gaataxconsult.com Open in urlscan Pro
2606:4700::6810:fc2 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gaataxconsult.com/welcome
Submission: On August 19 via api (August 19th 2023, 6:36:54 pm UTC) from US — Scanned from DE

Summary HTTP 61 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 18 IPs in 2 countries across 13 domains to perform 61 HTTP transactions. The main IP is 2606:4700::6810:fc2, located in United States and belongs to CLOUDFLARENET, US. The main domain is gaataxconsult.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 1st 2023. Valid for: a year.

This is the only time gaataxconsult.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	2606:4700::68... 2606:4700::6810:fc2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:e0:... 2606:4700:e0::ac40:660b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6810:cc2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:238... 2600:9000:238d:d800:2:c605:29c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	35.153.215.196 35.153.215.196	14618 (AMAZON-AES) (AMAZON-AES)
2	2600:9000:224... 2600:9000:224a:0:8:2495:5540:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:210... 2600:9000:2104:8800:4:f6ce:61c0:93a1	16509 (AMAZON-02) (AMAZON-02)
13	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	2600:9000:243... 2600:9000:243d:fa00:16:a497:9700:93a1	16509 (AMAZON-02) (AMAZON-02)
2	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
2	100.24.151.68 100.24.151.68	14618 (AMAZON-AES) (AMAZON-AES)
6	18.204.46.114 18.204.46.114	14618 (AMAZON-AES) (AMAZON-AES)
61	18

10 2606:4700::6810:fc2 (United States)

ASN13335 (CLOUDFLARENET, US)

gaataxconsult.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e0::ac40:660b (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:cc2 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
app.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:238d:d800:2:c605:29c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.153.215.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-153-215-196.compute-1.amazonaws.com

form.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:224a:0:8:2495:5540:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2104:8800:4:f6ce:61c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

renderer-assets.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:243d:fa00:16:a497:9700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.rudderlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 100.24.151.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-151-68.compute-1.amazonaws.com

rudderstack-control-plane.cdp.prod.data.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.204.46.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-46-114.compute-1.amazonaws.com

rudderstack.cdp.prod.data.typeform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	typeform.com embed.typeform.com — Cisco Umbrella Rank: 26018 form.typeform.com — Cisco Umbrella Rank: 44529 images.typeform.com — Cisco Umbrella Rank: 42362 renderer-assets.typeform.com — Cisco Umbrella Rank: 38063 rudderstack-control-plane.cdp.prod.data.typeform.com — Cisco Umbrella Rank: 40132 rudderstack.cdp.prod.data.typeform.com — Cisco Umbrella Rank: 38564	661 KB
13	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 611	91 KB
10	gaataxconsult.com gaataxconsult.com	786 KB
4	clickfunnels.com assets.clickfunnels.com — Cisco Umbrella Rank: 80562 app.clickfunnels.com — Cisco Umbrella Rank: 47189	3 KB
3	gstatic.com fonts.gstatic.com	48 KB
2	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 320	753 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	69 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 73	4 KB
2	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1288	17 KB
1	rudderlabs.com cdn.rudderlabs.com — Cisco Umbrella Rank: 13702	134 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	185 B
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1212	7 KB
0	addevent.com Failed track.addevent.com Failed
61	13

	Domain	Requested by
13	js-agent.newrelic.com	gaataxconsult.com
10	gaataxconsult.com	gaataxconsult.com
6	rudderstack.cdp.prod.data.typeform.com	form.typeform.com
4	renderer-assets.typeform.com	form.typeform.com renderer-assets.typeform.com
3	app.clickfunnels.com	gaataxconsult.com
3	fonts.gstatic.com	fonts.googleapis.com
2	rudderstack-control-plane.cdp.prod.data.typeform.com	form.typeform.com
2	bam.nr-data.net	gaataxconsult.com
2	images.typeform.com	form.typeform.com
2	form.typeform.com	embed.typeform.com form.typeform.com
2	embed.typeform.com	gaataxconsult.com embed.typeform.com
2	connect.facebook.net	gaataxconsult.com
2	fonts.googleapis.com	gaataxconsult.com
2	use.fontawesome.com	gaataxconsult.com
1	cdn.rudderlabs.com	renderer-assets.typeform.com
1	www.facebook.com	gaataxconsult.com
1	static.cloudflareinsights.com	gaataxconsult.com
1	assets.clickfunnels.com	gaataxconsult.com
0	track.addevent.com Failed	gaataxconsult.com
61	19

This site contains links to these domains. Also see Links.

Domain
measuredresultscpa.com

Subject Issuer	Validity	Valid
gaataxconsult.com Cloudflare Inc ECC CA-3	`2023-03-01` - `2024-02-29`	a year	crt.sh
use.fontawesome.com GTS CA 1P5	`2023-07-04` - `2023-10-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-23` - `2024-06-22`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-29` - `2023-08-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.typeform.com Amazon RSA 2048 M01	`2023-02-24` - `2023-10-29`	8 months	crt.sh
typeform.com Amazon RSA 2048 M02	`2023-06-14` - `2024-07-12`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-04-13` - `2024-05-14`	a year	crt.sh
*.rudderlabs.com Amazon RSA 2048 M02	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
cdp.prod.data.typeform.com Amazon RSA 2048 M02	`2023-02-23` - `2024-02-01`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://gaataxconsult.com/welcome
Frame ID: 4D774907A9127B43DB1DA75B0EAFAA27
Requests: 43 HTTP requests in this frame

Frame: https://form.typeform.com/to/cYYXFX6y?typeform-embed-id=6349614825946459&typeform-embed=embed-widget&typeform-source=gaataxconsult.com&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true
Frame ID: 6367B43BD6014E48CF4A53ED19D711BA
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Free Tax Assessment | TRM CPA

Detected technologies

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

61
Requests

97 %
HTTPS

71 %
IPv6

13
Domains

19
Subdomains

18
IPs

2
Countries

1819 kB
Transfer

5731 kB
Size

24
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://measuredresultscpa.com/disclaimer.php
Title: Terms

Search URL Search Domain Scan URL

URL: https://measuredresultscpa.com/privacy.php
Title: Policies

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

61 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request welcome Show response
gaataxconsult.com/ 128 KB
33 KB 391ms
169ms Document
text/html 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gaataxconsult.com/welcome
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash: b1d198043c821530cb69153b3dd2b5abc3cd23e39fb9bce6fe2985c81167d252

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=60, public, s-maxage=600, r-maxage=10
cf-cache-status: HIT
cf-ray: 7f948117ab591e4e-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 19 Aug 2023 18:36:49 GMT
last-modified: Fri, 21 Jul 2023 14:24:08 GMT
server: cloudflare
status: 200 OK
vary: Accept-Encoding
x-content-digest: 3c65d1f3dfc8b1bc3d84255293aa1c59d3c6f6ba
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: stale, valid, store
x-request-id: 0edf3abb47f2225f04b7de51de76c9a2
x-runtime: 0.383694

GET
H2 200 lander.css
gaataxconsult.com/assets/ 425 KB
70 KB 71ms
70ms Stylesheet
text/css 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gaataxconsult.com/assets/lander.css
Requested by: Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaataxconsult.com/welcome
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 18:36:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Aug 2023 15:46:44 GMT
server: cloudflare
age: 1072
etag: W/"64dcef64-6a514"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=1200
cf-ray: 7f948118bcd51e4e-FRA
expires: Sat, 19 Aug 2023 18:56:49 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.9.0/css/ 55 KB
12 KB 93ms
29ms Stylesheet
text/css 2606:4700:e0::ac40:660b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Requested by: Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaataxconsult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 18:36:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Q6KT8X86M8XRFQ23
age: 343075
alt-svc: h3=":443"; ma=86400
x-amz-id-2: iRnyzeQZEMXai4M53ach8XhVAeYNFZ94vbYIhgiAiakHWY8yaFt2ReNE9AjiV7P9COfyiH1lN4M=
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
server: cloudflare
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8YmQsm7bRKGgPq2wFpLOSZ4jMI3hXtQaVz%2F8SlxlOpoY7UEpINd9VATgGBoVCGl%2BKbmrAfi7PMHw7lYa2fqmMAcprPh73Mer%2BZlnF76IXk9N0kK42cLc952jI2kyeF6qyCceBb%2B%2FZpO59VHS6cEtPrVJ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7f9481192fa1693a-FRA

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v5.9.0/css/ 26 KB
5 KB 92ms
28ms Stylesheet
text/css 2606:4700:e0::ac40:660b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
Requested by: Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaataxconsult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 18:36:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: TTAKPBW0XYYD6XRF
age: 1478615
alt-svc: h3=":443"; ma=86400
x-amz-id-2: AP9UO+Bv38KJLZyALgJy5gVvb1Xywrkqiht+WtUxo69IbxT/4hgQaFkLqGIxci/ow2h21/zNDyg=
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
server: cloudflare
etag: W/"e140a7d32f343530f016095df3cc2ae4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0iiDuORh%2FgwuWVTtV6lDkR94LfT9ZNfcvI2%2F3qESMQbQyyRr2Ha1EUau3Mnqy3QnMdcOXH34OQXce5ij7%2B%2BptTIy4OiFQ3TguPA0i3S%2BYA%2B6vZRwf4Pz9MfCux92Zp740h7N0CG5k1eOhtjQDJxGqLZS"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 7f9481192fa2693a-FRA

GET
H2 200 css
fonts.googleapis.com/ 47 KB
3 KB 82ms
31ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

Requested by

Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

002a53dd1cf9e76d76936ad0c413a03296b0ef4931116370ddca0ac7fdf828b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaataxconsult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 19 Aug 2023 18:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 19 Aug 2023 18:09:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 19 Aug 2023 18:36:49 GMT

GET
H2 200 application.js Show response
gaataxconsult.com/assets/userevents/ 5 KB
2 KB 62ms
61ms Script
application/x-javascript 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gaataxconsult.com/assets/userevents/application.js
Requested by: Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a696b734193371073510c87df68430499c2f424ad3f7be42f586dc6aff78567b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaataxconsult.com/welcome
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 18:36:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Aug 2023 15:46:44 GMT
server: cloudflare
age: 1031
etag: W/"64dcef64-147c"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=1200
cf-ray: 7f948118bcd81e4e-FRA
expires: Sat, 19 Aug 2023 18:56:49 GMT

GET
H2 200 closemodal.png
assets.clickfunnels.com/images/ 672 B
1 KB 132ms
76ms Image
image/webp 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.clickfunnels.com/images/closemodal.png
Requested by: Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaataxconsult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 18:36:49 GMT
cf-cache-status: HIT
age: 1980738
cf-polished: origFmt=png, origSize=788
content-disposition: inline; filename="closemodal.webp"
content-length: 672
last-modified: Wed, 26 Jul 2023 14:55:58 GMT
cf-bgj: imgq:100,h2pri
server: cloudflare
etag: "64c133fe-314"
vary: Accept, Accept-Encoding
content-type: image/webp
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 7f948119cd573635-FRA
expires: Tue, 19 Sep 2023 18:36:49 GMT

GET
H2 200 png_GAA-logo-blk.png
gaataxconsult.com/hosted/images/84/274491e4094e0790a33ed41ece6a9c/ 10 KB
10 KB 93ms
93ms Image
image/png 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gaataxconsult.com/hosted/images/84/274491e4094e0790a33ed41ece6a9c/png_GAA-logo-blk.png
Requested by: Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bdb30bd9d9c4dbdc39ed3ebd82dc17b133650b8bfe9def8f5db56a8e5a953a15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaataxconsult.com/welcome
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 18:36:49 GMT
cf-cache-status: HIT
last-modified: Tue, 07 Apr 2020 22:55:34 GMT
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "b1ed258d12230224901dedd2775390e1"
vary: Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7f9481197dbd1e4e-FRA
content-length: 10297

GET
H2 200 css
fonts.googleapis.com/ 7 KB
990 B 40ms
39ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%7COxygen%7CRoboto%7COpen+Sans%7COxygen%7CRoboto%7CMontserrat%7C

Requested by

Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48008fe20e3485aeb233a6fd6b1d9d1e5940aac6d4013fac3b053021aa7ec12f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaataxconsult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 19 Aug 2023 18:36:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 19 Aug 2023 18:36:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 19 Aug 2023 18:36:49 GMT

GET
H2 200 lander.js Show response
gaataxconsult.com/assets/ 2 MB
663 KB 80ms
80ms Script
application/x-javascript 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gaataxconsult.com/assets/lander.js
Requested by: Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90f6e5fa596da0ae7d0d5d5fef04f98ea73e1b6a178a78d8d04fc86c2762ff9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaataxconsult.com/welcome
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 18:36:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Aug 2023 15:48:25 GMT
server: cloudflare
age: 1092
etag: W/"64dcefc9-238758"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=vtz0YVGVaXs7qC8Gle9Pmc0vLHGIQL1vnA.ucEdQkHE-1692470209-0-AREo3bMcfcH1cEjY9tIb6Avg80pcunOdd2AD_lCRUHSo-MLl7HU90ASUu83vgU1Krue9Kjqfw_h-j64VsKLeMXHzwLFL_phKgoD0O16t7CAj0jUd7mqzSr2nZM4Q4JBgiUkYOQKkOW_PFuS9a-9oOUbB0f_yJw0vD02nOmmgh-kYAFAqqcmq0Jh006oQq7hAZw"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: application/x-javascript
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=vtz0YVGVaXs7qC8Gle9Pmc0vLHGIQL1vnA.ucEdQkHE-1692470209-0-AREo3bMcfcH1cEjY9tIb6Avg80pcunOdd2AD_lCRUHSo-MLl7HU90ASUu83vgU1Krue9Kjqfw_h-j64VsKLeMXHzwLFL_phKgoD0O16t7CAj0jUd7mqzSr2nZM4Q4JBgiUkYOQKkOW_PFuS9a-9oOUbB0f_yJw0vD02nOmmgh-kYAFAqqcmq0Jh006oQq7hAZw; report-to cf-csp-endpoint
cache-control: public, max-age=1200
cf-ray: 7f9481196da61e4e-FRA
expires: Sat, 19 Aug 2023 18:56:49 GMT

GET
H2 200 pushcrew.js Show response
gaataxconsult.com/assets/ 637 B
444 B 64ms
63ms Script
application/x-javascript 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gaataxconsult.com/assets/pushcrew.js
Requested by: Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaataxconsult.com/welcome
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 18:36:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 16 Aug 2023 15:46:43 GMT
server: cloudflare
age: 42
etag: W/"64dcef63-27d"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=1200
cf-ray: 7f9481197dc01e4e-FRA
expires: Sat, 19 Aug 2023 18:56:49 GMT

GET
H2 200 v8b253dfea2ab4077af8c6f58422dfbfd1689876627854 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 111ms
57ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v8b253dfea2ab4077af8c6f58422dfbfd1689876627854
Requested by: Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391

Request headers

Referer: https://gaataxconsult.com/
Origin: https://gaataxconsult.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 18:36:49 GMT
content-encoding: gzip
last-modified: Thu, 20 Jul 2023 18:10:27 GMT
server: cloudflare
etag: W/"2023.7.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7f948119cf3d91f9-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 173 KB
47 KB 63ms
21ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaataxconsult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 19 Aug 2023 18:36:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47412
x-xss-protection: 0
pragma: public
x-fb-debug: Ip3w2ElpyXXQr7Wvqv/QuYn0aaSTTDK7HU3AOzbsynaR7D0rwViK6gImLjaDvxBOM720Zv5kC2zEtkZCd1SDxw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 bo_play_pattern.png
gaataxconsult.com/hosted/images/65/7322e03db811e69da91dabf47a1914/ 738 B
952 B 60ms
59ms Image
image/png 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gaataxconsult.com/hosted/images/65/7322e03db811e69da91dabf47a1914/bo_play_pattern.png
Requested by: Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd381edba22e18e9a5a6d70f5061a2df2aa601c586ff8ae6677a434404d05ede

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaataxconsult.com/welcome
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 18:36:49 GMT
cf-cache-status: HIT
last-modified: Wed, 29 Jun 2016 05:14:49 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
x-amz-cf-pop: FRA53-C1
etag: "dd9f87967fbccb8036c23bbd3e5336b6"
cf-polished: status=not_needed
vary: Accept, Accept-Encoding
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 7f9481197dd01e4e-FRA
content-length: 738

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 71ms
22ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gaataxconsult.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 11:08:17 GMT
x-content-type-options: nosniff
age: 26912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 11:08:17 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 74ms
26ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gaataxconsult.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 22:08:16 GMT
x-content-type-options: nosniff
age: 246513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Aug 2024 22:08:16 GMT

GET
H2 200 2sDfZG1Wl4LcnbuKjk0m.woff2
fonts.gstatic.com/s/oxygen/v15/ 16 KB
16 KB 66ms
43ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v15/2sDfZG1Wl4LcnbuKjk0m.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%7COxygen%7CRoboto%7COpen+Sans%7COxygen%7CRoboto%7CMontserrat%7C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://gaataxconsult.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 08:09:29 GMT
x-content-type-options: nosniff
age: 383240
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16348
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Aug 2024 08:09:29 GMT

GET
H2 200 188595741521104 Show response
connect.facebook.net/signals/config/ 80 KB
21 KB 135ms
133ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/188595741521104?v=2.9.124&r=stable&domain=gaataxconsult.com

Requested by

Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1cc0250b66c131a64227c22cff072af37adabb25eabfb05692ad5999e5c54d2b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaataxconsult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 19 Aug 2023 18:36:49 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: JvEVZHVENEXRpmPPidRlB3kOa2tN/mQ3OBcIqEsRgabEwwy1+H9StfIDBiKzjalgxgUWo2aPAq+gGwM/OV8z/w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 vendor.js Show response
gaataxconsult.com/ 18 KB
6 KB 152ms
151ms Script
application/javascript 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gaataxconsult.com/vendor.js
Requested by: Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash: 7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaataxconsult.com/welcome
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-runtime: 0.015389
date: Sat, 19 Aug 2023 18:36:49 GMT
content-encoding: br
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
cf-cache-status: HIT
server: cloudflare
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
x-powered-by: Phusion Passenger Enterprise 6.0.7
vary: Accept-Encoding
content-type: application/javascript
status: 200 OK
cache-control: max-age=900, public
cf-ray: 7f94811b58cf1e4e-FRA
x-rack-cache: stale, valid, store
x-request-id: 8289903e78afdd3b512d948d939db08b

GET /
track.addevent.com/atc/ 0
0

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
624 B 272ms
218ms XHR
text/html 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.clickfunnels.com/userevents/?funnel_id=bnF3WWRzdjB1L1Y1SDRLU29PcWwyZz09LS1xSzlVOC9OQ0VaSnZRTFJEZDFMcGt3PT0%3D--7fab9740f5e88440edd5d6aa54bc656014dbf800&page_id=ckpEQWxYOU0xS2dIZ1B6OE5QeUowdz09LS1wNWFmWDBYRnJ6TXFFTnNEdTJqY0N3PT0%3D--c26735f2ec457b936380d7b7a43a895c1f955198&funnel_step_id=L3d4cjk5RHhWTmp1WDRkWm9sRDkrUT09LS1MSVpHQkM5c1pWMTVib3FqT21hQ0dRPT0%3D--98d30fc7a368f6e0b68547cc657f9dcae0453e7a&user_id=d09MRDBZRG1jVnMwZGIzUFlvLzVvUT09LS1uNndFMm1yNUxvaWRTV2pRR2Z6V0x3PT0%3D--9a698818dd0e15c37492c365e9cd24f101a1edf1&account_id=Z3haemN4SFNmaHJ3NWxsRGFseHk4QT09LS03YkVVUURVWW1NNGZXaVlVSGtFaDN3PT0%3D--f43a4fd525138ae26b99d8cde1c656e0f2fb195b&page_code=NTI1MTM5NjU%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::PageviewsCreatedSummary&nonce=02c7c75e-8a2a-45a2-b570-bfbaf28de77f&url=https%3A%2F%2Fgaataxconsult.com%2Fwelcome
Requested by: Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaataxconsult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 18:36:50 GMT
access-control-request-method: *
x-runtime: 0.033179
cf-cache-status: BYPASS
server: cloudflare
x-powered-by: Phusion Passenger Enterprise 6.0.7
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
status: 202 Accepted
cache-control: no-cache, no-store
cf-ray: 7f94811bcaa9bba1-FRA
x-rack-cache: miss
x-request-id: 7a571bcaef2642545720ac6af09e6f6c

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
409 B 453ms
401ms XHR
text/html 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.clickfunnels.com/userevents/?funnel_id=bnF3WWRzdjB1L1Y1SDRLU29PcWwyZz09LS1xSzlVOC9OQ0VaSnZRTFJEZDFMcGt3PT0%3D--7fab9740f5e88440edd5d6aa54bc656014dbf800&page_id=ckpEQWxYOU0xS2dIZ1B6OE5QeUowdz09LS1wNWFmWDBYRnJ6TXFFTnNEdTJqY0N3PT0%3D--c26735f2ec457b936380d7b7a43a895c1f955198&funnel_step_id=L3d4cjk5RHhWTmp1WDRkWm9sRDkrUT09LS1MSVpHQkM5c1pWMTVib3FqT21hQ0dRPT0%3D--98d30fc7a368f6e0b68547cc657f9dcae0453e7a&user_id=d09MRDBZRG1jVnMwZGIzUFlvLzVvUT09LS1uNndFMm1yNUxvaWRTV2pRR2Z6V0x3PT0%3D--9a698818dd0e15c37492c365e9cd24f101a1edf1&account_id=Z3haemN4SFNmaHJ3NWxsRGFseHk4QT09LS03YkVVUURVWW1NNGZXaVlVSGtFaDN3PT0%3D--f43a4fd525138ae26b99d8cde1c656e0f2fb195b&page_code=NTI1MTM5NjU%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniquePageviewsCreatedSummary&nonce=307719bf-26c7-4a27-8b29-ed35f70eed97&url=https%3A%2F%2Fgaataxconsult.com%2Fwelcome
Requested by: Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaataxconsult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 18:36:50 GMT
access-control-request-method: *
x-runtime: 0.027610
cf-cache-status: BYPASS
server: cloudflare
x-powered-by: Phusion Passenger Enterprise 6.0.7
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
status: 202 Accepted
cache-control: no-cache, no-store
cf-ray: 7f94811bcaaebba1-FRA
x-rack-cache: miss
x-request-id: 452d8f9680577c5d8b8dbcd42eb7fe00

GET
H2 202 / Show response
app.clickfunnels.com/userevents/ 0
412 B 835ms
783ms XHR
text/html 2606:4700::6810:cc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.clickfunnels.com/userevents/?funnel_id=bnF3WWRzdjB1L1Y1SDRLU29PcWwyZz09LS1xSzlVOC9OQ0VaSnZRTFJEZDFMcGt3PT0%3D--7fab9740f5e88440edd5d6aa54bc656014dbf800&page_id=ckpEQWxYOU0xS2dIZ1B6OE5QeUowdz09LS1wNWFmWDBYRnJ6TXFFTnNEdTJqY0N3PT0%3D--c26735f2ec457b936380d7b7a43a895c1f955198&funnel_step_id=L3d4cjk5RHhWTmp1WDRkWm9sRDkrUT09LS1MSVpHQkM5c1pWMTVib3FqT21hQ0dRPT0%3D--98d30fc7a368f6e0b68547cc657f9dcae0453e7a&user_id=d09MRDBZRG1jVnMwZGIzUFlvLzVvUT09LS1uNndFMm1yNUxvaWRTV2pRR2Z6V0x3PT0%3D--9a698818dd0e15c37492c365e9cd24f101a1edf1&account_id=Z3haemN4SFNmaHJ3NWxsRGFseHk4QT09LS03YkVVUURVWW1NNGZXaVlVSGtFaDN3PT0%3D--f43a4fd525138ae26b99d8cde1c656e0f2fb195b&page_code=NTI1MTM5NjU%3D&mode_id=1&time_zone=Eastern%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniqueVisitorsCreatedSummary&nonce=e3052ecc-2310-4518-bb62-44a2e74f8b0d&url=https%3A%2F%2Fgaataxconsult.com%2Fwelcome
Requested by: Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:cc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaataxconsult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 18:36:50 GMT
access-control-request-method: *
x-runtime: 0.028768
cf-cache-status: BYPASS
server: cloudflare
x-powered-by: Phusion Passenger Enterprise 6.0.7
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
status: 202 Accepted
cache-control: no-cache, no-store
cf-ray: 7f94811bcaabbba1-FRA
x-rack-cache: miss
x-request-id: 8f8880f8feeea5ca1145f5b9a379a2e6

GET
H2 200 embed.js Show response
embed.typeform.com/next/ 57 KB
13 KB 116ms
31ms Script
application/x-javascript 2600:9000:238d:d800:2:c605:29c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.typeform.com/next/embed.js?_=1692470209860

Requested by

Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:238d:d800:2:c605:29c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

07cff711fe53ce041d6665be4fb42e794f0af1000fe73119efb1a923ef62ae06

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaataxconsult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: BpiqbPE0hmVBlcMBC2PT2jfT36xsqJ86
content-encoding: gzip
via: 1.1 f89ae7540cfd7be6febf2f3e1ef03e18.cloudfront.net (CloudFront)
date: Sat, 19 Aug 2023 18:32:31 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: AMS1-P1
age: 259
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 26 Jul 2023 12:11:38 GMT
server: AmazonS3
etag: W/"6fe5b122569ac6f2825cd18a6a15e068"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=0, must-revalidate
x-amz-cf-id: W0tI0uV0tTNvl4fCIldwWXE5Crj4nefScRqNt6ZrGcPGUu8Q2W-2fg==

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 61ms
20ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=188595741521104&ev=PageView&dl=https%3A%2F%2Fgaataxconsult.com%2Fwelcome&rl=&if=false&ts=1692470209878&sw=1600&sh=1200&v=2.9.124&r=stable&ec=0&o=28&fbp=fb.1.1692470209876.246595969&it=1692470209622&coo=false&rqm=GET

Requested by

Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaataxconsult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 19 Aug 2023 18:36:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 widget.css
embed.typeform.com/next/css/ 1 KB
942 B 27ms
27ms Stylesheet
text/css 2600:9000:238d:d800:2:c605:29c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.typeform.com/next/css/widget.css

Requested by

Host: embed.typeform.com
URL: https://embed.typeform.com/next/embed.js?_=1692470209860

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:238d:d800:2:c605:29c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a33bed90f38a462dc4fb1193ac06d52cc9f3fc79a4c771dbd3bd31bf09973e04

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaataxconsult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: FuqiTFfcGTo_k11qIHqi9.0VUXouchow
content-encoding: gzip
via: 1.1 f89ae7540cfd7be6febf2f3e1ef03e18.cloudfront.net (CloudFront)
date: Sat, 19 Aug 2023 18:33:17 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: AMS1-P1
age: 213
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 26 Jul 2023 12:11:38 GMT
server: AmazonS3
etag: W/"d68a20bee483c491c576361fb55496f0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=0, must-revalidate
x-amz-cf-id: ss2xLFe4HT3lvndcVtnaaD8erb5vWgLhPJTO42KL21QpWNWS_H4pag==

GET
H2 200 cYYXFX6y Show response
form.typeform.com/to/ Frame 6367 195 KB
62 KB 488ms
225ms Document
text/html 35.153.215.196
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://form.typeform.com/to/cYYXFX6y?typeform-embed-id=6349614825946459&typeform-embed=embed-widget&typeform-source=gaataxconsult.com&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true

Requested by

Host: embed.typeform.com
URL: https://embed.typeform.com/next/embed.js?_=1692470209860

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.153.215.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-153-215-196.compute-1.amazonaws.com

Software

istio-envoy / 8131-7.81.1

Resource Hash

209f4b999af619d324b37cf0ac4850aa5cc1d3dd203fb0a08e662c1c7ae746a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://gaataxconsult.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-headers: X-Typeform-Key, Content-Type, Authorization, Typeform-Version, typeform-app
access-control-allow-methods: GET, OPTIONS, POST, PUT, PATCH, DELETE
access-control-expose-headers: Location, X-Request-Id
age: 772
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 61704
content-security-policy-report-only: report-uri https://typeformforms.report-uri.com/r/t/csp/reportOnly; default-src 'self' https: data: blob: chrome-extension: moz-extension: safari-extension:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https: data: blob:; script-src-attr 'unsafe-inline'; script-src-elem 'self' 'unsafe-inline' https:; worker-src 'self' blob:; manifest-src public-assets.typeform.com; form-action 'none'; frame-ancestors 'self' http://localhost:* capacitor: iconic: https:; base-uri 'self'; child-src wvjbscheme: https:; connect-src 'self' wss: https: chrome-extension: moz-extension: safari-extension:; style-src 'self' 'unsafe-inline' https:
content-type: text/html; charset=utf-8
date: Sat, 19 Aug 2023 18:36:50 GMT
pragma: no-cache
server: istio-envoy
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding
x-cache: HIT
x-cache-lookup: HIT
x-envoy-upstream-service-time: 0
x-powered-by: 8131-7.81.1
x-varnish: 131159707 130672783

GET
H2 200 large
images.typeform.com/images/HGHQT8x9Vjaf/background/ Frame 6367 111 KB
112 KB 140ms
58ms Image
image/png 2600:9000:224a:0:8:2495:5540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.typeform.com/images/HGHQT8x9Vjaf/background/large

Requested by

Host: form.typeform.com
URL: https://form.typeform.com/to/cYYXFX6y?typeform-embed-id=6349614825946459&typeform-embed=embed-widget&typeform-source=gaataxconsult.com&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:0:8:2495:5540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

92cf35ceeb7629a73d94d3aecd56ab48d166d162967f9274c6095bf409cc836e

Security Headers

Name	Value
Content-Security-Policy	script-src 'self'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.typeform.com/to/cYYXFX6y?typeform-embed-id=6349614825946459&typeform-embed=embed-widget&typeform-source=gaataxconsult.com&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 12:53:13 GMT
content-security-policy: script-src 'self'
via: 1.1 85ca8c4198fb707d10ecc2a784a315be.cloudfront.net (CloudFront), 1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7, DUS51-P1
age: 107017
x-amzn-requestid: 581af6f2-a325-47d8-a5ff-388ad1c4dc95
x-amzn-trace-id: Root=1-64df69b9-2194f9db0b6d003b40f69f74;Sampled=0;lineage=1e19b125:0
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1296000
x-amz-apigw-id: J210_F-6IAMFwaQ=
content-length: 113628
x-amz-cf-id: XgZSHJa1KoINhftZ-wm4FkQJhsDk-F0MNejyoB1U5SWWMBSW5hJehw==

GET
H2 200 default
images.typeform.com/images/vPA8suTq4YSA/image/ Frame 6367 57 KB
57 KB 113ms
31ms Image
image/jpeg 2600:9000:224a:0:8:2495:5540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.typeform.com/images/vPA8suTq4YSA/image/default

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:224a:0:8:2495:5540:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

3f90931d202074abe4b903d9cb3e988d4162c3d81f5699649797fa4b9192b97b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self'

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.typeform.com/to/cYYXFX6y?typeform-embed-id=6349614825946459&typeform-embed=embed-widget&typeform-source=gaataxconsult.com&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 12:53:13 GMT
content-security-policy: script-src 'self'
via: 1.1 0e358bffbd534852f8496b34da6ad3e4.cloudfront.net (CloudFront), 1.1 603f36cbe39a66d93949b80e7296dad4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7, DUS51-P1
age: 107017
x-amzn-requestid: 4ead22be-a507-4486-93ba-25fdb24ddd1b
x-amzn-trace-id: Root=1-64df69b9-1b4cfd5156a2dc8d52fe8903;Sampled=0;lineage=1e19b125:0
x-cache: Hit from cloudfront
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1296000
x-amz-apigw-id: J210_HEUoAMF0yA=
content-length: 58235
x-amz-cf-id: bKw7a2OBmGAhJQ8Q0gVzwySD8ii6YFVtFEEWlPwAk-dHZinzTQ0VZg==

GET
H2 200 modern-renderer.683e5adebd94cf02c61d.js Show response
renderer-assets.typeform.com/ Frame 6367 932 KB
277 KB 121ms
33ms Script
application/x-javascript 2600:9000:2104:8800:4:f6ce:61c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://renderer-assets.typeform.com/modern-renderer.683e5adebd94cf02c61d.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:8800:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

46ce792216c2dc29fb6916f55445b2721bdf65250a305805f3977fdcf2e2089c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://form.typeform.com/to/cYYXFX6y?typeform-embed-id=6349614825946459&typeform-embed=embed-widget&typeform-source=gaataxconsult.com&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true
Origin: https://form.typeform.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: ChmWxlVL2deUnd5PLU0baw_pifq.vamH
content-encoding: gzip
via: 1.1 3c5f93efb24b4927140dd52806f3d1e0.cloudfront.net (CloudFront)
date: Sat, 19 Aug 2023 13:09:35 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-amz-cf-pop: AMS1-C1
age: 64128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 17 Aug 2023 12:32:04 GMT
server: AmazonS3
etag: W/"f54f709953ae82e95bcc1b9c0e07a540"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cache-control: max-age=2419200
x-amz-cf-id: rYuATktUmkNzrkCN48J09sCOkmzNcFnLDRMko-cWMpjpyNhxxe0Ctg==

GET
H3 200 vendors~form~blocks-validation-phone_number.c4084deb03a503f57857.renderer.js Show response
renderer-assets.typeform.com/ Frame 6367 119 KB
31 KB 120ms
29ms Script
application/x-javascript 2600:9000:2104:8800:4:f6ce:61c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://renderer-assets.typeform.com/vendors~form~blocks-validation-phone_number.c4084deb03a503f57857.renderer.js

Requested by

Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.683e5adebd94cf02c61d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2104:8800:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9956057a5efbec89e62caaf9863ef0e92f2fd50061a28dfff635ff2d1ad4c881

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.typeform.com/to/cYYXFX6y?typeform-embed-id=6349614825946459&typeform-embed=embed-widget&typeform-source=gaataxconsult.com&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
x-amz-version-id: KU6qCnQ6CJBzA73JWs_QE66zr0Vzbttn
content-encoding: gzip
date: Sat, 19 Aug 2023 12:11:39 GMT
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
age: 64128
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 11 Aug 2023 11:47:27 GMT
server: AmazonS3
etag: W/"1f85d032e8d6f416fac644d156282dca"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2419200
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: Wx-iQgEGNWaI9IYdfRSWD1jmunFSD-qJqTrnxiNoI68qIzukFn0Wlw==

GET
H3 200 vendors~form.e18738dec08e2df194ee.renderer.js Show response
renderer-assets.typeform.com/ Frame 6367 218 KB
65 KB 124ms
33ms Script
application/x-javascript 2600:9000:2104:8800:4:f6ce:61c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://renderer-assets.typeform.com/vendors~form.e18738dec08e2df194ee.renderer.js

Requested by

Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.683e5adebd94cf02c61d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2104:8800:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

65ab88138addc28d874e25d1c3377151203e955745067e10d365199b0b08f197

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.typeform.com/to/cYYXFX6y?typeform-embed-id=6349614825946459&typeform-embed=embed-widget&typeform-source=gaataxconsult.com&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
x-amz-version-id: z1BWYELqHYK4jVhvaSCuUquspXWt3V4q
content-encoding: gzip
date: Sat, 19 Aug 2023 13:09:37 GMT
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
age: 19636
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 17 Aug 2023 12:32:04 GMT
server: AmazonS3
etag: W/"a2ecb6135b9a59127727ab34f0714409"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2419200
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: L8RcbXHHLAAr41x78WvX5LcfUYcqbR7gNf-69v8ol1eokHeWbC0mUg==

GET
H3 200 form.cbf7138b3cc312e88079.renderer.js Show response
renderer-assets.typeform.com/ Frame 6367 144 KB
42 KB 123ms
32ms Script
application/x-javascript 2600:9000:2104:8800:4:f6ce:61c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://renderer-assets.typeform.com/form.cbf7138b3cc312e88079.renderer.js

Requested by

Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/modern-renderer.683e5adebd94cf02c61d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2104:8800:4:f6ce:61c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

cb7ea7997cdc60138a2db106bd59a71f0e84b3e19b4b362d8e6a52406122c192

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.typeform.com/to/cYYXFX6y?typeform-embed-id=6349614825946459&typeform-embed=embed-widget&typeform-source=gaataxconsult.com&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains
x-amz-version-id: dRTWIlYQ_QxJijlM65FNjTXcdiE9UEE7
content-encoding: gzip
date: Sat, 19 Aug 2023 13:09:37 GMT
via: 1.1 e10153740ff95eb4d0c9f3172baeb43e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
age: 19636
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 17 Aug 2023 12:32:04 GMT
server: AmazonS3
etag: W/"1b8271fb2a0e01af95e468e0ef4ab367"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=2419200
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: vgh2B7jeQJFYmtHFzszUY8ECucFMdC5uvwRLMqxMgUt-9AnX2iZ5iQ==

GET default-firstframe.png
images.typeform.com/images/vPA8suTq4YSA/image/ Frame 6367 0
0

GET
DATA 200
OK truncated
/ Frame 6367 68 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 async-api.30bd804e-1.236.0.min.js Show response
js-agent.newrelic.com/ 3 KB
3 KB 68ms
20ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/async-api.30bd804e-1.236.0.min.js

Requested by

Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fa44ba5620fc182eb36d66b9dea560edeb23af9c3104647e39e2a4d3fabcf8cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaataxconsult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: 366JrVMQzTPfkja9KvKWB.1FAlNj2g2u
date: Sat, 19 Aug 2023 18:36:51 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: V160HEFG7EFECRX2
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2851
x-amz-id-2: 0eBKUdrxS14x6LgkTPCmMEB3l0LE6ZMWjtAG9L6qQRKf2HwTDauZumZ0lO0xzHb91rsrxkWwK2Y=
x-served-by: cache-fra-eddf8230109-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1692470211.281919,VS0,VE0
etag: "ce1527db8799a0ba1913b5c7b7f666aa"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 11

GET
H2 200 860.03a8b7a5-1.236.0.min.js Show response
js-agent.newrelic.com/ 14 KB
6 KB 68ms
21ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/860.03a8b7a5-1.236.0.min.js

Requested by

Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

38068c6216d8cd0ebd227e767dea7b85b17c68ee40a2b32c20cb879ea225d274

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaataxconsult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: iJSI6dlO2Ys6eX3e0ReqL6kXFai6YRCl
content-encoding: br
via: 1.1 varnish
date: Sat, 19 Aug 2023 18:36:51 GMT
strict-transport-security: max-age=300
x-amz-request-id: 2GTWHESMXE2S4H4J
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 5507
x-amz-id-2: nLBsGDQcGExwI+UkPGkpQBUVNS0b/DFDgLAQZfJmQyr8CFP8PwHdtWTTLlD6GaxD+RjwJy+Stpk=
x-served-by: cache-fra-eddf8230109-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1692470211.282167,VS0,VE0
etag: "5c2d33afe15ef1ea0f7dfd3d77677165"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1269

GET
H2 200 session-manager.2a64278a-1.236.0.min.js Show response
js-agent.newrelic.com/ 1 KB
2 KB 67ms
19ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/session-manager.2a64278a-1.236.0.min.js

Requested by

Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c902ff18c7858648be03999d4022c40d66ad694ae218ea4b1558e74703b854a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaataxconsult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: ur1tw3MWf2WErGuFKp0fYWjcNIfD4uOb
date: Sat, 19 Aug 2023 18:36:51 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: V16A1FCNY83AK894
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1387
x-amz-id-2: upYMIkDsSKQm716sJRiAZiA1Gcm46rhBIW9aR4KcluiHUzwt5sYZ1qhtDXdlsCvnTJifqO5cU7qsZcXYYhk3cw==
x-served-by: cache-fra-eddf8230109-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1692470211.281907,VS0,VE0
etag: "a097cb2068fb2d63e521cacf139c921d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 8

GET
H2 200 background.png Show response
gaataxconsult.com/images/ 118 B
345 B 191ms
190ms XHR
text/javascript 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gaataxconsult.com/images/background.png?_unique=0.839917112574369&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//gaataxconsult.com/welcome&_title=Free%20Tax%20Assessment%20%7C%20TRM%20CPA&_key=x77ud742&_page_key=30r7ap16sf0bvxv1&_fid=11730605&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://gaataxconsult.com/welcome&_referrer=
Requested by: Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash: 5974f3e14321d0ec1f7c319b096780b0216b0164285b48ed4fc33fdc828ef5da

Request headers

X-NewRelic-ID: UAYHVF5UCBAFUFRWAQMDUFc=
Referer: https://gaataxconsult.com/welcome
tracestate: 2882645@nr=0-1-4005870-601403195-9dbdc3c72e5903fe----1692470211232
traceparent: 00-1b14abb9b61e8686962fb1e9f9759400-9dbdc3c72e5903fe-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQwMDU4NzAiLCJhcCI6IjYwMTQwMzE5NSIsImlkIjoiOWRiZGMzYzcyZTU5MDNmZSIsInRyIjoiMWIxNGFiYjliNjFlODY4Njk2MmZiMWU5Zjk3NTk0MDAiLCJ0aSI6MTY5MjQ3MDIxMTIzMiwidGsiOiIyODgyNjQ1In19

Response headers

date: Sat, 19 Aug 2023 18:36:51 GMT
access-control-request-method: *
content-encoding: br
cf-cache-status: DYNAMIC
x-powered-by: Phusion Passenger Enterprise 6.0.7
status: 200 OK
x-request-id: 01df345aac56fbe4ec11a02a35ad1d3a
x-runtime: 0.015660
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, GET
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, private
cf-ray: 7f94812449d91e4e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
x-rack-cache: miss

POST
H2 200 view-form-open Show response
form.typeform.com/forms/cYYXFX6y/insights/events/v3/ Frame 6367 2 B
897 B 119ms
119ms Fetch
application/json 35.153.215.196
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://form.typeform.com/forms/cYYXFX6y/insights/events/v3/view-form-open

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.153.215.196 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-153-215-196.compute-1.amazonaws.com

Software

istio-envoy /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

Referer: https://form.typeform.com/to/cYYXFX6y?typeform-embed-id=6349614825946459&typeform-embed=embed-widget&typeform-source=gaataxconsult.com&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 19 Aug 2023 18:36:51 GMT
strict-transport-security: max-age=63072000; includeSubDomains
x-backend: papi
server: istio-envoy
access-control-allow-methods: GET, OPTIONS, POST, PUT, PATCH, DELETE
x-release: 5880977511
content-type: application/json
access-control-allow-origin: https://form.typeform.com
access-control-expose-headers: Location, X-Request-Id
x-envoy-upstream-service-time: 2
x-service: insights-3.0
x-commit-sha: 7648114292752d1d714a85d14eb999dfd3317daf
access-control-allow-headers: X-Typeform-Key, Content-Type, Authorization, Typeform-Version, typeform-app
content-length: 2
x-build-date: 2023-08-16T17:48:25+02:00

GET
H2 200 rudder-analytics.min.js Show response
cdn.rudderlabs.com/v1/ Frame 6367 467 KB
134 KB 505ms
432ms Script
text/javascript 2600:9000:243d:fa00:16:a497:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rudderlabs.com/v1/rudder-analytics.min.js
Requested by: Host: renderer-assets.typeform.com
URL: https://renderer-assets.typeform.com/vendors~form.e18738dec08e2df194ee.renderer.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:243d:fa00:16:a497:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e31fcd40a8a22729a399d91613e089c4420778068b944585008530dfe3ee2f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://form.typeform.com/to/cYYXFX6y?typeform-embed-id=6349614825946459&typeform-embed=embed-widget&typeform-source=gaataxconsult.com&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 18:36:52 GMT
content-encoding: gzip
via: 1.1 864867c878801fa3f01f9149934772e8.cloudfront.net (CloudFront)
last-modified: Mon, 29 May 2023 08:37:45 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P4
etag: W/"65c4d4ade45e1dcd64e310e0429062fd"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: asZ_P6NstTexcnVPu4vJTvVkht94iIVmhBehs0Y8YOnOdhpn8Dmu3A==

POST
H2 204 rum Show response
gaataxconsult.com/cdn-cgi/ 0
194 B 36ms
36ms XHR
text/plain 2606:4700::6810:fc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gaataxconsult.com/cdn-cgi/rum?

Requested by

Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:fc2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-NewRelic-ID: UAYHVF5UCBAFUFRWAQMDUFc=
tracestate: 2882645@nr=0-1-4005870-601403195-ab9938a6c6c19192----1692470211372
traceparent: 00-10f640592b6845850a6090d1b2308700-ab9938a6c6c19192-01
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjQwMDU4NzAiLCJhcCI6IjYwMTQwMzE5NSIsImlkIjoiYWI5OTM4YTZjNmMxOTE5MiIsInRyIjoiMTBmNjQwNTkyYjY4NDU4NTBhNjA5MGQxYjIzMDg3MDAiLCJ0aSI6MTY5MjQ3MDIxMTM3MiwidGsiOiIyODgyNjQ1In19
content-type: application/json
Referer: https://gaataxconsult.com/welcome

Response headers

date: Sat, 19 Aug 2023 18:36:51 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://gaataxconsult.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 7f9481251b481e4e-FRA

GET
H2 200 lazy-feature-loader.2f55ce66-1.236.0.min.js Show response
js-agent.newrelic.com/ 1 KB
1 KB 20ms
19ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/lazy-feature-loader.2f55ce66-1.236.0.min.js

Requested by

Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d9bafbaa07911d0596a806a1177da26c107f735052d28603bc5eb8fa0dc63b55

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaataxconsult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: SNNZ70_ndPBZM4f5drSRay_oJEEp97f5
date: Sat, 19 Aug 2023 18:36:51 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: V16FNAZW59HEFJG0
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1085
x-amz-id-2: pkfKdXF0ec9M5wmr/XnuOdiy3sJ9l2J8W0+mV18C4Y/E7ElWkyPmB6Zv+aJ4N+mCS9iq7HMT8b2lg2w+e+nWnw==
x-served-by: cache-fra-eddf8230109-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1692470212.596753,VS0,VE0
etag: "e43b565f398109176254b8a9394de5ba"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 11

GET
H2 200 148.1a20d5fe-1.236.0.min.js Show response
js-agent.newrelic.com/ 8 KB
8 KB 19ms
19ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/148.1a20d5fe-1.236.0.min.js

Requested by

Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3e89824dcd4a1d958c6972134bfc50e0c8e4a76d6b47569d14fd7cba455c1f7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaataxconsult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: ScUpW5z6XcbV4AsRwaGpjCwUtY9KtEdV
date: Sat, 19 Aug 2023 18:36:51 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: V16DR883D7PM3805
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 7826
x-amz-id-2: V+aas5/YiB8hULXvDfZhIsWW+TevCOkgVGk/Fj6tlHSP/nHDKK7wQoHIzNE/dowYKiIKBmcwbTA=
x-served-by: cache-fra-eddf8230109-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1692470212.619118,VS0,VE0
etag: "bed1f74897d091a7dfc2b06e8a1e29a3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 9

GET
H2 200 page_view_event-aggregate.06482edd-1.236.0.min.js Show response
js-agent.newrelic.com/ 11 KB
4 KB 21ms
21ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_event-aggregate.06482edd-1.236.0.min.js

Requested by

Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f1249e3503b8a12598e09882e9ded38155ac212298143dec459ce6820c6d3f37

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaataxconsult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: olBWVnN3KrZD.7AbCiVQ_LmF1ZBKIJEh
content-encoding: br
via: 1.1 varnish
date: Sat, 19 Aug 2023 18:36:51 GMT
strict-transport-security: max-age=300
x-amz-request-id: V16FEYSTFEDPYHC4
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4296
x-amz-id-2: H97fZQNmKZjDmD9s6oOERCRPM+eQfEYaPaxM4am5otyv9pCh6VzqGQl9ZFts5wWPUkATcktLtmE=
x-served-by: cache-fra-eddf8230109-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1692470212.619253,VS0,VE0
etag: "553d27144d4f9fbe7e31b802107a2071"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 10

GET
H2 200 page_view_timing-aggregate.bd6de33a-1.236.0.min.js Show response
js-agent.newrelic.com/ 15 KB
15 KB 21ms
21ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_view_timing-aggregate.bd6de33a-1.236.0.min.js

Requested by

Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

6dc5a41a72f6c1b4148d0629284183a4db42a28fef188ff4d55d5872d0ea3561

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaataxconsult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: 9W2va1QLSUaCTJ3OoHH2ZOYSIAKsuvOr
date: Sat, 19 Aug 2023 18:36:51 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: V166MSHRXDKAVVGE
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14879
x-amz-id-2: c6U0F1buvLoUbC7Go6OynO2vSuROf3WSt/D6YI1yr+0jsK94y9koc9qEWfBtaM47/YBf5Yf8NJA=
x-served-by: cache-fra-eddf8230109-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1692470212.619697,VS0,VE0
etag: "01e96e9ff5c360298d13581ad38e60a8"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 11

GET
H2 200 metrics-aggregate.3dc53903-1.236.0.min.js Show response
js-agent.newrelic.com/ 8 KB
3 KB 25ms
25ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/metrics-aggregate.3dc53903-1.236.0.min.js

Requested by

Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

11b4a5f186edf838f6e951559bef8aa85c686a83e0a226c5a82622da95e54307

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaataxconsult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: Z8jxLQfOXuFmYqpMJ60TDp7HscNrmk8O
content-encoding: br
via: 1.1 varnish
date: Sat, 19 Aug 2023 18:36:51 GMT
strict-transport-security: max-age=300
x-amz-request-id: V160X7JZ0EG0626C
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2987
x-amz-id-2: 5+0z6v9iOJAmzGseP7niEmvz+uxWao1VALb8NoZbCquSjddcdg/5b+W1EwLWyPB/uQ66j8dwtBs=
x-served-by: cache-fra-eddf8230109-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1692470212.620399,VS0,VE0
etag: "a912f1cb80b2d3cf15f10d9d022b6188"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1071

GET
H2 200 jserrors-aggregate.49e41428-1.236.0.min.js Show response
js-agent.newrelic.com/ 9 KB
4 KB 26ms
25ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/jserrors-aggregate.49e41428-1.236.0.min.js

Requested by

Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7662bd2cb7034d86dc4bdb707af33dd9ca3198a95d392067ee3c0c9ffaffdf0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaataxconsult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: .ACjr0HqA7HhCmbDNUQuLIwun1cgXyhg
content-encoding: br
via: 1.1 varnish
date: Sat, 19 Aug 2023 18:36:51 GMT
strict-transport-security: max-age=300
x-amz-request-id: V16FYZFMXCGTDG27
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3814
x-amz-id-2: mwgteez6x3yDx2YZm/5IjUnid5gI60+Qa+e0jCOSmE92j50WhHAejUGBsI77JWFl8CIlDnktHZw=
x-served-by: cache-fra-eddf8230109-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1692470212.620930,VS0,VE0
etag: "ea0f213ac446fa34c085f244b9573b9d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 913

GET
H2 200 ajax-aggregate.998ef92b-1.236.0.min.js Show response
js-agent.newrelic.com/ 7 KB
7 KB 26ms
25ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/ajax-aggregate.998ef92b-1.236.0.min.js

Requested by

Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fcb70cd5b8090d9144eeef2f1665608ee4fa67dab1fd167f49af074a42b9101e

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaataxconsult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: xVg3CmVvsRmAix36ZLYuy_uCZQf0TjpD
date: Sat, 19 Aug 2023 18:36:51 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: V160Q4MCNEPA0DWF
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 7044
x-amz-id-2: 4pXWnKuNBIz41lqSFIf5tsKV1P/qUi013lzcICPtzab00sHuhMEZy///R1KpVfpsKCYjZAw6vX4=
x-served-by: cache-fra-eddf8230109-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1692470212.621405,VS0,VE0
etag: "07e3c83179c7da2e2f464a72b084aacf"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1005

GET
H2 200 session_trace-aggregate.83105561-1.236.0.min.js Show response
js-agent.newrelic.com/ 12 KB
12 KB 36ms
36ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/session_trace-aggregate.83105561-1.236.0.min.js

Requested by

Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

d0d7c9c8e398100c60b41833292522f27b1e6b12c057442536ff98995d90f08c

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaataxconsult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: JP1nny3GAhH60lOAbY5zpQuuXGmtQF2W
date: Sat, 19 Aug 2023 18:36:51 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: V16EH4FX34YSCAAP
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 12146
x-amz-id-2: KmNhWc8I5iJnNq0ChwdCJEZrN6U9/HfEVBAcZH07DpJoA9YIkp9R2HXYN98dYcqTnC+W5zEkkS8=
x-served-by: cache-fra-eddf8230109-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1692470212.621792,VS0,VE0
etag: "4ef8d054860549421e884b3d2d74b83e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1155

GET
H2 200 page_action-aggregate.ac76d497-1.236.0.min.js Show response
js-agent.newrelic.com/ 5 KB
5 KB 38ms
38ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/page_action-aggregate.ac76d497-1.236.0.min.js

Requested by

Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0b09c565baa3b8d3de7ea5b132e22c0ed1bb8943ae83d1bff9421e62ae8d8800

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaataxconsult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: d39kPm7I27R6JP_9CC8D6A917GdgqR8V
date: Sat, 19 Aug 2023 18:36:51 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: V16ETB3SQ8RDG48R
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 4643
x-amz-id-2: 7B6KPpWlXRjWt491eJYd/RxIbU1+NFdezc6YFgBbxs0tzjbWueAY5nqCMMdn02DJLpb8NRE9EB0=
x-served-by: cache-fra-eddf8230109-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1692470212.622326,VS0,VE0
etag: "8862791debd0b259297a0ccf618932eb"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 1035

GET
H2 200 spa-aggregate.e6b09d52-1.236.0.min.js Show response
js-agent.newrelic.com/ 20 KB
21 KB 38ms
38ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/spa-aggregate.e6b09d52-1.236.0.min.js

Requested by

Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

167c7894014a33b184a658a4883c24c20bbd158dc04b7fef709f80a4bca6a7d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gaataxconsult.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: k3LNqXtDnYaGJRciEwS012KKWchlproy
date: Sat, 19 Aug 2023 18:36:51 GMT
via: 1.1 varnish
strict-transport-security: max-age=300
x-amz-request-id: V1600H0FQHVZS1H6
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 20843
x-amz-id-2: REepnSOeMxho2ZLiM3P6Of28yVpUanBl9XNRlLsr+8LFPWoIfDXKvl9imaTNqPVm6hdgUuAJXbU=
x-served-by: cache-fra-eddf8230109-FRA
last-modified: Tue, 27 Jun 2023 17:17:41 GMT
server: AmazonS3
x-timer: S1692470212.623014,VS0,VE0
etag: "27ef55ddf9eded9cf24ce8747e8bbe04"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 918

POST
H/1.1 200
OK NRJS-14b9fc0143e6570151a Show response
bam.nr-data.net/1/ 40 B
407 B 484ms
422ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/NRJS-14b9fc0143e6570151a?a=545462463&v=1.236.0&to=IgpZQUBdWF8DFEsXEQQXR1RVV0ccFgcDBxFOFUJXXltHWwMC&rst=2645&ck=0&s=bed1a44d62f7d156&ref=https://gaataxconsult.com/welcome&af=err,xhr,stn,ins,spa&ap=390&be=391&fe=1949&dc=485&perf=%7B%22timing%22:%7B%22of%22:1692470208994,%22n%22:0,%22dn%22:1,%22dne%22:177,%22c%22:177,%22s%22:197,%22ce%22:223,%22rq%22:223,%22rp%22:391,%22rpe%22:394,%22di%22:822,%22ds%22:824,%22de%22:876,%22dc%22:2233,%22l%22:2233,%22le%22:2340%7D,%22navigation%22:%7B%7D%7D&fp=551&fcp=551
Requested by: Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f

Request headers

Referer: https://gaataxconsult.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 19 Aug 2023 18:36:52 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://gaataxconsult.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 40
x-served-by: cache-fra-eddf8230043-FRA

POST
H/1.1 200
OK NRJS-14b9fc0143e6570151a Show response
bam.nr-data.net/events/1/ 24 B
346 B 129ms
128ms XHR
image/gif 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/events/1/NRJS-14b9fc0143e6570151a?a=545462463&v=1.236.0&to=IgpZQUBdWF8DFEsXEQQXR1RVV0ccFgcDBxFOFUJXXltHWwMC&rst=3152&ck=0&s=bed1a44d62f7d156&ref=https://gaataxconsult.com/welcome
Requested by: Host: gaataxconsult.com
URL: https://gaataxconsult.com/welcome
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer: https://gaataxconsult.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
content-type: text/plain

Response headers

date: Sat, 19 Aug 2023 18:36:52 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: image/gif
access-control-allow-origin: https://gaataxconsult.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 24
x-served-by: cache-fra-eddf8230043-FRA

GET
H2 200 / Show response
rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/ Frame 6367 610 B
744 B 124ms
123ms XHR
application/json 100.24.151.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/?p=cdn&v=1.33.0
Requested by: Host: form.typeform.com
URL: https://form.typeform.com/to/cYYXFX6y?typeform-embed-id=6349614825946459&typeform-embed=embed-widget&typeform-source=gaataxconsult.com&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.24.151.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-151-68.compute-1.amazonaws.com
Software: uvicorn /
Resource Hash: 1e1bfbb50209ae8693353623fab7eeeef5ae1c0ca5d128a40c3be54099e59028

Request headers

Referer: https://form.typeform.com/to/cYYXFX6y?typeform-embed-id=6349614825946459&typeform-embed=embed-widget&typeform-source=gaataxconsult.com&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true
accept-language: de-DE,de;q=0.9
Authorization: Basic MjJLTUZoSEpiY3pnR1cwZ0pWM1NCcnpCbE5lOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 19 Aug 2023 18:36:52 GMT
access-control-allow-credentials: true
server: uvicorn
content-length: 610
content-type: application/json

OPTIONS
H2 200 /
rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/ Frame 0
0 429ms
123ms Preflight
text/plain 100.24.151.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack-control-plane.cdp.prod.data.typeform.com/sourceConfig/?p=cdn&v=1.33.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.24.151.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-151-68.compute-1.amazonaws.com
Software: uvicorn /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://form.typeform.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: authorization
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://form.typeform.com
access-control-max-age: 600
content-length: 2
content-type: text/plain; charset=utf-8
date: Sat, 19 Aug 2023 18:36:52 GMT
server: uvicorn
vary: Origin

OPTIONS
H2 200 track
rudderstack.cdp.prod.data.typeform.com/v1/ Frame 0
0 365ms
111ms Preflight 18.204.46.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack.cdp.prod.data.typeform.com/v1/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.204.46.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-46-114.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://form.typeform.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://form.typeform.com
access-control-max-age: 900
content-length: 0
date: Sat, 19 Aug 2023 18:36:53 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 track Show response
rudderstack.cdp.prod.data.typeform.com/v1/ Frame 6367 2 B
157 B 184ms
184ms XHR
text/plain 18.204.46.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack.cdp.prod.data.typeform.com/v1/track
Requested by: Host: form.typeform.com
URL: https://form.typeform.com/to/cYYXFX6y?typeform-embed-id=6349614825946459&typeform-embed=embed-widget&typeform-source=gaataxconsult.com&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.204.46.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-46-114.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://form.typeform.com/to/cYYXFX6y?typeform-embed-id=6349614825946459&typeform-embed=embed-widget&typeform-source=gaataxconsult.com&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true
accept-language: de-DE,de;q=0.9
Authorization: Basic MjJLTUZoSEpiY3pnR1cwZ0pWM1NCcnpCbE5lOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
AnonymousId: MDQ0NDBjZjUtODQ2My00MTExLWE4NGMtMWZmNmIyZjJlMmNj
Content-Type: application/json

Response headers

access-control-allow-origin: https://form.typeform.com
date: Sat, 19 Aug 2023 18:36:53 GMT
access-control-allow-credentials: true
content-length: 2
vary: Origin
content-type: text/plain; charset=utf-8

OPTIONS
H2 200 track
rudderstack.cdp.prod.data.typeform.com/v1/ Frame 0
0 111ms
111ms Preflight 18.204.46.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack.cdp.prod.data.typeform.com/v1/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.204.46.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-46-114.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://form.typeform.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://form.typeform.com
access-control-max-age: 900
content-length: 0
date: Sat, 19 Aug 2023 18:36:53 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 track
rudderstack.cdp.prod.data.typeform.com/v1/ Frame 0
0 111ms
111ms Preflight 18.204.46.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack.cdp.prod.data.typeform.com/v1/track
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.204.46.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-46-114.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: anonymousid,authorization,content-type
Access-Control-Request-Method: POST
Origin: https://form.typeform.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Anonymousid, Authorization, Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://form.typeform.com
access-control-max-age: 900
content-length: 0
date: Sat, 19 Aug 2023 18:36:53 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 track Show response
rudderstack.cdp.prod.data.typeform.com/v1/ Frame 6367 2 B
157 B 120ms
119ms XHR
text/plain 18.204.46.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack.cdp.prod.data.typeform.com/v1/track
Requested by: Host: form.typeform.com
URL: https://form.typeform.com/to/cYYXFX6y?typeform-embed-id=6349614825946459&typeform-embed=embed-widget&typeform-source=gaataxconsult.com&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.204.46.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-46-114.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://form.typeform.com/to/cYYXFX6y?typeform-embed-id=6349614825946459&typeform-embed=embed-widget&typeform-source=gaataxconsult.com&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true
accept-language: de-DE,de;q=0.9
Authorization: Basic MjJLTUZoSEpiY3pnR1cwZ0pWM1NCcnpCbE5lOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
AnonymousId: MDQ0NDBjZjUtODQ2My00MTExLWE4NGMtMWZmNmIyZjJlMmNj
Content-Type: application/json

Response headers

access-control-allow-origin: https://form.typeform.com
date: Sat, 19 Aug 2023 18:36:53 GMT
access-control-allow-credentials: true
content-length: 2
vary: Origin
content-type: text/plain; charset=utf-8

POST
H2 200 track Show response
rudderstack.cdp.prod.data.typeform.com/v1/ Frame 6367 2 B
157 B 121ms
121ms XHR
text/plain 18.204.46.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rudderstack.cdp.prod.data.typeform.com/v1/track
Requested by: Host: form.typeform.com
URL: https://form.typeform.com/to/cYYXFX6y?typeform-embed-id=6349614825946459&typeform-embed=embed-widget&typeform-source=gaataxconsult.com&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.204.46.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-46-114.compute-1.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer: https://form.typeform.com/to/cYYXFX6y?typeform-embed-id=6349614825946459&typeform-embed=embed-widget&typeform-source=gaataxconsult.com&typeform-medium=snippet&typeform-medium-version=next&embed-opacity=100&typeform-embed-no-heading=true
accept-language: de-DE,de;q=0.9
Authorization: Basic MjJLTUZoSEpiY3pnR1cwZ0pWM1NCcnpCbE5lOg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
AnonymousId: MDQ0NDBjZjUtODQ2My00MTExLWE4NGMtMWZmNmIyZjJlMmNj
Content-Type: application/json

Response headers

access-control-allow-origin: https://form.typeform.com
date: Sat, 19 Aug 2023 18:36:53 GMT
access-control-allow-credentials: true
content-length: 2
vary: Origin
content-type: text/plain; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: track.addevent.com
URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=2796a151-eb09-486b-f5ba-6e24d3ad6ff3&url=https%3A%2F%2Fgaataxconsult.com%2Fwelcome&cache=1692470209807

Domain: images.typeform.com
URL: https://images.typeform.com/images/vPA8suTq4YSA/image/default-firstframe.png

Verdicts & Comments Add Verdict or Comment

265 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gaataxconsult.com/	1970-01-20 14:07:52	Name: __cf_bm Value: DaFBXWSmKMlGTPChS46YJcwWZyVV8x0Fs7y4MzWYgWI-1692470209-0-AYYRVnCAw0GJ0ntLNKu9DHzLcJS6U6rZa18jowS8Rw8TvuyXpuHVVH6bGjNtT+G/BVodykiddgc4ePaSiw7BO4IdPvdKzC1imFxO2UTS9S6B
.gaataxconsult.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 6IS3G.GX4LlOnUPku9rsriNOtO4FQ7T2svuBZzOkP6o-1692470209369-0-604800000
.clickfunnels.com/	1970-01-20 14:07:52	Name: __cf_bm Value: .dpyoWickw_GZ2OP6kFhtKz889b6U_o5.UHxYt0qdAg-1692470209-0-AUnbCddkoLrf/Ji8w8lqawTdk84o5PLzWwnQZJs2jGiMdHdzhIfzfNqe18Fx94Nq/q5ql0v6GefmvJ+jaqg2m+XfAocxNIbaLQwAGGg8+OIy
.clickfunnels.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 8wKQauxOCQj6euuthpx5mVzca0ybFXybTVu9Z3AXgzw-1692470209619-0-604800000
gaataxconsult.com/	1970-01-20 22:53:26	Name: addevent_track_cookie Value: 2796a151-eb09-486b-f5ba-6e24d3ad6ff3
gaataxconsult.com/	1970-01-20 22:53:26	Name: cf:aff_sub2 Value:
gaataxconsult.com/	1970-01-20 22:53:26	Name: cf:aff_sub3 Value:
gaataxconsult.com/	1970-01-20 22:53:26	Name: cf:aff_sub Value:
gaataxconsult.com/	1970-01-20 22:53:26	Name: cf:affiliate_id Value:
gaataxconsult.com/	1970-01-20 22:53:26	Name: cf:cf_affiliate_id Value:
gaataxconsult.com/	1970-01-20 22:53:26	Name: cf:content Value:
gaataxconsult.com/	1970-01-20 22:53:26	Name: cf:medium Value:
gaataxconsult.com/	1970-01-20 22:53:26	Name: cf:name Value:
gaataxconsult.com/	1970-01-20 22:53:26	Name: cf:source Value:
gaataxconsult.com/	1970-01-20 22:53:26	Name: cf:term Value:
gaataxconsult.com/	1970-01-20 22:53:26	Name: cf:NTI1MTM5NjU Value: :visited=true
gaataxconsult.com/	1970-01-20 22:53:26	Name: cf:visitor_id Value: 1c4e2d8c-d6b3-4cbe-a5f8-99feff190d80
.gaataxconsult.com/	1970-01-20 16:17:26	Name: _fbp Value: fb.1.1692470209876.246595969
.typeform.com/	1970-01-20 18:31:21	Name: tf_respondent_cc Value: {%22groups%22:[%222%22]%2C%22timestamp%22:%222023-08-19T18:36:51.189Z%22%2C%22implicitConsent%22:true}
.typeform.com/	1970-01-20 22:53:26	Name: attribution_user_id Value: 04ab7361-4325-44ff-b3a2-a09f32fa40ba
form.typeform.com/	1970-01-20 14:17:55	Name: AWSALBTGCORS Value: du6DtKHFWttWMehn/eORlasNtKtLanSn5oRjemBPkn9vzdaxJaKD0NNwpF/PK/4FTFTq3nk3M0uq4tw+fetZw03n7L1sefdVLd3Tnpdc9/fZbtTZoIy2mHjkvo00MQqz2kzljdnqYO3P0Uz9OdA3LMs3RKE6ATlMnpnpSGRpE+xF
gaataxconsult.com/	1969-12-31 23:59:59	Name: is_eu Value: true
gaataxconsult.com/	1970-01-20 22:53:26	Name: 30r7ap16sf0bvxv1 Value: true
gaataxconsult.com/	1970-01-20 22:53:26	Name: 11730605_viewed_1 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=2796a151-eb09-486b-f5ba-6e24d3ad6ff3&url=https%3A%2F%2Fgaataxconsult.com%2Fwelcome&cache=1692470209807 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.clickfunnels.com
assets.clickfunnels.com
bam.nr-data.net
cdn.rudderlabs.com
connect.facebook.net
embed.typeform.com
fonts.googleapis.com
fonts.gstatic.com
form.typeform.com
gaataxconsult.com
images.typeform.com
js-agent.newrelic.com
renderer-assets.typeform.com
rudderstack-control-plane.cdp.prod.data.typeform.com
rudderstack.cdp.prod.data.typeform.com
static.cloudflareinsights.com
track.addevent.com
use.fontawesome.com
www.facebook.com
images.typeform.com
track.addevent.com
100.24.151.68
151.101.194.137
162.247.243.29
18.204.46.114
2600:9000:2104:8800:4:f6ce:61c0:93a1
2600:9000:224a:0:8:2495:5540:93a1
2600:9000:238d:d800:2:c605:29c0:93a1
2600:9000:243d:fa00:16:a497:9700:93a1
2606:4700::6810:3965
2606:4700::6810:cc2
2606:4700::6810:fc2
2606:4700:e0::ac40:660b
2a00:1450:4001:828::2003
2a00:1450:4001:82f::200a
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
35.153.215.196
002a53dd1cf9e76d76936ad0c413a03296b0ef4931116370ddca0ac7fdf828b1
07cff711fe53ce041d6665be4fb42e794f0af1000fe73119efb1a923ef62ae06
0b09c565baa3b8d3de7ea5b132e22c0ed1bb8943ae83d1bff9421e62ae8d8800
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f
11b4a5f186edf838f6e951559bef8aa85c686a83e0a226c5a82622da95e54307
167c7894014a33b184a658a4883c24c20bbd158dc04b7fef709f80a4bca6a7d1
1cc0250b66c131a64227c22cff072af37adabb25eabfb05692ad5999e5c54d2b
1e1bfbb50209ae8693353623fab7eeeef5ae1c0ca5d128a40c3be54099e59028
209f4b999af619d324b37cf0ac4850aa5cc1d3dd203fb0a08e662c1c7ae746a2
38068c6216d8cd0ebd227e767dea7b85b17c68ee40a2b32c20cb879ea225d274
3e31fcd40a8a22729a399d91613e089c4420778068b944585008530dfe3ee2f1
3e89824dcd4a1d958c6972134bfc50e0c8e4a76d6b47569d14fd7cba455c1f7f
3f90931d202074abe4b903d9cb3e988d4162c3d81f5699649797fa4b9192b97b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46ce792216c2dc29fb6916f55445b2721bdf65250a305805f3977fdcf2e2089c
48008fe20e3485aeb233a6fd6b1d9d1e5940aac6d4013fac3b053021aa7ec12f
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5974f3e14321d0ec1f7c319b096780b0216b0164285b48ed4fc33fdc828ef5da
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
65ab88138addc28d874e25d1c3377151203e955745067e10d365199b0b08f197
6dc5a41a72f6c1b4148d0629284183a4db42a28fef188ff4d55d5872d0ea3561
7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d
7662bd2cb7034d86dc4bdb707af33dd9ca3198a95d392067ee3c0c9ffaffdf0e
90f6e5fa596da0ae7d0d5d5fef04f98ea73e1b6a178a78d8d04fc86c2762ff9a
92cf35ceeb7629a73d94d3aecd56ab48d166d162967f9274c6095bf409cc836e
9956057a5efbec89e62caaf9863ef0e92f2fd50061a28dfff635ff2d1ad4c881
9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570
a33bed90f38a462dc4fb1193ac06d52cc9f3fc79a4c771dbd3bd31bf09973e04
a696b734193371073510c87df68430499c2f424ad3f7be42f586dc6aff78567b
b1d198043c821530cb69153b3dd2b5abc3cd23e39fb9bce6fe2985c81167d252
bdb30bd9d9c4dbdc39ed3ebd82dc17b133650b8bfe9def8f5db56a8e5a953a15
c235f21017bcc11fcaa31d7dfd9855aaebcbf5f6d7ee9bf9f2e98a910907c391
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
c902ff18c7858648be03999d4022c40d66ad694ae218ea4b1558e74703b854a5
caec52356d28a445e7ad10d92d410b52fa537697b3b453ef1c01c65ec01ff86d
cb7ea7997cdc60138a2db106bd59a71f0e84b3e19b4b362d8e6a52406122c192
d0d7c9c8e398100c60b41833292522f27b1e6b12c057442536ff98995d90f08c
d9bafbaa07911d0596a806a1177da26c107f735052d28603bc5eb8fa0dc63b55
dd381edba22e18e9a5a6d70f5061a2df2aa601c586ff8ae6677a434404d05ede
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66
f1249e3503b8a12598e09882e9ded38155ac212298143dec459ce6820c6d3f37
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422
fa44ba5620fc182eb36d66b9dea560edeb23af9c3104647e39e2a4d3fabcf8cd
fcb70cd5b8090d9144eeef2f1665608ee4fa67dab1fd167f49af074a42b9101e

gaataxconsult.com Open in urlscan Pro 2606:4700::6810:fc2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

61 Requests

97 %HTTPS

71 %IPv6

13 Domains

19 Subdomains

18 IPs

2 Countries

1819 kBTransfer

5731 kBSize

24 Cookies

2 Outgoing links

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gaataxconsult.com Open in urlscan Pro
2606:4700::6810:fc2 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

97 %
HTTPS

71 %
IPv6

13
Domains

19
Subdomains

18
IPs

2
Countries

1819 kB
Transfer

5731 kB
Size

24
Cookies

61 HTTP transactions
1 data transactions