urlscan.io logo urlscan.io
SecurityTrails logo

clients.taxreductionlawyer.com Open in urlscan Pro
34.232.204.208  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://clients.taxreductionlawyer.com/
Effective URL: https://clients.taxreductionlawyer.com/login
Submission: On January 06 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 6 countries across 20 domains to perform 39 HTTP transactions. The main IP is 34.232.204.208, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is clients.taxreductionlawyer.com.
TLS certificate: Issued by Amazon on March 12th 2019. Valid for: a year.
This is the only time clients.taxreductionlawyer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 10 34.232.204.208 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 35.190.35.221 15169 (GOOGLE)
2 3 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
1 147.75.85.99 54825 (PACKET)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 143.204.101.106 16509 (AMAZON-02)
1 13.224.196.83 16509 (AMAZON-02)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
4 35.184.35.160 15169 (GOOGLE)
1 2 2a05:f500:11:... 14413 (LINKEDIN)
1 1 2a05:f500:10:... 14413 (LINKEDIN)
1 147.75.85.119 54825 (PACKET)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2600:9000:215... 16509 (AMAZON-02)
1 147.75.101.51 54825 (PACKET)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
1 151.101.14.110 54113 (FASTLY)
2 162.247.242.18 23467 (NEWRELIC-...)
39 22
10    34.232.204.208 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-232-204-208.compute-1.amazonaws.com
clients.taxreductionlawyer.com
2    2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
2    35.190.35.221 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 221.35.190.35.bc.googleusercontent.com
web-sdk.aptrinsic.com
3    2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a02:26f0:10c:399::3adf (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
sjs.bizographics.com
1    147.75.85.99 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-5
static.hotjar.com
2    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
2    2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
2    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    143.204.101.106 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-101-106.fra50.r.cloudfront.net
checkout.stripe.com
1    13.224.196.83 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-13-224-196-83.fra2.r.cloudfront.net
script.tapfiliate.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
1    2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
4    35.184.35.160 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 160.35.184.35.bc.googleusercontent.com
esp.aptrinsic.com
2    2a05:f500:11:101::b93f:9005 (Ireland)

ASN14413 (LINKEDIN - LinkedIn Corporation, US)
px.ads.linkedin.com
1    2a05:f500:10:101::b93f:9101 (Ireland)

ASN14413 (LINKEDIN - LinkedIn Corporation, US)
www.linkedin.com
1    147.75.85.119 (Parsippany, United States)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-2
script.hotjar.com
1    2606:4700:20::6819:4211 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
widget.getgist.com
2    2600:9000:2156:ca00:c:7018:1040:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
dyr2dbqz8u9mp.cloudfront.net
1    147.75.101.51 (Central, Hong Kong)

ASN54825 (PACKET - Packet Host, Inc., US)
PTR: pkt-ams-k1-7
vars.hotjar.com
1    2a00:1450:4001:815::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
1    2600:9000:2156:5a00:1a:3012:2940:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
d258lu9myqkejp.cloudfront.net
1    151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
js-agent.newrelic.com
2    162.247.242.18 (San Francisco, United States)

ASN23467 (NEWRELIC-AS-1 - New Relic, US)
PTR: bam-6.nr-data.net
bam.nr-data.net
Domain Requested by
10 clients.taxreductionlawyer.com 2 redirects clients.taxreductionlawyer.com
4 esp.aptrinsic.com clients.taxreductionlawyer.com
3 www.google-analytics.com 2 redirects www.googletagmanager.com
2 bam.nr-data.net clients.taxreductionlawyer.com
2 dyr2dbqz8u9mp.cloudfront.net clients.taxreductionlawyer.com
dyr2dbqz8u9mp.cloudfront.net
2 px.ads.linkedin.com 1 redirects clients.taxreductionlawyer.com
2 www.facebook.com clients.taxreductionlawyer.com
2 www.google.de clients.taxreductionlawyer.com
2 www.google.com 2 redirects
2 stats.g.doubleclick.net 2 redirects
2 web-sdk.aptrinsic.com clients.taxreductionlawyer.com
2 connect.facebook.net clients.taxreductionlawyer.com
connect.facebook.net
2 www.googletagmanager.com clients.taxreductionlawyer.com
1 js-agent.newrelic.com clients.taxreductionlawyer.com
1 d258lu9myqkejp.cloudfront.net clients.taxreductionlawyer.com
1 fonts.gstatic.com clients.taxreductionlawyer.com
1 vars.hotjar.com clients.taxreductionlawyer.com
1 widget.getgist.com 1 redirects
1 script.hotjar.com clients.taxreductionlawyer.com
1 www.linkedin.com 1 redirects
1 fonts.googleapis.com clients.taxreductionlawyer.com
1 script.tapfiliate.com clients.taxreductionlawyer.com
1 checkout.stripe.com clients.taxreductionlawyer.com
1 static.hotjar.com www.googletagmanager.com
1 sjs.bizographics.com www.googletagmanager.com
39 25

This site contains no links.

Subject Issuer Validity Valid
taxdome.com
Amazon		 2019-03-12 -
2020-04-12		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-12-06 -
2020-03-05		 3 months crt.sh
*.aptrinsic.com
GeoTrust RSA CA 2018		 2019-03-13 -
2021-03-21		 2 years crt.sh
js.bizographics.com
DigiCert SHA2 Secure Server CA		 2018-04-13 -
2020-04-17		 2 years crt.sh
static.hotjar.com
Let's Encrypt Authority X3		 2019-12-05 -
2020-03-04		 3 months crt.sh
www.google.de
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2019-11-08 -
2020-03-03		 4 months crt.sh
tapfiliate.com
Amazon		 2019-10-23 -
2020-11-23		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2019-05-29 -
2021-06-29		 2 years crt.sh
script.hotjar.com
Let's Encrypt Authority X3		 2019-12-05 -
2020-03-04		 3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
vars.hotjar.com
Let's Encrypt Authority X3		 2019-12-05 -
2020-03-04		 3 months crt.sh
*.google.com
GTS CA 1O1		 2019-12-03 -
2020-02-25		 3 months crt.sh
f4.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-04-10 -
2020-03-21		 a year crt.sh
*.nr-data.net
GeoTrust RSA CA 2018		 2018-01-11 -
2020-03-17		 2 years crt.sh

This page contains 3 frames:

Primary Page: https://clients.taxreductionlawyer.com/login
Frame ID: B3C91F981E7ECC37B903586AB3C372EE
Requests: 36 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-b736908ce6b0e933fad3a2e45df61b38.html
Frame ID: DB9CD10F72C7135C0A2F1661C9D55A1D
Requests: 1 HTTP requests in this frame

Frame: https://dyr2dbqz8u9mp.cloudfront.net/messenger/bundle-yzowmzi2m3.min.js
Frame ID: 62BC8A9B4D769C6BC983C38B40FFC087
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://clients.taxreductionlawyer.com/ HTTP 302
    http://clients.taxreductionlawyer.com/login HTTP 301
    https://clients.taxreductionlawyer.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

39
Requests

77 %
HTTPS

60 %
IPv6

20
Domains

25
Subdomains

22
IPs

6
Countries

1930 kB
Transfer

8390 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://clients.taxreductionlawyer.com/ HTTP 302
    http://clients.taxreductionlawyer.com/login HTTP 301
    https://clients.taxreductionlawyer.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1173956513&t=pageview&_s=1&dl=https%3A%2F%2Fclients.taxreductionlawyer.com%2Flogin&ul=en-us&de=UTF-8&dt=TaxDome&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=744839680&gjid=1505264224&cid=1940409205.1578327367&tid=UA-18458382-3&_gid=1733487910.1578327367&_r=1&gtm=2oic61&z=1799545348 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18458382-3&cid=1940409205.1578327367&jid=744839680&_gid=1733487910.1578327367&gjid=1505264224&_v=j79&z=1799545348 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18458382-3&cid=1940409205.1578327367&jid=744839680&_v=j79&z=1799545348 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18458382-3&cid=1940409205.1578327367&jid=744839680&_v=j79&z=1799545348&slf_rd=1&random=3063339529
Request Chain 9
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1173956513&t=pageview&_s=1&dl=https%3A%2F%2Fclients.taxreductionlawyer.com%2Flogin&ul=en-us&de=UTF-8&dt=TaxDome&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUAB~&jid=165465592&gjid=1775620211&cid=1940409205.1578327367&tid=UA-18458382-3&_gid=1733487910.1578327367&_r=1&gtm=2wgc61TM6437G&z=2139398820 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18458382-3&cid=1940409205.1578327367&jid=165465592&_gid=1733487910.1578327367&gjid=1775620211&_v=j79&z=2139398820 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18458382-3&cid=1940409205.1578327367&jid=165465592&_v=j79&z=2139398820 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18458382-3&cid=1940409205.1578327367&jid=165465592&_v=j79&z=2139398820&slf_rd=1&random=142417560
Request Chain 21
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1420801&url=https%3A%2F%2Fclients.taxreductionlawyer.com%2Flogin&time=1578327367225 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1420801%26url%3Dhttps%253A%252F%252Fclients.taxreductionlawyer.com%252Flogin%26time%3D1578327367225%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1420801&url=https%3A%2F%2Fclients.taxreductionlawyer.com%2Flogin&time=1578327367225&liSync=true
Request Chain 26
  • https://widget.getgist.com/ HTTP 302
  • https://dyr2dbqz8u9mp.cloudfront.net/gist-4a5c33e1cf.min.js

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
clients.taxreductionlawyer.com/
Redirect Chain
  • https://clients.taxreductionlawyer.com/
  • http://clients.taxreductionlawyer.com/login
  • https://clients.taxreductionlawyer.com/login
41 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://clients.taxreductionlawyer.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.204.208 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-232-204-208.compute-1.amazonaws.com
Software
nginx/1.13.8 /
Resource Hash
1872e4590ffde767aabd0c3ad3b59f25b224ea4276ddf0193e69fc850f5ce5a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
clients.taxreductionlawyer.com
:scheme
https
:path
/login
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
cookie
AWSALB=oF6zA/XFgw4oHldo+NMlBiNS5/TVltd0oT6S3d16ClV1KeKuL6vU0D7DAAcilWp3JFxXGUfTi1Za2YuB8fydnAYu1zWKDIKji7WeQuEz32eakhxsC7aCPSdSPnuK
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
date
Mon, 06 Jan 2020 16:16:06 GMT
content-type
text/html; charset=utf-8
set-cookie
AWSALB=KH3cODnXjKGHljgN/TtTQZmLCReHT6Exo6SnjdFsfdZXt8pOlg0Oq3x5JBnk3k/gx5YHKiWiOKO6vLRmxL1E3sYb60fk3gWOLBZtLdU2DD99gajEaeO24pzbtUi8; Expires=Mon, 13 Jan 2020 16:16:06 GMT; Path=/ _td_app_session=5ad39abd0a62cf3e48ab0288b3c6633b; domain=clients.taxreductionlawyer.com; path=/; secure; HttpOnly
server
nginx/1.13.8
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
referrer-policy
strict-origin-when-cross-origin
etag
W/"1872e4590ffde767aabd0c3ad3b59f25"
cache-control
max-age=0, private, must-revalidate
x-request-id
9670a782-33a0-4d32-ae90-8042e5844034
x-runtime
0.088235

Redirect headers

Date
Mon, 06 Jan 2020 16:16:06 GMT
Content-Type
text/html
Content-Length
185
Connection
keep-alive
Server
nginx/1.13.8
Location
https://clients.taxreductionlawyer.com/login
js
www.googletagmanager.com/gtag/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=
Requested by
Host: clients.taxreductionlawyer.com
URL: https://clients.taxreductionlawyer.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
57da12518216a63558d60784d7ccf682a7d2d0881808bda073fc3d5ce9887159
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://clients.taxreductionlawyer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:16:06 GMT
content-encoding
br
last-modified
Mon, 06 Jan 2020 15:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
27807
x-xss-protection
0
expires
Mon, 06 Jan 2020 16:16:06 GMT
gtm.js
www.googletagmanager.com/ 		72 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TM6437G
Requested by
Host: clients.taxreductionlawyer.com
URL: https://clients.taxreductionlawyer.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
84c9e8aeb1e79819fd1bc3589130343d5c943b6672dfee04aa6d56673b8fe63c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://clients.taxreductionlawyer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:16:06 GMT
content-encoding
br
last-modified
Mon, 06 Jan 2020 15:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
24462
x-xss-protection
0
expires
Mon, 06 Jan 2020 16:16:06 GMT
fbevents.js
connect.facebook.net/en_US/ 		126 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: clients.taxreductionlawyer.com
URL: https://clients.taxreductionlawyer.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://clients.taxreductionlawyer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
30426
x-xss-protection
0
pragma
public
x-fb-debug
kMw001vtk3gWVr5VMBSxUypAw31W0y3XgoRoc8Eyd16612dxnam2kTX6bCHl97OaOMzPDjRSxhn0imt00URpxA==
x-fb-trip-id
1850256238
date
Mon, 06 Jan 2020 16:16:06 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
aptrinsic.js
web-sdk.aptrinsic.com/api/ 		364 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web-sdk.aptrinsic.com/api/aptrinsic.js?a=AP-CKXYJOVHAI8N-2
Requested by
Host: clients.taxreductionlawyer.com
URL: https://clients.taxreductionlawyer.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.35.221 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
221.35.190.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
3eaea57e9e0ad5cb5fd17dc30e15076acae49715df0d2e963f177cfc43fbdad1

Request headers

Referer
https://clients.taxreductionlawyer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
public
date
Mon, 06 Jan 2020 16:16:06 GMT
content-encoding
gzip
last-modified
Wed, 25 Dec 2019 15:42:46 GMT
server
nginx
age
0
etag
W/"5e038376-5af2e"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=300,public
alt-svc
clear
content-length
120284
via
1.1 google
expires
Mon, 06 Jan 2020 16:21:06 GMT
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://clients.taxreductionlawyer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
2272
date
Mon, 06 Jan 2020 15:38:14 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Mon, 06 Jan 2020 17:38:14 GMT
353139908741297
connect.facebook.net/signals/config/ 		447 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/353139908741297?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
d6f301675910dbeaf332113367a02f287057fdc21c0df6a26712696b82dc49ac
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://clients.taxreductionlawyer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
qq7NVfkPMnPk5RNVdJef56CmqUpycr4zEhjPM1sMVszC7DgX3EDx6lp0eWrSvke8CkkgbmcKSkgNGCQRbG9YPw==
x-fb-trip-id
1850256238
date
Mon, 06 Jan 2020 16:16:06 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
insight.min.js
sjs.bizographics.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sjs.bizographics.com/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TM6437G
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:399::3adf , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer
https://clients.taxreductionlawyer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date
Mon, 06 Jan 2020 16:16:07 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Oct 2019 16:41:31 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=44021
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1576
hotjar-1466988.js
static.hotjar.com/c/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1466988.js?sv=5
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TM6437G
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.85.99 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-5
Software
openresty /
Resource Hash
cf017731018f52abcaa466dd6a44cd08abf5eb11501631ba3e5a4ad0f7fb7686
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://clients.taxreductionlawyer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:16:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript
section-io-tag
hotjar
age
0
status
200
access-control-max-age
600
section-io-cache
Miss
x-cache-hit
1
server
openresty
x-frame-options
SAMEORIGIN
etag
W/cecb453c8e4820d375be047f6e3b5b9f
vary
Accept-Encoding
section-io-origin-status
200
access-control-allow-origin
*
cache-control
max-age=60
section-io-origin-time-seconds
0.025
accept-ranges
bytes
section-io-id
9f2b50a7fe7735de2e499c7630ab2ddc
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1173956513&t=pageview&_s=1&dl=https%3A%2F%2Fclients.taxreductionlawyer.com%2Flogin&ul=en-us&de=UTF-8&dt=TaxDome&sd=24-bit&sr=1600x1200&vp=160...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18458382-3&cid=1940409205.1578327367&jid=744839680&_gid=1733487910.1578327367&gjid=1505264224&_v=j79&z=1799545348
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18458382-3&cid=1940409205.1578327367&jid=744839680&_v=j79&z=1799545348
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18458382-3&cid=1940409205.1578327367&jid=744839680&_v=j79&z=1799545348&slf_rd=1&random=3063339529
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18458382-3&cid=1940409205.1578327367&jid=744839680&_v=j79&z=1799545348&slf_rd=1&random=3063339529
Requested by
Host: clients.taxreductionlawyer.com
URL: https://clients.taxreductionlawyer.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://clients.taxreductionlawyer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Jan 2020 16:16:07 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Jan 2020 16:16:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18458382-3&cid=1940409205.1578327367&jid=744839680&_v=j79&z=1799545348&slf_rd=1&random=3063339529
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1173956513&t=pageview&_s=1&dl=https%3A%2F%2Fclients.taxreductionlawyer.com%2Flogin&ul=en-us&de=UTF-8&dt=TaxDome&sd=24-bit&sr=1600x1200&vp=160...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-18458382-3&cid=1940409205.1578327367&jid=165465592&_gid=1733487910.1578327367&gjid=1775620211&_v=j79&z=2139398820
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18458382-3&cid=1940409205.1578327367&jid=165465592&_v=j79&z=2139398820
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18458382-3&cid=1940409205.1578327367&jid=165465592&_v=j79&z=2139398820&slf_rd=1&random=142417560
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18458382-3&cid=1940409205.1578327367&jid=165465592&_v=j79&z=2139398820&slf_rd=1&random=142417560
Requested by
Host: clients.taxreductionlawyer.com
URL: https://clients.taxreductionlawyer.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://clients.taxreductionlawyer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 06 Jan 2020 16:16:07 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 06 Jan 2020 16:16:07 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-18458382-3&cid=1940409205.1578327367&jid=165465592&_v=j79&z=2139398820&slf_rd=1&random=142417560
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
static-d3790250.chunk.css
clients.taxreductionlawyer.com/packs/css/ 		74 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://clients.taxreductionlawyer.com/packs/css/static-d3790250.chunk.css
Requested by
Host: clients.taxreductionlawyer.com
URL: https://clients.taxreductionlawyer.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.204.208 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-232-204-208.compute-1.amazonaws.com
Software
nginx/1.13.8 /
Resource Hash
69d428d259b24c0a93e4b5495807454053dddd38de7043401fc6ff835dc1d1c5

Request headers

Referer
https://clients.taxreductionlawyer.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:16:06 GMT
content-encoding
gzip
last-modified
Sat, 04 Jan 2020 21:16:53 GMT
server
nginx/1.13.8
etag
"5e1100c5-38f4"
content-type
text/css
status
200
cache-control
max-age=315360000, public
content-length
14580
expires
Thu, 31 Dec 2037 23:55:55 GMT
checkout.js
checkout.stripe.com/ 		100 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkout.stripe.com/checkout.js
Requested by
Host: clients.taxreductionlawyer.com
URL: https://clients.taxreductionlawyer.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.106 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-101-106.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b8049906fd2682c7c7d711936e0d246ab2ae730d4ffc5798db50f15ae59ef771
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src 'self' https://api.stripe.com wss://verificator.stripe.com wss://verificator-main.stripe.com https://*.stripecdn.com https://errors.stripe.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js.stripe.com https://*.stripecdn.com https://stripecdn.com https://api.stripe.com https://maps.googleapis.com https://maps.gstatic.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.stripecdn.com; frame-src 'self' stripecheckout: bitcoin: https://*.stripecdn.com https://js.stripe.com; img-src * data:; font-src 'none'; media-src 'none'; object-src 'self' https://*.stripecdn.com;
Strict-Transport-Security max-age=31556926; includeSubDomains; preload

Request headers

Referer
https://clients.taxreductionlawyer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31556926; includeSubDomains; preload
content-encoding
gzip
age
60
x-cache
Hit from cloudfront
status
200
last-modified
Fri, 20 Dec 2019 22:45:56 GMT
server
AmazonS3
date
Mon, 06 Jan 2020 16:15:06 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
via
1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
cache-control
no-cache
content-security-policy
default-src 'self'; connect-src 'self' https://api.stripe.com wss://verificator.stripe.com wss://verificator-main.stripe.com https://*.stripecdn.com https://errors.stripe.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://js.stripe.com https://*.stripecdn.com https://stripecdn.com https://api.stripe.com https://maps.googleapis.com https://maps.gstatic.com; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.stripecdn.com; frame-src 'self' stripecheckout: bitcoin: https://*.stripecdn.com https://js.stripe.com; img-src * data:; font-src 'none'; media-src 'none'; object-src 'self' https://*.stripecdn.com;
x-amz-cf-pop
FRA50-C1
timing-allow-origin
*
x-amz-cf-id
FHsqganFcMYwRyAtULX6NtSm1A1lYs0cBv2nYdxkeJaJrMZrgnT2hg==
application-e1511a2cf042fcd1e994a74dd6df0f7f2e669c39e10ba5cd4024ded312b44aac.js
clients.taxreductionlawyer.com/assets/ 		107 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clients.taxreductionlawyer.com/assets/application-e1511a2cf042fcd1e994a74dd6df0f7f2e669c39e10ba5cd4024ded312b44aac.js
Requested by
Host: clients.taxreductionlawyer.com
URL: https://clients.taxreductionlawyer.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.204.208 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-232-204-208.compute-1.amazonaws.com
Software
nginx/1.13.8 /
Resource Hash
f2afaf8a0077eacfaf58e2d6beadf08610de47c4c512f9490c37dbb4b91a8112

Request headers

Referer
https://clients.taxreductionlawyer.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:16:06 GMT
content-encoding
gzip
last-modified
Sat, 04 Jan 2020 21:14:25 GMT
server
nginx/1.13.8
etag
"5e110031-2903"
content-type
application/javascript
status
200
cache-control
max-age=315360000, public
content-length
10499
expires
Thu, 31 Dec 2037 23:55:55 GMT
runtime~application-5bbcaabe43f55841ebb1.js
clients.taxreductionlawyer.com/packs/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clients.taxreductionlawyer.com/packs/js/runtime~application-5bbcaabe43f55841ebb1.js
Requested by
Host: clients.taxreductionlawyer.com
URL: https://clients.taxreductionlawyer.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.204.208 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-232-204-208.compute-1.amazonaws.com
Software
nginx/1.13.8 /
Resource Hash
7dfbca9f0a2f035654648a9075c3c602d2e7aeb490acefb7b71fc404aa204aed

Request headers

Referer
https://clients.taxreductionlawyer.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:16:06 GMT
content-encoding
gzip
last-modified
Sat, 04 Jan 2020 21:16:53 GMT
server
nginx/1.13.8
etag
"5e1100c5-311"
content-type
application/javascript
status
200
cache-control
max-age=315360000, public
content-length
785
expires
Thu, 31 Dec 2037 23:55:55 GMT
0-b71138f5f70bc9fb60d2.chunk.js
clients.taxreductionlawyer.com/packs/js/ 		111 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clients.taxreductionlawyer.com/packs/js/0-b71138f5f70bc9fb60d2.chunk.js
Requested by
Host: clients.taxreductionlawyer.com
URL: https://clients.taxreductionlawyer.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.204.208 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-232-204-208.compute-1.amazonaws.com
Software
nginx/1.13.8 /
Resource Hash
4e16d80a6cf02c5b6efbdb2002d771fc3134ce65f7bc6e1977c66760c219f415

Request headers

Referer
https://clients.taxreductionlawyer.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:16:07 GMT
content-encoding
gzip
last-modified
Sat, 04 Jan 2020 21:16:53 GMT
server
nginx/1.13.8
etag
"5e1100c5-8e99"
content-type
application/javascript
status
200
cache-control
max-age=315360000, public
content-length
36505
expires
Thu, 31 Dec 2037 23:55:55 GMT
1-2e109d1446c1ef20ae98.chunk.js
clients.taxreductionlawyer.com/packs/js/ 		280 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clients.taxreductionlawyer.com/packs/js/1-2e109d1446c1ef20ae98.chunk.js
Requested by
Host: clients.taxreductionlawyer.com
URL: https://clients.taxreductionlawyer.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.204.208 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-232-204-208.compute-1.amazonaws.com
Software
nginx/1.13.8 /
Resource Hash
21bd2cce466353ae707b08da1c6a2a9da7b87c8faa734ce1b1e38295250ff4d2

Request headers

Referer
https://clients.taxreductionlawyer.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:16:07 GMT
content-encoding
gzip
last-modified
Sat, 04 Jan 2020 21:16:53 GMT
server
nginx/1.13.8
etag
"5e1100c5-158b9"
content-type
application/javascript
status
200
cache-control
max-age=315360000, public
content-length
88249
expires
Thu, 31 Dec 2037 23:55:55 GMT
application-f9561742a4526bd2252b.chunk.js
clients.taxreductionlawyer.com/packs/js/ 		4 MB
907 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://clients.taxreductionlawyer.com/packs/js/application-f9561742a4526bd2252b.chunk.js
Requested by
Host: clients.taxreductionlawyer.com
URL: https://clients.taxreductionlawyer.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.204.208 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-232-204-208.compute-1.amazonaws.com
Software
nginx/1.13.8 /
Resource Hash
cb14d1755c550eb91902ca7ed96960a0e9c7b9fe72a722b857ea010f9f775e3d

Request headers

Referer
https://clients.taxreductionlawyer.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:16:07 GMT
content-encoding
gzip
last-modified
Sat, 04 Jan 2020 21:16:53 GMT
server
nginx/1.13.8
etag
"5e1100c5-e25d8"
content-type
application/javascript
status
200
cache-control
max-age=315360000, public
content-length
927192
expires
Thu, 31 Dec 2037 23:55:55 GMT
tapfiliate.js
script.tapfiliate.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.tapfiliate.com/tapfiliate.js
Requested by
Host: clients.taxreductionlawyer.com
URL: https://clients.taxreductionlawyer.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.224.196.83 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-13-224-196-83.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
728baba1702f6b4f2649f3796c839e3fd38c70afda3336aa791033de6f93ed13

Request headers

Referer
https://clients.taxreductionlawyer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 15:59:56 GMT
content-encoding
gzip
last-modified
Tue, 23 Jul 2019 12:31:48 GMT
server
AmazonS3
age
972
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
status
200
cache-control
max-age=1200, public
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
IwIkAqvmcNv0xzJ88qPCiiTwaVhSASfsa1ebcQA1caWPfCuFxhezmg==
via
1.1 3df1d6f6e1999cb29078ddff1a62bd1d.cloudfront.net (CloudFront)
/
www.facebook.com/tr/ 		44 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=353139908741297&ev=PageView&dl=https%3A%2F%2Fclients.taxreductionlawyer.com%2Flogin&rl=&if=false&ts=1578327366815&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1578327366815.1834441445&it=1578327366694&coo=false&rqm=GET
Requested by
Host: clients.taxreductionlawyer.com
URL: https://clients.taxreductionlawyer.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://clients.taxreductionlawyer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:16:07 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Mon, 06 Jan 2020 16:16:07 GMT
css
fonts.googleapis.com/ 		8 KB
777 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,700
Requested by
Host: clients.taxreductionlawyer.com
URL: https://clients.taxreductionlawyer.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
a8e72cf05f59059617b19f27f4079c463d28bff2aef2766f67d49bdfcb829b6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://clients.taxreductionlawyer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Mon, 06 Jan 2020 16:16:06 GMT
server
ESF
access-control-allow-origin
*
date
Mon, 06 Jan 2020 16:16:06 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Mon, 06 Jan 2020 16:16:06 GMT
AP-CKXYJOVHAI8N-2
esp.aptrinsic.com/rte/v1/configuration/ 		829 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://esp.aptrinsic.com/rte/v1/configuration/AP-CKXYJOVHAI8N-2
Requested by
Host: clients.taxreductionlawyer.com
URL: https://clients.taxreductionlawyer.com/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.184.35.160 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
160.35.184.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
0950eaacb66f02914205c5c597f688a09229e5aa2c2a0c97e9af2623f8d36ef3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://clients.taxreductionlawyer.com/
Origin
https://clients.taxreductionlawyer.com

Response headers

Pragma
no-cache
Date
Mon, 06 Jan 2020 16:16:07 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-Frame-Options
DENY
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://clients.taxreductionlawyer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Vary
Origin
X-XSS-Protection
1; mode=block
X-Application-Context
application:prod
Expires
0
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1420801&url=https%3A%2F%2Fclients.taxreductionlawyer.com%2Flogin&time=1578327367225
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D1420801%26url%3Dhttps%253A%252F%252Fclients.taxreductionlawyer.com%252Flogin%26ti...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1420801&url=https%3A%2F%2Fclients.taxreductionlawyer.com%2Flogin&time=1578327367225&liSync=true
0
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1420801&url=https%3A%2F%2Fclients.taxreductionlawyer.com%2Flogin&time=1578327367225&liSync=true
Requested by
Host: clients.taxreductionlawyer.com
URL: https://clients.taxreductionlawyer.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://clients.taxreductionlawyer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:16:08 GMT
content-encoding
gzip
server
Play
vary
Accept-Encoding
x-li-fabric
prod-lor1
status
200
x-li-proto
http/2
x-li-pop
prod-tln1
content-type
application/javascript
content-length
20
x-li-uuid
KrB2CGFY5xVgL1YENisAAA==

Redirect headers

date
Mon, 06 Jan 2020 16:16:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
302
x-li-pop
prod-efr5
content-length
20
x-li-uuid
6Lhk/GBY5xWQHg9iQisAAA==
pragma
no-cache
server
Play
x-frame-options
sameorigin
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
vary
Accept-Encoding
strict-transport-security
max-age=2592000
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=1420801&url=https%3A%2F%2Fclients.taxreductionlawyer.com%2Flogin&time=1578327367225&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob:; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
style.css
web-sdk.aptrinsic.com/ 		48 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://web-sdk.aptrinsic.com/style.css?a=AP-CKXYJOVHAI8N-2
Requested by
Host: clients.taxreductionlawyer.com
URL: https://clients.taxreductionlawyer.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.35.221 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
221.35.190.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
ed8f3e0cd2baf415549f524af358045cfcab46e287a98ccd3684160ea3937698

Request headers

Referer
https://clients.taxreductionlawyer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
public
date
Mon, 06 Jan 2020 16:16:07 GMT
content-encoding
gzip
last-modified
Tue, 03 Dec 2019 13:30:16 GMT
server
nginx
age
0
etag
W/"5de66368-bee2"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=300,public
alt-svc
clear
content-length
8669
via
1.1 google
expires
Mon, 06 Jan 2020 16:21:07 GMT
command
esp.aptrinsic.com/rte/v1/ 		49 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://esp.aptrinsic.com/rte/v1/command?v=AP-CKXYJOVHAI8N-2-1578327367285-14389999&ai=AP-CKXYJOVHAI8N-2-1578327367285-14389999&vt=0&p=AP-CKXYJOVHAI8N-2&s=AP-CKXYJOVHAI8N-2-1578327367286-38749772&et=sessionInitialized&rf&sc=https%3A%2F%2F&ho=clients.taxreductionlawyer.com&pa=%2Flogin&q&ha&sch=1200&scw=1600&pt=TaxDome&cb=1578327367288-2771
Requested by
Host: clients.taxreductionlawyer.com
URL: https://clients.taxreductionlawyer.com/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.184.35.160 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
160.35.184.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
d5f5fe7ec37e7baa1ac08526bc210b9723dc59b6d96026783f056a11a468799f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://clients.taxreductionlawyer.com/
Origin
https://clients.taxreductionlawyer.com

Response headers

Date
Mon, 06 Jan 2020 16:16:07 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-Frame-Options
DENY
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://clients.taxreductionlawyer.com
Cache-Control
no-cache
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Vary
Origin
X-XSS-Protection
1; mode=block
X-Application-Context
application:prod
log
esp.aptrinsic.com/rte/v1/error/ 		0
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://esp.aptrinsic.com/rte/v1/error/log
Requested by
Host: clients.taxreductionlawyer.com
URL: https://clients.taxreductionlawyer.com/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.184.35.160 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
160.35.184.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://clients.taxreductionlawyer.com/
Origin
https://clients.taxreductionlawyer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Pragma
no-cache
Date
Mon, 06 Jan 2020 16:16:07 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-Frame-Options
DENY
Access-Control-Allow-Origin
https://clients.taxreductionlawyer.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
X-XSS-Protection
1; mode=block
X-Application-Context
application:prod
Expires
0
modules.297b225e0b92ebb96f25.js
script.hotjar.com/ 		399 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.297b225e0b92ebb96f25.js
Requested by
Host: clients.taxreductionlawyer.com
URL: https://clients.taxreductionlawyer.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.85.119 Parsippany, United States, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-2
Software
/
Resource Hash
22c9a8794bf1aaa708de201b175d9646730455c0c1d93ee6aaccfc107c1c931b

Request headers

Referer
https://clients.taxreductionlawyer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:16:07 GMT
content-encoding
br
content-type
application/javascript
age
1475696
status
200
section-io-cache
Hit
content-length
71091
last-modified
Fri, 20 Dec 2019 14:18:08 GMT
etag
"7931ada42a878715cd638bda9c462ac3"
vary
Accept-Encoding
section-io-origin-status
200
access-control-allow-origin
*
cache-control
max-age=31536000
section-io-origin-time-seconds
0.023
accept-ranges
bytes
section-io-id
e9bb924d17c473fd877bae8431c32824
gist-4a5c33e1cf.min.js
dyr2dbqz8u9mp.cloudfront.net/
Redirect Chain
  • https://widget.getgist.com/
  • https://dyr2dbqz8u9mp.cloudfront.net/gist-4a5c33e1cf.min.js
161 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dyr2dbqz8u9mp.cloudfront.net/gist-4a5c33e1cf.min.js
Requested by
Host: clients.taxreductionlawyer.com
URL: https://clients.taxreductionlawyer.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:ca00:c:7018:1040:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c7f35abef2c78af39b1ba3058aa52426ea6c0a5e2b630a100f184d1bca730e99

Request headers

Referer
https://clients.taxreductionlawyer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 11:03:23 GMT
content-encoding
gzip
last-modified
Mon, 06 Jan 2020 10:59:15 GMT
server
AmazonS3
age
18765
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
qAmcZWqQ4NMv5e8p4FzkkEcy5sGxbk5MkYzMQUHAM4E1Huz93gphvA==
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)

Redirect headers

date
Mon, 06 Jan 2020 16:16:07 GMT
server
cloudflare
location
https://dyr2dbqz8u9mp.cloudfront.net/gist-4a5c33e1cf.min.js
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
status
302
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
550efea0893ac29a-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
box-b736908ce6b0e933fad3a2e45df61b38.html
vars.hotjar.com/ Frame DB9C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-b736908ce6b0e933fad3a2e45df61b38.html
Requested by
Host: clients.taxreductionlawyer.com
URL: https://clients.taxreductionlawyer.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.101.51 Central, Hong Kong, ASN54825 (PACKET - Packet Host, Inc., US),
Reverse DNS
pkt-ams-k1-7
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-b736908ce6b0e933fad3a2e45df61b38.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://clients.taxreductionlawyer.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://clients.taxreductionlawyer.com/

Response headers

status
200
date
Mon, 06 Jan 2020 16:16:07 GMT
content-type
text/html
content-length
808
last-modified
Tue, 17 Dec 2019 11:49:59 GMT
etag
"ed7551919779fd07dbfe6d776c643379"
cache-control
max-age=31536000
content-encoding
br
section-io-origin-status
200
section-io-origin-time-seconds
0.086
age
1657495
vary
Accept-Encoding
section-io-cache
Hit
accept-ranges
bytes
section-io-id
ea46f87ff2602a8cf1eb46968c7e1668
favicon.ico
clients.taxreductionlawyer.com/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://clients.taxreductionlawyer.com/favicon.ico
Requested by
Host: clients.taxreductionlawyer.com
URL: https://clients.taxreductionlawyer.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.204.208 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-232-204-208.compute-1.amazonaws.com
Software
nginx/1.17.4 /
Resource Hash
5a010f1ca00fc1b8a18d98aca814b4e4823e68a8416b15e6c0fe624f6343ed18

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://clients.taxreductionlawyer.com/login
Origin
https://clients.taxreductionlawyer.com

Response headers

date
Mon, 06 Jan 2020 16:16:07 GMT
last-modified
Sat, 04 Jan 2020 21:02:46 GMT
server
nginx/1.17.4
etag
"5e10fd76-3aee"
content-type
image/x-icon
status
200
accept-ranges
bytes
content-length
15086
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
fonts.gstatic.com/s/sourcesanspro/v13/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v13/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7lujVj9w.woff2
Requested by
Host: clients.taxreductionlawyer.com
URL: https://clients.taxreductionlawyer.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,700
Origin
https://clients.taxreductionlawyer.com

Response headers

date
Wed, 20 Nov 2019 04:42:53 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:19 GMT
server
sffe
age
4102394
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13324
x-xss-protection
0
expires
Thu, 19 Nov 2020 04:42:53 GMT
project_o3ylscva.txt
d258lu9myqkejp.cloudfront.net/projects/settings_data/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d258lu9myqkejp.cloudfront.net/projects/settings_data/project_o3ylscva.txt
Requested by
Host: clients.taxreductionlawyer.com
URL: https://clients.taxreductionlawyer.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:5a00:1a:3012:2940:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2c813afa42890a3cfface3729bab55c655f8926f4582a95b973d3cc9cdb782bf

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://clients.taxreductionlawyer.com/
Origin
https://clients.taxreductionlawyer.com

Response headers

date
Mon, 06 Jan 2020 16:16:09 GMT
content-encoding
gzip
last-modified
Mon, 06 Jan 2020 16:09:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
status
200
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
access-control-max-age
3000
x-cache
Miss from cloudfront
x-amz-cf-id
9u49o-aIljHsplzgxvgX_G-VVnn2YCqlAu0-lK7LaZU5OSx-nXCrVA==
via
1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
bundle-yzowmzi2m3.min.js
dyr2dbqz8u9mp.cloudfront.net/messenger/ Frame 62BC 		1 MB
306 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dyr2dbqz8u9mp.cloudfront.net/messenger/bundle-yzowmzi2m3.min.js
Requested by
Host: dyr2dbqz8u9mp.cloudfront.net
URL: https://dyr2dbqz8u9mp.cloudfront.net/gist-4a5c33e1cf.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:2156:ca00:c:7018:1040:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7ec30cafe79e0f5fb5d5ab15c4acd96ea58ad405b7a1644d53faf92a4e311086

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Fri, 03 Jan 2020 11:29:07 GMT
content-encoding
gzip
last-modified
Fri, 03 Jan 2020 11:07:58 GMT
server
AmazonS3
age
276421
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
max-age=31536000,public
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
vzlmefQybFf9eRh7lLWfwyfeXGE9_DoQ3gjuVvVKqB44aBp-mJaDow==
via
1.1 58bcd6f2e1bc29fb83f080f1743cfeca.cloudfront.net (CloudFront)
12db7734-1c61-45eb-891f-7f6ecad2ca3f
https://clients.taxreductionlawyer.com/ Frame 62BC 		46 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://clients.taxreductionlawyer.com/12db7734-1c61-45eb-891f-7f6ecad2ca3f
Requested by
Host: dyr2dbqz8u9mp.cloudfront.net
URL: https://dyr2dbqz8u9mp.cloudfront.net/messenger/bundle-yzowmzi2m3.min.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
df76dafabd6bd06047d838af2a30d4a67294178305ddf580a003e00b29c9a7f7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Length
47344
Content-Type
text/css
inapp
esp.aptrinsic.com/rte/v1/ 		0
381 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://esp.aptrinsic.com/rte/v1/inapp?v=AP-CKXYJOVHAI8N-2-1578327367285-14389999&ai=AP-CKXYJOVHAI8N-2-1578327367285-14389999&vt=0&p=AP-CKXYJOVHAI8N-2&s=AP-CKXYJOVHAI8N-2-1578327367286-38749772&cb=1578327368040-3713
Requested by
Host: clients.taxreductionlawyer.com
URL: https://clients.taxreductionlawyer.com/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.184.35.160 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
160.35.184.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://clients.taxreductionlawyer.com/
Origin
https://clients.taxreductionlawyer.com

Response headers

Date
Mon, 06 Jan 2020 16:16:08 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-Frame-Options
DENY
Access-Control-Allow-Origin
https://clients.taxreductionlawyer.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
X-XSS-Protection
1; mode=block
X-Application-Context
application:prod
/
www.facebook.com/tr/ 		44 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=353139908741297&ev=Microdata&dl=https%3A%2F%2Fclients.taxreductionlawyer.com%2Flogin&rl=&if=false&ts=1578327368320&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22TaxDome%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1578327366815.1834441445&it=1578327366694&coo=false&es=automatic&tm=3&rqm=GET
Requested by
Host: clients.taxreductionlawyer.com
URL: https://clients.taxreductionlawyer.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://clients.taxreductionlawyer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:16:08 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Mon, 06 Jan 2020 16:16:08 GMT
nr-spa-1158.min.js
js-agent.newrelic.com/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1158.min.js
Requested by
Host: clients.taxreductionlawyer.com
URL: https://clients.taxreductionlawyer.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f23cae2aad5f0e9b235bdc77e700f6fa80cb929c6de287cc9069ad946185e23b

Request headers

Referer
https://clients.taxreductionlawyer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Mon, 06 Jan 2020 16:16:08 GMT
content-encoding
gzip
x-amz-request-id
3D4575CA7FB3AF74
x-cache
HIT
status
200
content-length
13779
x-amz-id-2
HfTYDYWFAaW9VwhSu1ylxZRXdYIY8LoVvOm1vfCMdXWerC58CVeekULppTpqwvaeAAw1XpoCORg=
x-served-by
cache-fra19131-FRA
last-modified
Wed, 18 Dec 2019 00:24:15 GMT
server
AmazonS3
x-timer
S1578327368.464513,VS0,VE0
etag
"fd44bd873ae6cbbe691aec0e41f49977"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
2100
d41ef22d67
bam.nr-data.net/1/ 		57 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/1/d41ef22d67?a=139154831&v=1158.afc605b&to=cVZeTBANWglTRhkVBFAWXFcFC1gWGUdeDRY%3D&rst=2676&ref=https://clients.taxreductionlawyer.com/login&ap=67&be=934&fe=2587&dc=1907&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1578327365815,%22n%22:0,%22f%22:627,%22dn%22:627,%22dne%22:627,%22c%22:627,%22ce%22:627,%22rq%22:627,%22rp%22:828,%22rpe%22:932,%22dl%22:831,%22di%22:1907,%22ds%22:1907,%22de%22:1908,%22dc%22:2586,%22l%22:2586,%22le%22:2587%7D,%22navigation%22:%7B%7D%7D&fp=1958&fcp=2028&jsonp=NREUM.setToken
Requested by
Host: clients.taxreductionlawyer.com
URL: https://clients.taxreductionlawyer.com/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.18 San Francisco, United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-6.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer
https://clients.taxreductionlawyer.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type
text/javascript;charset=ISO-8859-1
Content-Length
57
Expires
Thu, 01 Jan 1970 00:00:00 GMT
d41ef22d67
bam.nr-data.net/events/1/ 		24 B
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bam.nr-data.net/events/1/d41ef22d67?a=139154831&v=1158.afc605b&to=cVZeTBANWglTRhkVBFAWXFcFC1gWGUdeDRY%3D&rst=12676&ref=https://clients.taxreductionlawyer.com/login
Requested by
Host: clients.taxreductionlawyer.com
URL: https://clients.taxreductionlawyer.com/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.247.242.18 San Francisco, United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-6.nr-data.net
Software
/
Resource Hash
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300

Request headers

Referer
https://clients.taxreductionlawyer.com/
Origin
https://clients.taxreductionlawyer.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
content-type
text/plain

Response headers

Access-Control-Allow-Origin
https://clients.taxreductionlawyer.com
Access-Control-Allow-Credentials
true
Content-Length
24
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

125 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| SENTRY_INIT_CONFIG function| gtag object| dataLayer function| fbq function| _fbq function| aptrinsic object| NREUM object| google_tag_manager string| GoogleAnalyticsObject function| ga string| _bizo_data_partner_id undefined| _bizo_data_partner_title undefined| _bizo_data_partner_domain undefined| _bizo_data_partner_company undefined| _bizo_data_partner_location undefined| _bizo_data_partner_employee_range undefined| _bizo_data_partner_sics undefined| _bizo_data_partner_email function| hj object| _hjSettings object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| newrelic function| __nr_require object| gon object| StripeCheckout object| StripeButton function| guideEditor object| ActionCable object| App object| Routes object| webpackJsonp function| lintrk boolean| _already_called_lintrk object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled function| setImmediate function| clearImmediate object| regeneratorRuntime object| __SENTRY__ string| TapfiliateObject function| tap object| gist object| s object| e object| urlParams boolean| favIconScriptLoad boolean| isFaviconPresent object| gtIpAddressDetails boolean| gtIpAddressAPIInitiateFlag boolean| gtFormSubmitStatus string| subDomain object| closedFormAjaxCallCount object| gtFixedElementDetails string| gtChatInterval string| identifyClearInterval string| gtLeadBotInterval boolean| gtPromptInitiated boolean| gtPersonCreated boolean| gtInitialScrollEvent boolean| notificationChatOpen string| gtPageOriginalTitle number| pageLoadTime object| gtProjectSetting string| officeHoursOnline boolean| trackPageViewCalled boolean| officeHoursInitiated boolean| chatPromptInitiated string| gtBrowserLanguage boolean| gtSegmentsCalled object| gtPersonSegmentsArray boolean| gtChatReadAtPageLoad string| kbSettings boolean| kbViewStatus object| convertLinkOptionSecretArray object| convertLinkOptionArray object| gtFormsData boolean| formOpenedViaClick boolean| chatiframeInitiated object| gtPromptDetails boolean| isChatHtmlRendered boolean| isQueryParamsCompleted boolean| isGtChatReady object| gtPageScrollPosition boolean| gtWindowResize number| gtUserType number| gtChatBottom number| gtChatRight object| gtChatLeft string| gtLauncherPosition string| gtWindowLocation boolean| gtPageIdeal boolean| gtReactChatIframeLoaded boolean| gtMobileCssLoaded object| gtLiveViewIntervals object| gtIdealIntervals object| defaultAllowedDomains string| gtAwsUrl function| Favico object| cfFavicon function| iframeContentLoad object| cfMath object| cfDefaultHost function| _cfVisualisationMode function| _cfFormView function| _cfIframeChat function| _formShowConditionPlugin function| _cfCommonFunctions boolean| cfAdBlockEnabled function| gtGist object| gtTemp object| convertfox object| gtGistReady object| initGistChat object| gtGistChatReady object| alreadyExecutedFunctions object| params object| tempThis string| cfChatAreaOpen object| liveForms

11 Cookies

Domain/Path Name / Value
clients.taxreductionlawyer.com/ Name: timezone_offset
Value: -60
.taxreductionlawyer.com/ Name: apt.sid
Value: AP-CKXYJOVHAI8N-2-1578327367286-38749772
.taxreductionlawyer.com/ Name: _fbp
Value: fb.1.1578327366815.1834441445
.taxreductionlawyer.com/ Name: _gat_UA-18458382-3
Value: 1
clients.taxreductionlawyer.com/ Name: AWSALB
Value: 8IxvAOT22xZNn4ZNtsKP5ejN09rKhWzNU9Dv+U5XsbEy2bZVSDM4A6eI4f/Gz1mDzlCUVhIHGeYZ2qR7f5aShgci+EeFUBeb5Cq8yXRYzURwqAflYEu5L9qVe7X2
.taxreductionlawyer.com/ Name: apt.uid
Value: AP-CKXYJOVHAI8N-2-1578327367285-14389999.0.0
.taxreductionlawyer.com/ Name: _gat_gtag_UA_18458382_3
Value: 1
.taxreductionlawyer.com/ Name: _gid
Value: GA1.2.1733487910.1578327367
.taxreductionlawyer.com/ Name: _ga
Value: GA1.2.1940409205.1578327367
.taxreductionlawyer.com/ Name: _hjid
Value: d82bc771-b346-4e2d-8a87-7fbf2c6ba536
.clients.taxreductionlawyer.com/ Name: _td_app_session
Value: 5ad39abd0a62cf3e48ab0288b3c6633b

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
checkout.stripe.com
clients.taxreductionlawyer.com
connect.facebook.net
d258lu9myqkejp.cloudfront.net
dyr2dbqz8u9mp.cloudfront.net
esp.aptrinsic.com
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
px.ads.linkedin.com
script.hotjar.com
script.tapfiliate.com
sjs.bizographics.com
static.hotjar.com
stats.g.doubleclick.net
vars.hotjar.com
web-sdk.aptrinsic.com
widget.getgist.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
13.224.196.83
143.204.101.106
147.75.101.51
147.75.85.119
147.75.85.99
151.101.14.110
162.247.242.18
2600:9000:2156:5a00:1a:3012:2940:21
2600:9000:2156:ca00:c:7018:1040:21
2606:4700:20::6819:4211
2a00:1450:4001:815::2003
2a00:1450:4001:81d::2004
2a00:1450:4001:821::2008
2a00:1450:4001:821::200e
2a00:1450:4001:824::200a
2a00:1450:4001:825::2003
2a00:1450:400c:c00::9b
2a02:26f0:10c:399::3adf
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:10:101::b93f:9101
2a05:f500:11:101::b93f:9005
34.232.204.208
35.184.35.160
35.190.35.221
0950eaacb66f02914205c5c597f688a09229e5aa2c2a0c97e9af2623f8d36ef3
0c9cf152a0ad00d4f102c93c613c104914be5517ac8f8e0831727f8bfbe8b300
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1872e4590ffde767aabd0c3ad3b59f25b224ea4276ddf0193e69fc850f5ce5a6
1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a
21bd2cce466353ae707b08da1c6a2a9da7b87c8faa734ce1b1e38295250ff4d2
22c9a8794bf1aaa708de201b175d9646730455c0c1d93ee6aaccfc107c1c931b
2c813afa42890a3cfface3729bab55c655f8926f4582a95b973d3cc9cdb782bf
3eaea57e9e0ad5cb5fd17dc30e15076acae49715df0d2e963f177cfc43fbdad1
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
4e16d80a6cf02c5b6efbdb2002d771fc3134ce65f7bc6e1977c66760c219f415
57da12518216a63558d60784d7ccf682a7d2d0881808bda073fc3d5ce9887159
5a010f1ca00fc1b8a18d98aca814b4e4823e68a8416b15e6c0fe624f6343ed18
69d428d259b24c0a93e4b5495807454053dddd38de7043401fc6ff835dc1d1c5
728baba1702f6b4f2649f3796c839e3fd38c70afda3336aa791033de6f93ed13
7dfbca9f0a2f035654648a9075c3c602d2e7aeb490acefb7b71fc404aa204aed
7ec30cafe79e0f5fb5d5ab15c4acd96ea58ad405b7a1644d53faf92a4e311086
84c9e8aeb1e79819fd1bc3589130343d5c943b6672dfee04aa6d56673b8fe63c
a8e72cf05f59059617b19f27f4079c463d28bff2aef2766f67d49bdfcb829b6e
b8049906fd2682c7c7d711936e0d246ab2ae730d4ffc5798db50f15ae59ef771
c7f35abef2c78af39b1ba3058aa52426ea6c0a5e2b630a100f184d1bca730e99
cb14d1755c550eb91902ca7ed96960a0e9c7b9fe72a722b857ea010f9f775e3d
cf017731018f52abcaa466dd6a44cd08abf5eb11501631ba3e5a4ad0f7fb7686
d5f5fe7ec37e7baa1ac08526bc210b9723dc59b6d96026783f056a11a468799f
d6f301675910dbeaf332113367a02f287057fdc21c0df6a26712696b82dc49ac
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
df76dafabd6bd06047d838af2a30d4a67294178305ddf580a003e00b29c9a7f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecf76895be1cf9e8b3edb254030e9c9c1d8f3c2efc1f9dc7e04ceff29eccae9c
ed8f3e0cd2baf415549f524af358045cfcab46e287a98ccd3684160ea3937698
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f23cae2aad5f0e9b235bdc77e700f6fa80cb929c6de287cc9069ad946185e23b
f2afaf8a0077eacfaf58e2d6beadf08610de47c4c512f9490c37dbb4b91a8112
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23