtzvJn27ZQYBHDUxEw4ugJzfJSWdGBbPyifNcYQXkORNV9kcxorPkAD2SFZ3d32A0kxKG-2FtnQJQ9Cgy4IAn7greNRnZOABNgf2bzY2fQBNbKMGo4hw8zQGDURAloDrCyb4wmkxRav6bfCquPKKJk1K44zapl1cKSnpdRAsGS3FOnqB6EZCEYFeLN-2FnNmX8Eid6ebAN8CrCR9iCpRCwnhMGtZK7zv-2Bm-2Bvow7cNGV9Wq2X8R1-2BTIC0ELBSFy5ae1xGZYHpfbBBBgEUvO-2BIF3pm6aparTEL-2BSG9va8KC4GXlu8bQG0Q7K4gVg8Y-3DQ8zX_6Vdhs0HlEZrAI9eSkPtnH604-2FNsKVm9gRq4l-2FyEvd3uYP03bLJZCG-2Bp3UzU71pnnNsNvN5mtmO39fvbPgUbHE4j8w8ymBllWYFkxs8IwX8wKDT5Sss0uzLlB-2Bm1oWwUlGgBNPJeIDxu-2F2Yt5NUUkkd8-2Bbz1tObFuC5HjUEfpKNoRC4w42y69F0W3g4RblXiHheudxGldFftHiT7YBcgyCsgGc06Dzu3PWCOpGcuAQDz-2Ftz7GuvBGVJiFSEcYbRt-2BfEVBgfECy6wbFLzdGfbAsnyOIvFw9gt4nv2GDGxfDzAnyPM3JXb9xDdMTji0TrpQAtUnMwiMa4wTqAE3U-2Bxsc-2BS8aJ380BjFK0QBlYXZkVzC-2FNC76Rv1yWP1kDSHavlAavOrpMTAswKXKt-2F5prfjRoCVYgLA02i-2FNhOTbtrZ1-2FiaHc0W1x8wa7mUVYoFCJI47M7C9XKIp2-2FixiCWae9B9A-3D-3D HTTP 302
    https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

67 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
file.easytaxreturns.com/
Redirect Chain
  • https://trk.klclick1.com/ls/click?upn=A6elOLaRRsLgPRCa2RXC3igJAh31pXE8zZhQ6pd3ETx6oqhd95KpYt5c3gH-2FrJiGOe9H4kFYtosxI7ju9Y2FePZ5K9Bc0d0TXrWrRKfxFAvcYmV2QMrEtzvJn27ZQYBHDUxEw4ugJzfJSWdGBbPyifNcYQXkO...
  • https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&u...
39 KB
8 KB
Document
General
Full URL
https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
97f3a389c559d12009100ed7f00617719311bb72d429f5783f0298a63933cb6c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
815a396bcca52c02-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 13 Oct 2023 20:10:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LsLmldYnZD8L%2BqjXguikYGCdT81UYf650aE49SteWlmPYJje22B6HWwPOXUPhLd2NE9E1v4jQJiKyCwQyXBMtmTiXRoz2oCb3bVoe1jYhSyi%2BXTQ29hmkW%2Bj16kAI80XvrwJsUUdQGPMW0pWzOZvAcNuNfO9DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=2592000
vary
Accept-Encoding
x-powered-by
ASP.NET

Redirect headers

content-length
350
content-type
text/html; charset=utf-8
date
Fri, 13 Oct 2023 20:10:08 GMT
location
https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
server
nginx
via
1.1 a7253b490fb8bb0dd0b4ed29b3f2d85a.cloudfront.net (CloudFront)
x-amz-cf-id
YPv5BXsEdA5yKCrpiMmiS28EU2cjdSBT-mh_OooOCwuTmZaeoLBAVA==
x-amz-cf-pop
CDG50-P4
x-cache
Miss from cloudfront
x-robots-tag
noindex, nofollow
site.min.css
file.easytaxreturns.com/css/
455 KB
75 KB
Stylesheet
General
Full URL
https://file.easytaxreturns.com/css/site.min.css?v=AfOJJ6w4WMjsQHFs1yPeh1r0_BAWnlPqPSVq22Fvkd0
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
01f38927ac3858c8ec40716cd723de875af4fc10169e53ea3d256adb616f91dd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:10:10 GMT
strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 04 Sep 2023 15:05:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1d9df41435d5070"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2NAmQ2pqD%2BVfnhhMO4ZW8DryBErsQCEGtgf8ftgevYdyNslAXpkVqJrVy5%2BBRoSUL3fnt4xPdLbWMb30vtPi8g6Sq%2BET9b5EsBnTg4vUGN01zKLyWiccwjtOWk93KeCM9XhlevU0hygpeNQ2kUSvi6b7APpATw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
815a397019a72c02-FRA
alt-svc
h3=":443"; ma=86400
signalr.js
file.easytaxreturns.com/lib/
130 KB
23 KB
Script
General
Full URL
https://file.easytaxreturns.com/lib/signalr.js
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
40ae9aae5fdb7126ca9730110344b871ad67de5f2e080d8aa5b99a62f679e55c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:10:10 GMT
strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 18 Feb 2022 10:26:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1d824b1fbd2bd39"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5d1Eu2PU8rAR9pGCvbkYaHqr%2B9pBtChkrzJDeri7uoUY9HTWvdMW1x4DfjsghoGDsFWIz9Ep7RNYN4L6wtSYelWO5XQLXwAb1WBa%2FgnpkwJuBNulo6ci07Kq%2FpSiFBEKsrPMXs3alr1JVpTKD%2FSE3rp%2BMT4WA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
815a397019a92c02-FRA
alt-svc
h3=":443"; ma=86400
icon_30days.svg
file.easytaxreturns.com/css/resources/
77 KB
17 KB
Image
General
Full URL
https://file.easytaxreturns.com/css/resources/icon_30days.svg
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
02acb3e6b19d53a4bd295eb9b47c097c4fb7d0d2b76d0f799ed2ec611aba58c5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:10:10 GMT
strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 18 Feb 2022 10:26:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1d824b1fbd181a0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3twVZGlsAU20law9XEX7rMYjQzma3jZjenwwnZCKVwOjq01NzT3Ig6%2FkLoIfU7AhdtCtLfW6oTFsA7oK%2B2GVTG6OeIeYzNmHtXu1SOK9SbwW%2F6cG9LfHcJx1%2BfqWsbVVLH%2BTxblpOG%2FeuZnvyx2jhLk51ixTmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
815a397019ac2c02-FRA
alt-svc
h3=":443"; ma=86400
logo_bbb.svg
file.easytaxreturns.com/css/resources/
101 KB
75 KB
Image
General
Full URL
https://file.easytaxreturns.com/css/resources/logo_bbb.svg
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3f2edbbf8a4f3ca14737843cfbe07a9431701b9b0cd50b2d762f57d34e31ba41
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:10:10 GMT
strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 18 Feb 2022 10:26:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1d824b1fbd12613"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J6rfP0BC1BcN7YI8cGIlBAK8TBmLxwhdC%2FhpwQ0qXfsTorNN4QOhTaPNfo6ltJ5IbwzqHif5H5INJJfRRPEYvcIRCVeOmmwYHU2iIU1kR%2BHUSZ7YuszoLkSWq1mgd4GN7nFJz4Q5C753qhutNDcKIpv5b%2B0Erw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
815a397019af2c02-FRA
alt-svc
h3=":443"; ma=86400
icon_247support.svg
file.easytaxreturns.com/css/resources/
49 KB
15 KB
Image
General
Full URL
https://file.easytaxreturns.com/css/resources/icon_247support.svg
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b1b77798485b64beb38dfe6b9a5b00f13ab6149ebc8e26e1ed6cc65da08f8a14
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:10:10 GMT
strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 18 Feb 2022 10:26:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1d824b1fbd0708f"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TrN6CtfPIlhwW%2FB66QtasjQrOi%2FH5zyIPIRAroHDOvgAWSkGu9Cfx7W3nBxuZ5ecltzvDuYuXzOIlnyfJ%2FrLGNgEa7CLabKu73HP5LzGrjRVznbDxUDKJYAJ%2FN6R%2BzZaudWusMCCjDTTiPIfuX%2BRh1%2FL6iGvDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
815a39766dcf37f1-FRA
alt-svc
h3=":443"; ma=86400
logo_irs.svg
file.easytaxreturns.com/css/resources/
77 KB
58 KB
Image
General
Full URL
https://file.easytaxreturns.com/css/resources/logo_irs.svg
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
01668bae8143b1ce94aad074bd743da647293677c0ae6c20e504c6c345f7b951
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:10:11 GMT
strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 18 Feb 2022 10:26:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1d824b1fbd181ec"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7%2FXrjYtt6QI53xY49UIxUU2AmtCipESI3rdOcNKRRXlG%2Fx1CKVR9Xshg5tMZVFdpSi8Kzq4mUri0USCGBnsyeaKzI6BeN98YGlZwC2wdzSKpHXUdqRrLSjQhks%2FZdnOCk9EhzdAuB0sNdEfIpAJMhaodBlTpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
815a39778f4b37f1-FRA
alt-svc
h3=":443"; ma=86400
easytaxreturnslogo.svg
file.easytaxreturns.com/css/resources/
51 KB
38 KB
Image
General
Full URL
https://file.easytaxreturns.com/css/resources/easytaxreturnslogo.svg
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a48ba8bcbb7544251f2f3002c1ed7e0ae0aced5b6b687b2419340fd2841b0e32
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:10:11 GMT
strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 18 Feb 2022 10:26:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1d824b1fbd07983"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZmfcifDIo7kauAv0637yArzVQ0Q4lXP6ZLxfXm3x9%2B8Csi9tVddGYoDZn2b%2Fr7Ys5muxjkKDFa%2BvPT0AvTrW%2BF7FNH6UlZToCGEzTGUfQ10hEDpkhS2goMKZoiPzb1jfZ%2B7qltyt0JbVh97cj%2BoI47dco7Yisg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
815a3977ffc437f1-FRA
alt-svc
h3=":443"; ma=86400
email-decode.min.js
file.easytaxreturns.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://file.easytaxreturns.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 09 Oct 2023 07:45:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6523afb0-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xu%2BYR8yYK2ivq9iitulUn7PaMLJsKy0FK7kLQAovw5eZAoeOYgb%2BLWpjV7vndYxfF0zcsdG%2FB3cG19gqUP2ni%2F8ZIAUCXsTILxq2YYrwlZZraHL7CoYfmgWgore05KVqTovKuSVkfrz6AxYZtP6AVzfvwWBgyA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
815a3977ffc237f1-FRA
expires
Sun, 15 Oct 2023 20:10:10 GMT
site.min.js
file.easytaxreturns.com/js/
1 MB
325 KB
Script
General
Full URL
https://file.easytaxreturns.com/js/site.min.js?v=AeDl-xV-_kuFZZ0wyWGyEFnIDfkIgRmnDwEhXNKIF-g
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
01e0e5fb157efe4b85659d30c961b21059c80df9088119a70f01215cd28817e8
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:10:11 GMT
strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 13 Oct 2023 12:14:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1d9fdcec693f3cc"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i9uabpGp4WNOw3FKAxr%2BBDDxB2PSNjMwkONoQ8CBDTf6rYo29Q5tRRMKKbGRYBO3yuUQCJgeRWjvAYTFmjMBjYKGzOZOFsPgFN8yuyus6QzKGiYs0DrBlTu8Ur7xhA1mCGvIeEw21n7d2Xk5Xi%2F4OjIulECboA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
815a3977ffc337f1-FRA
alt-svc
h3=":443"; ma=86400
platform.js
apis.google.com/js/
56 KB
22 KB
Script
General
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
58ce837eacdf9d9f4038f4ecdbebc41c418b346ceffd66d2faa9a97b72aac854
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 13 Oct 2023 20:10:10 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21930
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"a1c88c9c2c70ab64"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Oct 2023 20:10:10 GMT
icon_30days.svg
file.easytaxreturns.com/css/resources/
77 KB
17 KB
Image
General
Full URL
https://file.easytaxreturns.com/css/resources/icon_30days.svg
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
02acb3e6b19d53a4bd295eb9b47c097c4fb7d0d2b76d0f799ed2ec611aba58c5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:10:11 GMT
strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 18 Feb 2022 10:26:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1d824b1fbd181a0"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A48PyIlcN9dzdoaP4FTmVxU2SHmIlVnqgOCcVqsD%2B7VRO5vPkvVCa9xdo%2B9Jb8svLdz%2BgB08IB7622jWUlLKz%2FotiezFA7uwp9gcUFLfxNHGGwTULKbSC2Ik4%2FoVtOwkg2Wzk%2BtbgmHjJezraPO7JvymRjnKWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
815a3977ffc537f1-FRA
alt-svc
h3=":443"; ma=86400
logo_bbb.svg
file.easytaxreturns.com/css/resources/
101 KB
75 KB
Image
General
Full URL
https://file.easytaxreturns.com/css/resources/logo_bbb.svg
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3f2edbbf8a4f3ca14737843cfbe07a9431701b9b0cd50b2d762f57d34e31ba41
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:10:11 GMT
strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 18 Feb 2022 10:26:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1d824b1fbd12613"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vgXgMgKgsgeEGsuBTUfjiC31OaAlwH6OKfBqy9KiEXSO1e99dFKzASQtwRCS23MFnpE8d1P5vbTLOJwvrK%2BHIp8gzCzdDay5ezV%2F1FBVUam5ZRv9pbjiXrPHwhtev9f7E6u3ss65LFbvjpEdzfag9oSfBsWS3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
815a3977ffc737f1-FRA
alt-svc
h3=":443"; ma=86400
icon_247support.svg
file.easytaxreturns.com/css/resources/
49 KB
15 KB
Image
General
Full URL
https://file.easytaxreturns.com/css/resources/icon_247support.svg
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b1b77798485b64beb38dfe6b9a5b00f13ab6149ebc8e26e1ed6cc65da08f8a14
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:10:11 GMT
strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 18 Feb 2022 10:26:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1d824b1fbd0708f"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scIkGjFkpDp38gn3mgmQmU3yN%2F7LgRl4qzSJzb4r8dyVhv09pxCp3%2BaDIC2EE%2BxfwtLl5ZBY%2BU80N%2FjwNWv5bRtV7LuovDpvwfQ9HO4nOD8YHlA8q4Sg9yoa4k8BB5e%2FtB9ZYS4phbtjbWhgFIJk4eb4fxonTg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
815a3977ffc937f1-FRA
alt-svc
h3=":443"; ma=86400
logo_irs.svg
file.easytaxreturns.com/css/resources/
77 KB
58 KB
Image
General
Full URL
https://file.easytaxreturns.com/css/resources/logo_irs.svg
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
01668bae8143b1ce94aad074bd743da647293677c0ae6c20e504c6c345f7b951
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:10:11 GMT
strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 18 Feb 2022 10:26:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1d824b1fbd181ec"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4hN8zAI%2BYau6QyaY4oJVyXJ%2FRppDEYj42vSVq0bDt2vZVEKQuC0KwYpmIpgwyMmLQZPSm3NS4t2WIv93MaCunSbBjejYkqF13taUYyIc3zIIN87S52uX2DrJyTp0MEkMcHcBoQWpwGb7e8%2Bgrxikz%2BjwBlloZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
815a3977ffca37f1-FRA
alt-svc
h3=":443"; ma=86400
getcurrent
api.filelater.com/api/themetype/
3 KB
2 KB
XHR
General
Full URL
https://api.filelater.com/api/themetype/getcurrent?version=&_=1697227812000
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/js/site.min.js?v=AeDl-xV-_kuFZZ0wyWGyEFnIDfkIgRmnDwEhXNKIF-g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4af4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
e7b458bb6da1d06d2bd7dfa028a048c1b7856b6ea7d295011c455e0ad88296a3

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://file.easytaxreturns.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Fri, 13 Oct 2023 20:10:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pen9GapCPQpE5XPqDYznMEKt9M9K45AZsLi7tLVGpTq9HqMQgbaRhr9sqiH0AU4zR8kr0HK6tGd6L0Rs1cCKxyE4icngJtzjlVaYfxFI40BH4OZtmuL29U52LcFqcOH49Ka%2B9TMy8bBWW56Cyju9"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://file.easytaxreturns.com
access-control-allow-credentials
true
cf-ray
815a39868dfb9013-FRA
getcurrent
api.filelater.com/api/themetype/ Frame
0
0
Preflight
General
Full URL
https://api.filelater.com/api/themetype/getcurrent?version=&_=1697227812000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4af4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://file.easytaxreturns.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://file.easytaxreturns.com
cf-cache-status
DYNAMIC
cf-ray
815a398249569013-FRA
date
Fri, 13 Oct 2023 20:10:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vn4p3pvTC8jvpodHHQLkc1WDBzZ7kkLTjaQwFE2R2X%2FRvQziRqIxCExqvRKM7u6UDNUIzQ1CGqA%2FaWKEn7%2F2T1vHabIxbaGScAgMlQ2C%2F0tCzjojXP7ol4Gg0NIVWWd0cK0WIMARASSV%2FaFlTMa%2F"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
loader.gif
file.easytaxreturns.com/css/resources/
67 KB
68 KB
Image
General
Full URL
https://file.easytaxreturns.com/css/resources/loader.gif
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/css/site.min.css?v=AfOJJ6w4WMjsQHFs1yPeh1r0_BAWnlPqPSVq22Fvkd0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
7124568121568ee62f7e5b8b7b31e757c37b850cde32309f7d30f3fbbe288aa9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/css/site.min.css?v=AfOJJ6w4WMjsQHFs1yPeh1r0_BAWnlPqPSVq22Fvkd0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:10:13 GMT
strict-transport-security
max-age=2592000
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
68943
last-modified
Fri, 18 Feb 2022 10:26:26 GMT
server
cloudflare
etag
"1d824b1fbd1b84f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSGC3YC2V6s1UBmW7erf1D%2FqbBUxzK%2FcDQLqowxw4n%2F3%2FELfkiizjCXz6xeGXpd8KTqsKWVhLTyTvjgssE%2FtH7KPbUrFGvEQ%2FxwVZm0ONLdv1CwS0pYCFd5SQFCpqlxURweoSAx64dE37oGva9u67SM%2FfoTHaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
815a3985494f37f1-FRA
NGSpv5_NC0k9P_v6ZUCbLRAHxK1EiSyccg.ttf
fonts.gstatic.com/s/heebo/v21/
32 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/heebo/v21/NGSpv5_NC0k9P_v6ZUCbLRAHxK1EiSyccg.ttf
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/css/site.min.css?v=AfOJJ6w4WMjsQHFs1yPeh1r0_BAWnlPqPSVq22Fvkd0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
30defcaf35599114261a2ae54df6c834c481e684bd3a6ac712ffc12566453e57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.easytaxreturns.com/
Origin
https://file.easytaxreturns.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 10:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35722
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20997
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:35:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 10:14:50 GMT
gtm.js
www.googletagmanager.com/
248 KB
85 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W3TKCP9
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ec0991e921d7ae20780984c34a873b4005bb82988368b68a04ea93b619224e81
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:10:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
87065
x-xss-protection
0
last-modified
Fri, 13 Oct 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 13 Oct 2023 20:10:13 GMT
logerror
api.filelater.com/api/error/
46 B
324 B
XHR
General
Full URL
https://api.filelater.com/api/error/logerror
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/js/site.min.js?v=AeDl-xV-_kuFZZ0wyWGyEFnIDfkIgRmnDwEhXNKIF-g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4af4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
149b94b0556bff7cda0bdedc9e25acb1b426385207ad23b9746d7165a9884813

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://file.easytaxreturns.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Fri, 13 Oct 2023 20:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R2ByiNk06w0v8iPsq%2FrJ4nZl8dcXaBPOQ7p8wqVUeSdHrw16w6WteAnRLI0TxEQFsKLGAoToMRQhn9uZACicAkYrdfbHq9NjM58CJZyyK41zsBNerOnXr4qEqTtIJCqBTITEncuVYlC3N1Xjjp4x"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://file.easytaxreturns.com
access-control-allow-credentials
true
cf-ray
815a398918b49013-FRA
content-length
46
klaviyo.js
static.klaviyo.com/onsite/js/
4 KB
2 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=YqaeyM
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/js/site.min.js?v=AeDl-xV-_kuFZZ0wyWGyEFnIDfkIgRmnDwEhXNKIF-g
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
602739d740bdef76346331020331bf1b09d86765fd42082043fe6c9757a59181

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:10:13 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
4538
content-security-policy-report-only
frame-ancestors 'self' login.bigcommerce.com *.mybigcommerce.com admin.shopify.com klaviyo.file.force.com klaviyo.lightning.force.com klaviyo.my.salesforce.com; base-uri 'none'; object-src 'none'; script-src 'report-sample' 'strict-dynamic' 'unsafe-eval'; report-uri /csp/
x-cache
HIT, HIT
content-length
1123
x-served-by
cache-lga21929-LGA, cache-fra-etou8220082-FRA
server
nginx
x-timer
S1697227813.410999,VS0,VE90
etag
W/"bfe14aaa49e51f7f02d84fa43e5c295c"
allow
OPTIONS, GET
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=1, stale-while-revalidate=10800
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
x-cache-hits
15, 1
pinguser
api.filelater.com/api/realtimeuser/
46 B
327 B
XHR
General
Full URL
https://api.filelater.com/api/realtimeuser/pinguser
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/js/site.min.js?v=AeDl-xV-_kuFZZ0wyWGyEFnIDfkIgRmnDwEhXNKIF-g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4af4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
149b94b0556bff7cda0bdedc9e25acb1b426385207ad23b9746d7165a9884813

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://file.easytaxreturns.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Fri, 13 Oct 2023 20:10:13 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dQ5rl12WbSQ2yyQ6fF1MNhzddKMjiC9g%2F%2FLzwPrdGxKC9yNYzkeeEpvB0mCS13D9UAQv8kUjnNGPtbPnTgmvhZJ3hUwm%2Fi1FvPQcwOkFMFZfui%2FojmeTTV5LOGpzgvxZqDOkfIvFAHqBeI8LMu8b"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://file.easytaxreturns.com
access-control-allow-credentials
true
cf-ray
815a398c1c079013-FRA
content-length
46
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/js/site.min.js?v=AeDl-xV-_kuFZZ0wyWGyEFnIDfkIgRmnDwEhXNKIF-g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cbbd38870eb0edeb3b75bc3b409f0d311cfb712a08664e9cd9816e10a4938f60
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 13 Oct 2023 20:10:13 GMT
content-md5
PLUvf5g8jIBftoTA88G5AQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
x-fb-debug
imeIHzU+xUQVJ+rSYOk+A+StISH7NVxLZGkp8utYrg8sACqOWNnWj/QKu2IbCm370FOhU63sOs84o7OKrs1FqA==
x-fb-content-md5
cf6ef7e0a7148ff36318036f4091bc09
cross-origin-opener-policy
same-origin-allow-popups
etag
"82916b5e9ac1bba37e3dafe6efcc5f22"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
x-fb-optimizer
0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Fri, 13 Oct 2023 20:14:16 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/
118 KB
40 KB
Script
General
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1b691042e5004430e4e2f28fa0c18c2d50ec524bfef6dd04102471effa09436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Thu, 12 Oct 2023 11:53:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
116206
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40609
x-xss-protection
0
last-modified
Tue, 03 Oct 2023 15:22:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 11 Oct 2024 11:53:27 GMT
getdynamiconboardpage
api.filelater.com/api/dynamiconboardpage/
1 KB
823 B
XHR
General
Full URL
https://api.filelater.com/api/dynamiconboardpage/getdynamiconboardpage?dynamicOnbboardPageId=&themeType=9&detalied=true&updateClicks=false&_=1697227812001
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/js/site.min.js?v=AeDl-xV-_kuFZZ0wyWGyEFnIDfkIgRmnDwEhXNKIF-g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4af4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
60c51db9e88c47ea411cd461c136bc57a4ae6b51d93a0739f974a354630ba3ca

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://file.easytaxreturns.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

date
Fri, 13 Oct 2023 20:10:13 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Evfj0LVTfNKzy8UT9k9WcBVLx9z4ePhXtpSpKA%2FTfNOePi9NU7R4efVpy6%2F2tzJnrM8%2FlHlST25mnbQBXvzRFh2jJceKwBn%2F2ie2ik0bERYJKUNJL5ReJA2wjxCQ5eytL%2FlocE9wO5GcOzbzs1MV"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://file.easytaxreturns.com
access-control-allow-credentials
true
cf-ray
815a398c4c459013-FRA
af62f6b22048413b9571becc30a6d354.svg
itspublic.blob.core.windows.net/documentslive/Logo/
20 KB
21 KB
Image
General
Full URL
https://itspublic.blob.core.windows.net/documentslive/Logo/af62f6b22048413b9571becc30a6d354.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.237.100 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
a6db9dce248d580bac480150ca21451b3eb762ae199e01017afa6852dc7ab7b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Fri, 13 Oct 2023 20:10:13 GMT
Last-Modified
Thu, 22 Sep 2022 13:08:51 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
lovrKLO4UREW51ULoIF1MQ==
ETag
0x8DA9C9B97FBCD05
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
x-ms-request-id
752273b1-701e-002a-7811-fe40fd000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
20371
easytaxreturnslogo.svg
file.easytaxreturns.com/css/resources/
51 KB
38 KB
Image
General
Full URL
https://file.easytaxreturns.com/css/resources/easytaxreturnslogo.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
a48ba8bcbb7544251f2f3002c1ed7e0ae0aced5b6b687b2419340fd2841b0e32
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:10:13 GMT
strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 18 Feb 2022 10:26:26 GMT
server
cloudflare
etag
W/"1d824b1fbd07983"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VLCesMsUAzqexPKxAH0PSBpHsVYfauS7bue4DFp7t2H1vTG9rMbonkIDOT%2BqSDHgXG0gGMern2nJ6isZ9of2%2FGafqiAuebJU%2FPwKXMphI5El9CaeCU7c2SV%2BGCmJCfxnzEEOk3JwE74AQzdYqvH6gU3Olx6tEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
815a39882d1937f1-FRA
icon-google-btn.svg
file.easytaxreturns.com/css/resources/
1 KB
1 KB
Image
General
Full URL
https://file.easytaxreturns.com/css/resources/icon-google-btn.svg
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/css/site.min.css?v=AfOJJ6w4WMjsQHFs1yPeh1r0_BAWnlPqPSVq22Fvkd0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
c832b51faeee62056d6ace51d1e385eb4ad1222a078b3f4dd54c1acd38d0809c
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/css/site.min.css?v=AfOJJ6w4WMjsQHFs1yPeh1r0_BAWnlPqPSVq22Fvkd0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:10:13 GMT
strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 14 Apr 2023 08:07:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1d96ea82ea0eb36"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BrnIhdhFkUwqTTAo3%2FThs6Xboqbt%2BST6zMjnbLmJzo1%2FFufqMqAmyMp%2FbiRl0V4X6gv6w3GLxySlqueif4LImcvsEGpsr38OmqPH3B3LPBh%2B%2FrnpD9eNG0txoXkhRmkI7J03PqPS15wqQwtOIXLSouppG5dLww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
815a39882d1c37f1-FRA
alt-svc
h3=":443"; ma=86400
icon-twitter-btn.svg
file.easytaxreturns.com/css/resources/
1 KB
1 KB
Image
General
Full URL
https://file.easytaxreturns.com/css/resources/icon-twitter-btn.svg
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/css/site.min.css?v=AfOJJ6w4WMjsQHFs1yPeh1r0_BAWnlPqPSVq22Fvkd0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
51376fdc47def4542f6b054e151e39e99f5b47ed40d79b5c82834aa908b769cf
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/css/site.min.css?v=AfOJJ6w4WMjsQHFs1yPeh1r0_BAWnlPqPSVq22Fvkd0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:10:13 GMT
strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 14 Apr 2023 08:07:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1d96ea82ea0ea0c"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TCHdWWKT2rRlRHD%2FPkpW5vl2XRjdhwhgs7Avv5Vt%2BZKw6TaII2Gfe8ynPXGH%2BsoOcVYXRAsiYZIv%2BTuXFEE%2B2jaPezII4zDKi%2FSH77XIk4kf7J249OPvtGuj9INMtPzQXMqxlYBF4musYeUWBDmM6MlueGZX%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
815a39882d2137f1-FRA
alt-svc
h3=":443"; ma=86400
bg_image_login.png
file.easytaxreturns.com/css/resources/
178 KB
178 KB
Image
General
Full URL
https://file.easytaxreturns.com/css/resources/bg_image_login.png
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/css/site.min.css?v=AfOJJ6w4WMjsQHFs1yPeh1r0_BAWnlPqPSVq22Fvkd0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
303cec444c151a6e593ebcdc77d46766294b6a5aa5f837fadd7ca0bfde64644b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/css/site.min.css?v=AfOJJ6w4WMjsQHFs1yPeh1r0_BAWnlPqPSVq22Fvkd0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:10:13 GMT
strict-transport-security
max-age=2592000
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
181893
last-modified
Fri, 18 Feb 2022 10:26:26 GMT
server
cloudflare
etag
"1d824b1fbd27385"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7M9UAxG0jtvzqYWHibNzdIc2HZSKAFaSJg%2B9Cc33ZfIGNEkUMSdSVtLSoAhUpm9BSNA3QuChKQHgp%2FWxeIYiL%2Bki%2FlVjN8A1E4JEDUUhOOH5GfE8S0mOdv2rfsktAtlCo4BXN5n%2F4kS0K4xzYTtYfnRc%2BJs2WA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
815a39882d2237f1-FRA
NGSpv5_NC0k9P_v6ZUCbLRAHxK1ECSuccg.ttf
fonts.gstatic.com/s/heebo/v21/
32 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/heebo/v21/NGSpv5_NC0k9P_v6ZUCbLRAHxK1ECSuccg.ttf
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/css/site.min.css?v=AfOJJ6w4WMjsQHFs1yPeh1r0_BAWnlPqPSVq22Fvkd0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d81156ee0a3aa05e8addddd3707ab59c4df5f09d5bfdf738086b15d63c28b89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.easytaxreturns.com/
Origin
https://file.easytaxreturns.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 06 Oct 2023 23:57:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
591138
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21382
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:35:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 05 Oct 2024 23:57:55 GMT
fa-solid-900.woff2
file.easytaxreturns.com/lib/fontawesome/webfonts/
78 KB
79 KB
Font
General
Full URL
https://file.easytaxreturns.com/lib/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/css/site.min.css?v=AfOJJ6w4WMjsQHFs1yPeh1r0_BAWnlPqPSVq22Fvkd0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://file.easytaxreturns.com/css/site.min.css?v=AfOJJ6w4WMjsQHFs1yPeh1r0_BAWnlPqPSVq22Fvkd0
Origin
https://file.easytaxreturns.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:10:13 GMT
strict-transport-security
max-age=2592000
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
80148
last-modified
Fri, 18 Feb 2022 10:26:26 GMT
server
cloudflare
etag
"1d824b1fbd18c14"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0kAz3G%2FsC8OEeQLxJVCSCOHxjZHqdvkf4a5sDcgWZyY86VDDja4BfIPCDwJ2lMh4dRUEOMTPM7B8pbED%2F3kjCmkXo%2BJ9FlkdPK2fvA%2Fj4TAdEQlJycbfl%2BAiNnjhx9ccUnUMhYBohpCk1G1cajg7nGS%2BvAnhw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
815a39882d2437f1-FRA
logerror
api.filelater.com/api/error/ Frame
0
0
Preflight
General
Full URL
https://api.filelater.com/api/error/logerror
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4af4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://file.easytaxreturns.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://file.easytaxreturns.com
cf-cache-status
DYNAMIC
cf-ray
815a3987df5a9013-FRA
date
Fri, 13 Oct 2023 20:10:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nOgPBKXMe3pWbkhoDBLWD1b4y%2FupjyynWCmqvQHx5n0nGPrxC5xJrjhPHiy5V%2BPBI12EX5FpvwQazL0Civq4NyRlpQr2sF%2FcHJV57BzfU1wQjqh2FAzmI1VDVci5KVBQLEMnFIV1eN%2BLvRjeI1qR"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
pinguser
api.filelater.com/api/realtimeuser/ Frame
0
0
Preflight
General
Full URL
https://api.filelater.com/api/realtimeuser/pinguser
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4af4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://file.easytaxreturns.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://file.easytaxreturns.com
cf-cache-status
DYNAMIC
cf-ray
815a3987df5e9013-FRA
date
Fri, 13 Oct 2023 20:10:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YLlDGurl8SzTMZX5kDXHqVWmjrSXZVda9fcwmYu6DNeEXz1UcDe4%2BqKzXZe5h9cw%2BcsPxoH79eSbtranx%2FBXfA2Ta%2FjHEMYcClpKgA%2FKyply6yhsHoTUh5rWWdgpD1gWR4hXkKnd0rYfA9ekHMZV"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
getdynamiconboardpage
api.filelater.com/api/dynamiconboardpage/ Frame
0
0
Preflight
General
Full URL
https://api.filelater.com/api/dynamiconboardpage/getdynamiconboardpage?dynamicOnbboardPageId=&themeType=9&detalied=true&updateClicks=false&_=1697227812001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4af4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://file.easytaxreturns.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://file.easytaxreturns.com
cf-cache-status
DYNAMIC
cf-ray
815a39881f9b9013-FRA
date
Fri, 13 Oct 2023 20:10:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MF6BkaXlM0YEZd30U%2BlSLTzVbtKkivhgOdsKurvL%2FrQhjxljGXo7mpwTo9fyPsdkLULt%2BsY6pKQFYGThmKnoNzVIlLa5qD754H5bG3oPO0eOOO9oi%2FAxFAvcCIt9bvXmnbtQBg%2FC94%2FcPTpiihbd"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
iframe
accounts.google.com/o/oauth2/ Frame 9286
287 B
1 KB
Document
General
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200d -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
e24d0f7f6d1a1d78fbcec47e29ff66119b187cdff44baa43a9eb2d7d03c6986c
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-2Dihlc_JCmdtff0qEpLP_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.easytaxreturns.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-2Dihlc_JCmdtff0qEpLP_w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Fri, 13 Oct 2023 20:10:15 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
0
sdk.js
connect.facebook.net/en_US/
304 KB
86 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=119f21b52c0d79a6953417ce0c7e596f
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
30370a77783bf93ed1279cae54ef5d1684aa4d0fe6330c240c9750641c546899
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://file.easytaxreturns.com/
Origin
https://file.easytaxreturns.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 13 Oct 2023 20:10:13 GMT
content-md5
NUwBAZgHJvI9oOomSiNGLQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88121
x-fb-debug
GbtgqYpvkuyig+awNarCA8Elz+a+PTGu0DQDFGbeNOrMdJQH63uWS1dwSBfROFQTVv/iEbuoZcEIwZn4sgM9ug==
x-fb-content-md5
dfd31c5c370912a38f4bf4841e0958c6
cross-origin-opener-policy
same-origin-allow-popups
etag
"4dcbdb0d7edc2a41988af9b10ca4c024"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 12 Oct 2024 18:52:27 GMT
fender_analytics.02e26faaad99b84dea2e.js
static-tracking.klaviyo.com/onsite/js/build-preview/commit-2cbeb33f411f3b3681c5200db4bdb9ebd92cecee/
30 KB
12 KB
Script
General
Full URL
https://static-tracking.klaviyo.com/onsite/js/build-preview/commit-2cbeb33f411f3b3681c5200db4bdb9ebd92cecee/fender_analytics.02e26faaad99b84dea2e.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=YqaeyM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
93f0d546537bcf1e1ebe8f4ba443bcac98b22392bd9bae5d0db666337c58dd9f

Request headers

Referer
https://file.easytaxreturns.com/
Origin
https://file.easytaxreturns.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
s6PRsyiHbvTbV_8WPoKvhrrGYe8iSzIq
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Fri, 13 Oct 2023 20:10:13 GMT
x-amz-request-id
78N1KEHZAFWMQNJ5
age
47
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset-build-preview
content-length
11622
x-amz-id-2
DsKJWMgDiAnw+ymqyesnRJadaAZ7jV3T1W5RB+RyJVvs8YUxIL3mEOFrbbUDtNTVzHx9fiAShYQ=
x-served-by
cache-lga21961-LGA, cache-fra-eddf8230058-FRA
last-modified
Wed, 11 Oct 2023 15:26:24 GMT
server
AmazonS3
etag
"1c75897ca441f742ca6e7759a8e48969"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
794ad7f18d8e61e0a25ae3483f6461c51de66915
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
19, 39
static.094d93e3bce6bc538156.js
static-tracking.klaviyo.com/onsite/js/build-preview/commit-2cbeb33f411f3b3681c5200db4bdb9ebd92cecee/
2 KB
2 KB
Script
General
Full URL
https://static-tracking.klaviyo.com/onsite/js/build-preview/commit-2cbeb33f411f3b3681c5200db4bdb9ebd92cecee/static.094d93e3bce6bc538156.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=YqaeyM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b9ac76703fca894ec4e2f5b14034a6089bf643d613e30242d10614b83d20c1a1

Request headers

Referer
https://file.easytaxreturns.com/
Origin
https://file.easytaxreturns.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
scSqI_zKZTRuu9JvwbUFqEyfFfrkoJOd
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Fri, 13 Oct 2023 20:10:13 GMT
x-amz-request-id
78N5EC09387Y0SG6
age
47
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset-build-preview
content-length
981
x-amz-id-2
iT0pYTedP23+Mif9IWkzzBRY/j00SvfesPMAXHkt2SD330ooujRw3kgCTx6wljNX/kLP0RqCqnJH4uQVrV+6YQ==
x-served-by
cache-lga21965-LGA, cache-fra-eddf8230058-FRA
last-modified
Wed, 11 Oct 2023 15:26:24 GMT
server
AmazonS3
etag
"8c77403047f3eb44a85f28a9d7e04eae"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
794ad7f18d8e61e0a25ae3483f6461c51de66915
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
12, 40
runtime.cf5aac8e0222e1510de7.js
static.klaviyo.com/onsite/js/build-preview/commit-2cbeb33f411f3b3681c5200db4bdb9ebd92cecee/
19 KB
8 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/build-preview/commit-2cbeb33f411f3b3681c5200db4bdb9ebd92cecee/runtime.cf5aac8e0222e1510de7.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=YqaeyM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
37d1b8afa5abca1a72fa203e98ee87fe26bae85bd6513dc06c1eafc564b0f978

Request headers

Referer
https://file.easytaxreturns.com/
Origin
https://file.easytaxreturns.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
frN9sMYO1UV2B5pWPBxNRVHGb_A79zrb
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Fri, 13 Oct 2023 20:10:13 GMT
x-amz-request-id
K9YP8ZSX9WC3Z4YF
age
47
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset-build-preview
content-length
8060
x-amz-id-2
cAGxa3PwihK7QLYJWKB8bmZr0/Vs+pgfCMxqpE28xseFs8SslSHBtBRB9Cg30HrFqUIBXg1794Q=
x-served-by
cache-lga21948-LGA, cache-fra-etou8220023-FRA
last-modified
Thu, 12 Oct 2023 07:40:50 GMT
server
AmazonS3
etag
"f4d1dfd748ddefa0328831233521e657"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
630c4b2916b272f1336fa542733510052a4686dd
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
11, 26
sharedUtils.1b8e7017644b0bd50d44.js
static.klaviyo.com/onsite/js/build-preview/commit-2cbeb33f411f3b3681c5200db4bdb9ebd92cecee/
42 KB
17 KB
Script
General
Full URL
https://static.klaviyo.com/onsite/js/build-preview/commit-2cbeb33f411f3b3681c5200db4bdb9ebd92cecee/sharedUtils.1b8e7017644b0bd50d44.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=YqaeyM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3d847148d2bcffbf89700ba13f4f32c50dba58a5f11ab0b682d63ff4928bb90

Request headers

Referer
https://file.easytaxreturns.com/
Origin
https://file.easytaxreturns.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
awl4iH9JzJ1kRUapceweEHB5kb0h54aj
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Fri, 13 Oct 2023 20:10:13 GMT
x-amz-request-id
78N8AWCTPTP5TDMQ
age
47
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset-build-preview
content-length
16540
x-amz-id-2
aONA+x3ld00Hg4CsA7LB7kfiXyiRTAFVOGFE7zBW0fhth7n40bM9RcGtGZ3xzU5yf+z83jbgIzM=
x-served-by
cache-lga21932-LGA, cache-fra-etou8220023-FRA
last-modified
Wed, 11 Oct 2023 15:26:24 GMT
server
AmazonS3
etag
"92927d8cfdb7bdc24c7f45f5d93f9b96"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
794ad7f18d8e61e0a25ae3483f6461c51de66915
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
24, 30
post_identification_sync.3b75b4338bbc39c9c20a.js
static-tracking.klaviyo.com/onsite/js/build-preview/commit-2cbeb33f411f3b3681c5200db4bdb9ebd92cecee/
6 KB
3 KB
Script
General
Full URL
https://static-tracking.klaviyo.com/onsite/js/build-preview/commit-2cbeb33f411f3b3681c5200db4bdb9ebd92cecee/post_identification_sync.3b75b4338bbc39c9c20a.js?cb=1
Requested by
Host: static.klaviyo.com
URL: https://static.klaviyo.com/onsite/js/klaviyo.js?company_id=YqaeyM
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5ebe8de83d36f8ab629abe2e3b57304d6a375a9e11616c8ac561f9e35754a435

Request headers

Referer
https://file.easytaxreturns.com/
Origin
https://file.easytaxreturns.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

x-amz-version-id
FGevsVKkBgHCMoR_KpnVTejgI_2vViz3
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Fri, 13 Oct 2023 20:10:13 GMT
x-amz-request-id
G6MANP0ZBF7B4XA0
age
48
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-meta-surrogate-control
max-age=31536000
x-amz-meta-surrogate-key
fender-asset-build-preview
content-length
2812
x-amz-id-2
e4GoRU98T45GfnWhCIh7QqAiR39E8f0ON9+215uI9/fgZHSROhyeShqt6ybmy3v6dICFqbJMicw=
x-served-by
cache-lga21957-LGA, cache-fra-eddf8230058-FRA
last-modified
Wed, 11 Oct 2023 15:26:24 GMT
server
AmazonS3
etag
"bfd900e2bb07a66e8e827b3546f533ad"
vary
Accept-Encoding
x-amz-meta-entrypoints-hash
794ad7f18d8e61e0a25ae3483f6461c51de66915
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=2592000,stale-while-revalidate=10800
accept-ranges
bytes
x-cache-hits
3, 2
hotjar-2342289.js
static.hotjar.com/c/
10 KB
4 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-2342289.js?sv=7
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W3TKCP9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.245.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-245-61.lhr62.r.cloudfront.net
Software
/
Resource Hash
9841c2710c734dc94a3468bd712590d92e49bc63c8e08ab0fc3af2281e4e8396
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Fri, 13 Oct 2023 20:10:13 GMT
via
1.1 67ef3abac0a476e3c8690ff0f09febb8.cloudfront.net (CloudFront)
x-amz-cf-pop
LHR62-C3
etag
W/dfdfd624ad4e84c3939c06c7864a8e29
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
cross-origin-resource-policy
cross-origin
x-amz-cf-id
DXDoI64KjGGMOYISXVQ97hEdftMS99gcBiNWDQPBKpviySBwvVnNIw==
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/308357411/
3 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/308357411/?random=1697227813559&cv=11&fst=1697227813559&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffile.easytaxreturns.com%2F%3Futm_campaign%3D2023%2520%257C%25204868%2520%257C%2520Dual%2520%257C%2520Deadline%25203%2520%257C%2520Registered%2520%252801HCK3S3T0MWTBNGWHPB8GHSB3%2529%26amp%253Bmedium%3Demail%26amp%253Butm_source%3Dklaviyo%26utm_source%3Dklaviyo%26utm_medium%3Demail%26_kx%3D_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ&hn=www.googleadservices.com&frm=0&tiba=Login%20-%20EasyTaxReturns.com&auid=422220069.1697227814&uamb=0&uaw=0&data=_tag_mode%3DMANUAL&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W3TKCP9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3c38dfc3490f00c83399859568c1110a78d9f2bf2f61c63a39b2976f52b99e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1513
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/
198 KB
53 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 13 Oct 2023 20:10:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53498
x-xss-protection
0
pragma
public
x-fb-debug
SOSvuuwFMa/E2kf8/YSKJsn3ASYptn7pH3J8CKdpd4RJthH3vvCLUjcQZunsxVyHpgg4+DeZh+cltQ5tzYQ3zg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
PpPiyWfUjfTB3NrHjE9joUcz.js
code.upscope.io/
217 B
508 B
Script
General
Full URL
https://code.upscope.io/PpPiyWfUjfTB3NrHjE9joUcz.js
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-83.fra56.r.cloudfront.net
Software
/
Resource Hash
821c089654c9a9279bb523e1b0de9a7d56b33b8f2d95f50dd849ec542106579b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:10:13 GMT
via
1.1 47a7b8b932d91b0edbfc42f1ba94ebc0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
x-cache
Miss from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60,public
content-length
217
x-amz-cf-id
S5sG2EnFb14x6wKTR5AEWMyOjLklvslM2z3rqbIrWaEIzUujYmkivw==
klaviyo.js
file.easytaxreturns.com/%E2%80%9D//static.klaviyo.com/onsite/js/
0
0
Script
General
Full URL
https://file.easytaxreturns.com/%E2%80%9D//static.klaviyo.com/onsite/js/klaviyo.js?company_id=YqaeyM%E2%80%9D
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W3TKCP9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:10:14 GMT
strict-transport-security
max-age=2592000
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y5uhwo0g1sE2LlOlufw9%2F87KRXMiH2SbiqYB4p3S6XaIncqAXqStGWbqH6LgOA7CVJW%2F6xl8cikITQc4%2FmlqeQQZq4xEjE%2BnYVVwD1ryuW77Fp%2BepkGeorDCmlVaxRJySkoK9yG1NJBfP%2F%2Fx2EjtJrX%2FDXNXfg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
815a398ae8f737f1-FRA
alt-svc
h3=":443"; ma=86400
js
www.googletagmanager.com/gtag/
274 KB
89 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YZ0K5YSXPK&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W3TKCP9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8bd1037506f925312ec81986ac07771f9da4dbc6bb12cbd449ba263ae937aa3f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:10:13 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91522
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 13 Oct 2023 20:10:13 GMT
collect
region1.analytics.google.com/g/
0
259 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-YZ0K5YSXPK&gtm=45je3ab0&_p=1152645662&_gaz=1&cid=1306139716.1697227814&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1697227813&sct=1&seg=0&dl=https%3A%2F%2Ffile.easytaxreturns.com%2F%3Futm_campaign%3D2023%2520%257C%25204868%2520%257C%2520Dual%2520%257C%2520Deadline%25203%2520%257C%2520Registered%2520%252801HCK3S3T0MWTBNGWHPB8GHSB3%2529%26amp%253Bmedium%3Demail%26amp%253Butm_source%3Dklaviyo%26utm_source%3Dklaviyo%26utm_medium%3Demail%26_kx%3D_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ&dt=Login%20-%20EasyTaxReturns.com&en=page_view&_fv=1&_nsi=1&_ss=1&ep.gclid=utm_campaign%3D2023%2520%257C%25204868%2520%257C%2520Dual%2520%257C%2520Deadline%25203%2520%257C%2520Registered%2520%252801HCK3S3T0MWTBNGWHPB8GHSB3%2529%26amp%253Bmedium%3Demail%26amp%253Butm_source%3Dklaviyo%26utm_source%3Dklaviyo%26utm_medium%3Demail%26_kx%3D_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YZ0K5YSXPK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:10:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://file.easytaxreturns.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
259 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YZ0K5YSXPK&cid=1306139716.1697227814&gtm=45je3ab0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YZ0K5YSXPK&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:10:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://file.easytaxreturns.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YZ0K5YSXPK&cid=1306139716.1697227814&gtm=45je3ab0&aip=1&z=1945338357
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:10:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
497568864685417
connect.facebook.net/signals/config/
138 KB
36 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/497568864685417?v=2.9.134&r=stable&domain=file.easytaxreturns.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8320990896eb9034bedf6b5160b851fbf3f35736365307c06d32608138c18627
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 13 Oct 2023 20:10:13 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
P5XWi8q6Wvo/019BCZHQZkPphVCQd/T5zpLLI3GkZrwiPrkiaXrSxpJUpI3GGUV80aYz3rPNzCKaA44vOxPpBg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/308357411/
42 B
455 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/308357411/?random=1697227813559&cv=11&fst=1697227200000&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffile.easytaxreturns.com%2F%3Futm_campaign%3D2023%2520%257C%25204868%2520%257C%2520Dual%2520%257C%2520Deadline%25203%2520%257C%2520Registered%2520%252801HCK3S3T0MWTBNGWHPB8GHSB3%2529%26amp%253Bmedium%3Demail%26amp%253Butm_source%3Dklaviyo%26utm_source%3Dklaviyo%26utm_medium%3Demail%26_kx%3D_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ&frm=0&tiba=Login%20-%20EasyTaxReturns.com&data=_tag_mode%3DMANUAL&fmt=3&is_vtc=1&random=3599568815&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:10:13 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/308357411/
42 B
455 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/308357411/?random=1697227813559&cv=11&fst=1697227200000&bg=ffffff&guid=ON&async=1&gtm=45He3ab0&u_w=1600&u_h=1200&url=https%3A%2F%2Ffile.easytaxreturns.com%2F%3Futm_campaign%3D2023%2520%257C%25204868%2520%257C%2520Dual%2520%257C%2520Deadline%25203%2520%257C%2520Registered%2520%252801HCK3S3T0MWTBNGWHPB8GHSB3%2529%26amp%253Bmedium%3Demail%26amp%253Butm_source%3Dklaviyo%26utm_source%3Dklaviyo%26utm_medium%3Demail%26_kx%3D_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ&frm=0&tiba=Login%20-%20EasyTaxReturns.com&data=_tag_mode%3DMANUAL&fmt=3&is_vtc=1&random=3599568815&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:10:13 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.ee587d1590c42117acc4.js
script.hotjar.com/
226 KB
56 KB
Script
General
Full URL
https://script.hotjar.com/modules.ee587d1590c42117acc4.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2342289.js?sv=7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.111.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-111-36.mrs52.r.cloudfront.net
Software
/
Resource Hash
4f6bfb27f8eac39b667b0d59452cabccfbf85c5cfbaaa342bc8e9356d009d230
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 08:00:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 876d78271929a83070970f4d8906b684.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P2
age
43806
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
56258
last-modified
Fri, 13 Oct 2023 07:59:54 GMT
etag
"1d66ff222232fb73b66d2babe3451f66"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
pJVy7m18aRvU1y55UyiYFnJvzOAKtQG_3gFhegSp4y4_-rezC7utyw==
/
www.facebook.com/tr/
0
185 B
Image
General
Full URL
https://www.facebook.com/tr/?id=497568864685417&ev=PageView&dl=https%3A%2F%2Ffile.easytaxreturns.com%2F%3Futm_campaign%3D2023%2520%257C%25204868%2520%257C%2520Dual%2520%257C%2520Deadline%25203%2520%257C%2520Registered%2520%252801HCK3S3T0MWTBNGWHPB8GHSB3%2529%26amp%253Bmedium%3Demail%26amp%253Butm_source%3Dklaviyo%26utm_source%3Dklaviyo%26utm_medium%3Demail%26_kx%3D_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ&rl=&if=false&ts=1697227813934&sw=1600&sh=1200&v=2.9.134&r=stable&ec=0&o=30&fbp=fb.1.1697227813931.1770086339&cs_est=true&ler=empty&it=1697227813713&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 13 Oct 2023 20:10:14 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
2342289
vc.hotjar.io/sessions/
0
257 B
XHR
General
Full URL
https://vc.hotjar.io/sessions/2342289?s=0.25&r=0.059740496306263324
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.ee587d1590c42117acc4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.15 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-15.fra56.r.cloudfront.net
Software
Python/3.8 aiohttp/3.8.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:10:14 GMT
via
1.1 3517ce13630d84c5b14e88de469985cc.cloudfront.net (CloudFront)
server
Python/3.8 aiohttp/3.8.4
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
YbrGAshEciT9evdWSI9SptimF5-E22FFwyuFX2q4jpe2VT5045Xltw==
marketing-photo-etr.jpg
file.easytaxreturns.com/css/resources/
812 KB
813 KB
Image
General
Full URL
https://file.easytaxreturns.com/css/resources/marketing-photo-etr.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
cf57606136ad1ad197925c985f1346493a4ba890ab3f1ccdc61c3e262780c123
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:10:14 GMT
strict-transport-security
max-age=2592000
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
content-length
831418
last-modified
Tue, 12 Apr 2022 13:21:52 GMT
server
cloudflare
etag
"1d84e7045bd37ba"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQdIa6UmEUgH5xyWSLWzRQOUsmqxYoy92iFRO4X3pHWDC8tnnUVSvwT6KRHC0LpnhB%2FwDRWUuWB8JoKvmbKgMMJEsS95HLAcPa%2B4fW2iUV4OEEQwZb8Le5gv0SzkYijv1UbG5%2FsTYuYGpZXp%2BZX3Vt9X4jUP%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
815a398dcccf37f1-FRA
icon_30days.svg
file.easytaxreturns.com/css/resources/
77 KB
17 KB
Image
General
Full URL
https://file.easytaxreturns.com/css/resources/icon_30days.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
02acb3e6b19d53a4bd295eb9b47c097c4fb7d0d2b76d0f799ed2ec611aba58c5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:10:14 GMT
strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 18 Feb 2022 10:26:26 GMT
server
cloudflare
etag
W/"1d824b1fbd181a0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l8CtvW%2FxHJg1ojo2KJrI8RkoTbcWzb71NJDeJzUQbbrrbQPCzq9gZjJexh0T9eKqitFlT9IBhERJsqvWsjUJdjma0y2hPBwXA9sFJ3jZk8uh9QybqgkuZEEea26AAq51BHwN5%2FNmEoq0qCaLrN47DPPCIHTJwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
815a398dccd537f1-FRA
logo_bbb.svg
file.easytaxreturns.com/css/resources/
101 KB
75 KB
Image
General
Full URL
https://file.easytaxreturns.com/css/resources/logo_bbb.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
3f2edbbf8a4f3ca14737843cfbe07a9431701b9b0cd50b2d762f57d34e31ba41
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:10:14 GMT
strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 18 Feb 2022 10:26:26 GMT
server
cloudflare
etag
W/"1d824b1fbd12613"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NgYDP1prKyHAjth4285t9eOxfRVTD%2BgziFfKmrwii2f2b98Bxfr7v0H0DgRMp95dnty79M7h%2FAAVPNb37GdmxNOoQWxjD%2F0dMvbov7pYqn2h%2BFyoGfjdDmFQBgH529FARGSo5nVFhIwAl5lxBjHy%2FVQ9bYH3TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
815a398dccd737f1-FRA
icon_247support.svg
file.easytaxreturns.com/css/resources/
49 KB
15 KB
Image
General
Full URL
https://file.easytaxreturns.com/css/resources/icon_247support.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
b1b77798485b64beb38dfe6b9a5b00f13ab6149ebc8e26e1ed6cc65da08f8a14
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:10:14 GMT
strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3
x-powered-by
ASP.NET
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 18 Feb 2022 10:26:26 GMT
server
cloudflare
etag
W/"1d824b1fbd0708f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NzGMm81%2BcH0GyvrLxZBFV16bXahzpo0W6Tv1QagKbVtG1bJxbPaCi2jom%2BiYafbvnLeVvO43YmhiTt6dwxMpncOAnILjboSoS13lVpG86e8rVSts1RMQkdX8KqioaKG%2FSt%2FeZy%2FEkrcDngT2Dja88ES52CoQAA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
815a398dccd937f1-FRA
icon_checked_blue.svg
file.easytaxreturns.com/css/resources/
663 B
896 B
Image
General
Full URL
https://file.easytaxreturns.com/css/resources/icon_checked_blue.svg
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/css/site.min.css?v=AfOJJ6w4WMjsQHFs1yPeh1r0_BAWnlPqPSVq22Fvkd0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / ASP.NET
Resource Hash
52e885a3771afccbaaa30d25df2e7a99077632e78567c8f927127f8bb0b90b8a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://file.easytaxreturns.com/css/site.min.css?v=AfOJJ6w4WMjsQHFs1yPeh1r0_BAWnlPqPSVq22Fvkd0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 20:10:14 GMT
strict-transport-security
max-age=2592000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Fri, 18 Feb 2022 10:26:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1d824b1fbd0b797"
x-powered-by
ASP.NET
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2BEteN6I5xi7rb%2B%2Bz54fl6TKkWVnSCJAubsGu%2BOpKPfB%2F8A%2BCNHteh7DcugaXIvgsPZvwehJ1UP9tflUXpyEK%2Bu8yaMx661aH0t%2BrRp%2BNA7DFKeSsylH5%2B7i6%2Bcg0Bjwhh1OfmCzK56YoFZU0zhAnwe9oB9PIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
815a398dccdb37f1-FRA
alt-svc
h3=":443"; ma=86400
NGSpv5_NC0k9P_v6ZUCbLRAHxK1Euyyccg.ttf
fonts.gstatic.com/s/heebo/v21/
32 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/heebo/v21/NGSpv5_NC0k9P_v6ZUCbLRAHxK1Euyyccg.ttf
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/css/site.min.css?v=AfOJJ6w4WMjsQHFs1yPeh1r0_BAWnlPqPSVq22Fvkd0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa43de30a0a0fdbc374697aaf45a6ea09067a72ecf5acf2802441d0bc111401a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.easytaxreturns.com/
Origin
https://file.easytaxreturns.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Sun, 08 Oct 2023 07:17:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
478372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21340
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:35:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 07 Oct 2024 07:17:22 GMT
NGSpv5_NC0k9P_v6ZUCbLRAHxK1ECSyccg.ttf
fonts.gstatic.com/s/heebo/v21/
32 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/heebo/v21/NGSpv5_NC0k9P_v6ZUCbLRAHxK1ECSyccg.ttf
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/css/site.min.css?v=AfOJJ6w4WMjsQHFs1yPeh1r0_BAWnlPqPSVq22Fvkd0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
586525e884d446df8451815b453123ccf5bc42a6ec27e133da576b358284e110
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://file.easytaxreturns.com/
Origin
https://file.easytaxreturns.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 15:06:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18198
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21122
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:35:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 12 Oct 2024 15:06:56 GMT
m=base
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.oJVVZcul6Vg.es5.O/am=ggE/d=1/rs=AOaEmlHh7UJU0b1Wy7ov9ig2kuDzwGOFYQ/ Frame 9286
0
0

cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame 9286
2 KB
915 B
Other
General
Full URL
https://accounts.google.com/_/IdpIFrameHttp/cspreport
Requested by
Host: file.easytaxreturns.com
URL: https://file.easytaxreturns.com/?utm_campaign=2023%20%7C%204868%20%7C%20Dual%20%7C%20Deadline%203%20%7C%20Registered%20%2801HCK3S3T0MWTBNGWHPB8GHSB3%29&amp%3Bmedium=email&amp%3Butm_source=klaviyo&utm_source=klaviyo&utm_medium=email&_kx=_mHuLIAqF8plVN3aX2DEFulUmmw6Amq3q1DRRax142ghiK0jPwJuiDnL5z-9ntu-.Tk2fRQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200d -, , ASN (),
Reverse DNS
Software
GSE /
Resource Hash
322b0eacfa010b00d14a2865ad20003574622a770f2d0c2ce4fa3e7c6a53c946
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.70 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Fri, 13 Oct 2023 20:10:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.gstatic.com
URL
https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.de.oJVVZcul6Vg.es5.O/am=ggE/d=1/rs=AOaEmlHh7UJU0b1Wy7ov9ig2kuDzwGOFYQ/m=base

Verdicts & Comments Add Verdict or Comment

221 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| signalR function| generator function| checkIfIsIframe function| genPassword function| cookie function| uiHelper function| helper function| notification function| confirmJs function| closeBrowser function| addClassNameListener function| googleAddressAutocomplete function| formatCurrency function| formatCurrencyHtml function| formatNumber function| helperCalcXml function| klaviyoUtil function| taxReturnHelper function| loginModel function| resetPasswordModel function| dataService function| authenticateService function| authenticateProfile function| setupService function| clientService function| zendDeskService function| freshDeskService function| extensionService function| personalExtensionService function| businessExtensionService function| statePersonalExtensionService function| stateBusinessExtensionService function| filingService function| dynamicOnboadPageService function| errorService function| realTimeUserService function| feedbackService function| cpaService function| ssoService function| taxFyleService function| columnTaxService function| dashboardService function| ateService function| productService function| checkoutService function| orderService function| loginPartial function| initMainApp function| initApp function| preInitApp object| geoip2 object| $jscomp undefined| _supportArticlesScroll undefined| _supportFullArticleScroll undefined| _stripe undefined| _elements undefined| _stripeExistsInterval undefined| _hostedFieldsInstance undefined| _deviceData string| thankYouRedirect string| _apiUrl string| _signalrHubUrl string| _deviceId string| _firebaseToken string| _deviceOs string| _currentEmail number| _userActivityTimeout number| _INACTIVE_USER_TIME_THRESHOLD object| _publicUrls object| _publicWithoutSupportUrls boolean| _isPublicUrl boolean| _isPublicWithoutSupportUrls number| _loaderTimeout number| _loaderMessage string| _facebookAppId string| _googleClientId boolean| _socialLoginLoaded boolean| _twitterLoginLoaded object| vmMainApp object| _learnq boolean| _isOffline string| _accessCod number| _currentTaxYear string| _columnTaxUrl string| uts_eventid string| uts_orderid string| uts_saleamount string| uts_coupon string| uts_discount string| uts_currency string| uts_cgid string| linkeding_partner_id function| $ function| jQuery object| Popper object| bootstrap function| _ object| accounting function| Vue function| VeeValidate object| Maska object| VueNumeric object| alertify function| jconfirm function| Jconfirm function| moment function| numeral function| flatpickr object| gapi object| ___jsl function| focusError function| registerVeeValidators function| fillErrors function| addValidationError function| responseStatus function| toggleLoader function| showLoader function| hideLoader function| currentUrl function| updateCurrentUrl function| queryString function| showInstantLoader function| updateLoaderMessage function| currentDate function| formatPricePackage function| changeHistoryUrl function| cleanPhoneNumber function| toDataURL function| bytesToSize function| getCurrentThemeType function| setThemeTypeLocally function| getThemeTypeLocally function| generateDeviceId function| getClientEmailByOce function| call function| callFormData function| apiCallDefferer function| apiCallDeffererWithAuth function| apiCallDeffererFormData function| apiCallDeffererFormDataWithAuth function| IDgenerator function| addJsScript function| initInterface function| initUrlAuthorization function| activateActivityTracker function| resetUserActivityTimeout function| inactiveUserAction function| setDisclaimerCookie function| checkDisclaimerCookie function| dynamicOnBoardPageId function| oceCampaignId function| oceReferenceId function| addFavIcon function| showModalTimeout function| hideModalTimeout function| addGoogleRecaptchaScript function| addKlavyioScript function| initSocialLogin function| moveToNextTab function| moveToTab function| initPrivateHeader function| openSupportChat function| openOnlySupportChat function| initCustomRadioButton function| addUnsavedChangeAlert function| setCookie function| setCookieDays function| setCookieExactDay function| getCookie function| deleteCookie object| dataLayer function| setToken function| setFirebase function| getLoggedUser function| setLoggedUser function| setAccessToken function| setRefreshToken function| getAccessToken function| getRefreshToken function| getFirebase function| logout function| logoutClick function| logoutWithoutRedirect function| setEmailAddress function| getEmailAddress function| setEmailAddressMasked function| getEmailAddressMasked function| setPhoneMasked function| getPhoneMasked function| removeLoginCodeData function| logError function| initFreshChat function| initialize function| initiateCall function| pingUser function| fbAsyncInit function| getDynamicOnboardPage object| osapi object| FB string| __klKey object| google_tag_manager object| google_tag_data function| hj object| _hjSettings object| GooglebQhCsO function| fbq function| _fbq function| Upscope object| __buffer object| webpackChunk_klaviyo_onsite_modules function| onYouTubeIframeAPIReady object| gaGlobal object| _klOnsite object| klaviyo object| core object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules

14 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 511=nbBl-PKr5F9lo5ofxxSmPgiiWbR5ItqRUqHeAAkC7wLKA0Bcokds3jN3f_whUrDO8VRfsCtw347H-eP55uU8tLYg8ezQiJYLim68w2XCLVns77L5c-s7NBwznvV_f7NJci8mJTNAi5GGLcZuw7NrCwDaOZ5UIhxG1RejktfCh7c
file.easytaxreturns.com/ Name: oceRef
Value: null
.file.easytaxreturns.com/ Name: G_ENABLED_IDPS
Value: google
.easytaxreturns.com/ Name: _gcl_au
Value: 1.1.422220069.1697227814
.easytaxreturns.com/ Name: _ga
Value: GA1.1.1306139716.1697227814
.easytaxreturns.com/ Name: _ga_YZ0K5YSXPK
Value: GS1.1.1697227813.1.0.1697227813.60.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
file.easytaxreturns.com/ Name: __kla_id
Value: eyJjaWQiOiJNamt3WlRnMlptVXRaRGt5TnkwMFpUSTNMV0kwWVRJdE1HVmtOVFl5TnpsbE16RXciLCIkcmVmZXJyZXIiOnsidHMiOjE2OTcyMjc4MTQsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vZmlsZS5lYXN5dGF4cmV0dXJucy5jb20vP3V0bV9jYW1wYWlnbj0yMDIzJTIwJTdDJTIwNDg2OCUyMCU3QyUyMER1YWwlMjAlN0MlMjBEZWFkbGluZSUyMDMlMjAlN0MlMjBSZWdpc3RlcmVkJTIwJTI4MDFIQ0szUzNUME1XVEJOR1dIUEI4R0hTQjMlMjkmYW1wJTNCbWVkaXVtPWVtYWlsJmFtcCUzQnV0bV9zb3VyY2U9a2xhdml5byZ1dG1fc291cmNlPWtsYXZpeW8mdXRtX21lZGl1bT1lbWFpbCZfa3g9X21IdUxJQXFGOHBsVk4zYVgyREVGdWxVbW13NkFtcTNxMURSUmF4MTQyZ2hpSzBqUHdKdWlEbkw1ei05bnR1LS5UazJmUlEifSwiJGxhc3RfcmVmZXJyZXIiOnsidHMiOjE2OTcyMjc4MTQsInZhbHVlIjoiIiwiZmlyc3RfcGFnZSI6Imh0dHBzOi8vZmlsZS5lYXN5dGF4cmV0dXJucy5jb20vP3V0bV9jYW1wYWlnbj0yMDIzJTIwJTdDJTIwNDg2OCUyMCU3QyUyMER1YWwlMjAlN0MlMjBEZWFkbGluZSUyMDMlMjAlN0MlMjBSZWdpc3RlcmVkJTIwJTI4MDFIQ0szUzNUME1XVEJOR1dIUEI4R0hTQjMlMjkmYW1wJTNCbWVkaXVtPWVtYWlsJmFtcCUzQnV0bV9zb3VyY2U9a2xhdml5byZ1dG1fc291cmNlPWtsYXZpeW8mdXRtX21lZGl1bT1lbWFpbCZfa3g9X21IdUxJQXFGOHBsVk4zYVgyREVGdWxVbW13NkFtcTNxMURSUmF4MTQyZ2hpSzBqUHdKdWlEbkw1ei05bnR1LS5UazJmUlEifX0=
.easytaxreturns.com/ Name: _fbp
Value: fb.1.1697227813931.1770086339
.easytaxreturns.com/ Name: _hjSessionUser_2342289
Value: eyJpZCI6ImZjM2M0ODA1LTZjZTctNThjMi1hZWJhLTU5N2NmNTliYTM0MyIsImNyZWF0ZWQiOjE2OTcyMjc4MTQwMTAsImV4aXN0aW5nIjpmYWxzZX0=
.easytaxreturns.com/ Name: _hjFirstSeen
Value: 1
.easytaxreturns.com/ Name: _hjIncludedInSessionSample_2342289
Value: 0
.easytaxreturns.com/ Name: _hjSession_2342289
Value: eyJpZCI6ImFlYjE3ZDcxLWZlZjctNDY5MS1iZTQ3LWQ2YjYxN2ZhZTUwZSIsImNyZWF0ZWQiOjE2OTcyMjc4MTQwMTEsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6ZmFsc2V9
.easytaxreturns.com/ Name: _hjAbsoluteSessionInProgress
Value: 1

4 Console Messages

Source Level URL
Text
security warning URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.Wg4ryxGk1iM.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rhrOAI6GnIAmuILPEtRh-pVetAQ/cb=gapi.loaded_0?le=scs(Line 184)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://file.easytaxreturns.com/%E2%80%9D//static.klaviyo.com/onsite/js/klaviyo.js?company_id=YqaeyM%E2%80%9D
Message:
Failed to load resource: the server responded with a status of 404 ()
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=2592000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
api.filelater.com
apis.google.com
code.upscope.io
connect.facebook.net
file.easytaxreturns.com
fonts.gstatic.com
googleads.g.doubleclick.net
itspublic.blob.core.windows.net
region1.analytics.google.com
script.hotjar.com
static-tracking.klaviyo.com
static.hotjar.com
static.klaviyo.com
stats.g.doubleclick.net
trk.klclick1.com
vc.hotjar.io
www.facebook.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.gstatic.com
13.224.245.61
151.101.194.133
151.101.2.133
18.66.112.15
2001:4860:4802:32::36
2600:9000:2450:800:18:359:ab80:93a1
2606:4700:20::ac43:4af4
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:812::2008
2a00:1450:4001:81c::200d
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::200e
2a00:1450:400c:c09::9c
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a06:98c1:3120::3
52.239.237.100
54.192.111.36
65.9.66.83
01668bae8143b1ce94aad074bd743da647293677c0ae6c20e504c6c345f7b951
01e0e5fb157efe4b85659d30c961b21059c80df9088119a70f01215cd28817e8
01f38927ac3858c8ec40716cd723de875af4fc10169e53ea3d256adb616f91dd
02acb3e6b19d53a4bd295eb9b47c097c4fb7d0d2b76d0f799ed2ec611aba58c5
149b94b0556bff7cda0bdedc9e25acb1b426385207ad23b9746d7165a9884813
1d81156ee0a3aa05e8addddd3707ab59c4df5f09d5bfdf738086b15d63c28b89
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
30370a77783bf93ed1279cae54ef5d1684aa4d0fe6330c240c9750641c546899
303cec444c151a6e593ebcdc77d46766294b6a5aa5f837fadd7ca0bfde64644b
30defcaf35599114261a2ae54df6c834c481e684bd3a6ac712ffc12566453e57
322b0eacfa010b00d14a2865ad20003574622a770f2d0c2ce4fa3e7c6a53c946
37d1b8afa5abca1a72fa203e98ee87fe26bae85bd6513dc06c1eafc564b0f978
3f2edbbf8a4f3ca14737843cfbe07a9431701b9b0cd50b2d762f57d34e31ba41
40ae9aae5fdb7126ca9730110344b871ad67de5f2e080d8aa5b99a62f679e55c
4f6bfb27f8eac39b667b0d59452cabccfbf85c5cfbaaa342bc8e9356d009d230
51376fdc47def4542f6b054e151e39e99f5b47ed40d79b5c82834aa908b769cf
52e885a3771afccbaaa30d25df2e7a99077632e78567c8f927127f8bb0b90b8a
564a53ce84ae022b30816d44aa48589ebfe170c226b098d0245c47fe13341c67
586525e884d446df8451815b453123ccf5bc42a6ec27e133da576b358284e110
58ce837eacdf9d9f4038f4ecdbebc41c418b346ceffd66d2faa9a97b72aac854
5ebe8de83d36f8ab629abe2e3b57304d6a375a9e11616c8ac561f9e35754a435
602739d740bdef76346331020331bf1b09d86765fd42082043fe6c9757a59181
60c51db9e88c47ea411cd461c136bc57a4ae6b51d93a0739f974a354630ba3ca
7124568121568ee62f7e5b8b7b31e757c37b850cde32309f7d30f3fbbe288aa9
821c089654c9a9279bb523e1b0de9a7d56b33b8f2d95f50dd849ec542106579b
8320990896eb9034bedf6b5160b851fbf3f35736365307c06d32608138c18627
8bd1037506f925312ec81986ac07771f9da4dbc6bb12cbd449ba263ae937aa3f
93f0d546537bcf1e1ebe8f4ba443bcac98b22392bd9bae5d0db666337c58dd9f
97f3a389c559d12009100ed7f00617719311bb72d429f5783f0298a63933cb6c
9841c2710c734dc94a3468bd712590d92e49bc63c8e08ab0fc3af2281e4e8396
a48ba8bcbb7544251f2f3002c1ed7e0ae0aced5b6b687b2419340fd2841b0e32
a6db9dce248d580bac480150ca21451b3eb762ae199e01017afa6852dc7ab7b6
aa43de30a0a0fdbc374697aaf45a6ea09067a72ecf5acf2802441d0bc111401a
b1b691042e5004430e4e2f28fa0c18c2d50ec524bfef6dd04102471effa09436
b1b77798485b64beb38dfe6b9a5b00f13ab6149ebc8e26e1ed6cc65da08f8a14
b9ac76703fca894ec4e2f5b14034a6089bf643d613e30242d10614b83d20c1a1
c3c38dfc3490f00c83399859568c1110a78d9f2bf2f61c63a39b2976f52b99e6
c832b51faeee62056d6ace51d1e385eb4ad1222a078b3f4dd54c1acd38d0809c
cbbd38870eb0edeb3b75bc3b409f0d311cfb712a08664e9cd9816e10a4938f60
cf57606136ad1ad197925c985f1346493a4ba890ab3f1ccdc61c3e262780c123
cfe3b7382e477059da11be2099914b94f0e2a4f08240c60542c376957b8d9658
e24d0f7f6d1a1d78fbcec47e29ff66119b187cdff44baa43a9eb2d7d03c6986c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b458bb6da1d06d2bd7dfa028a048c1b7856b6ea7d295011c455e0ad88296a3
ec0991e921d7ae20780984c34a873b4005bb82988368b68a04ea93b619224e81
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3d847148d2bcffbf89700ba13f4f32c50dba58a5f11ab0b682d63ff4928bb90