covid-19taxrecovery.com Open in urlscan Pro
91.191.214.162 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://covid-19taxrecovery.com/
Submission: On October 22 via api (October 22nd 2023, 5:32:27 am UTC) from JP — Scanned from JP

Summary HTTP 105 Redirects Behaviour Indicators

Summary

This website contacted 21 IPs in 3 countries across 19 domains to perform 105 HTTP transactions. The main IP is 91.191.214.162, located in Dallas, United States and belongs to HVC-AS, US. The main domain is covid-19taxrecovery.com.
TLS certificate: Issued by R3 on October 22nd 2023. Valid for: 3 months.

This is the only time covid-19taxrecovery.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
43	91.191.214.162 91.191.214.162	29802 (HVC-AS) (HVC-AS)
4	2404:6800:400... 2404:6800:4004:81e::200a	15169 (GOOGLE) (GOOGLE)
12	2404:6800:400... 2404:6800:4004:824::2003	15169 (GOOGLE) (GOOGLE)
19	2606:4700:20:... 2606:4700:20::ac43:4785	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2404:6800:400... 2404:6800:4004:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:bf59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:140b:1a0... 2600:140b:1a00:b::17c8:3708	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700::68... 2606:4700::6810:3865	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2606:4700:303... 2606:4700:3036::ac43:9b33	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:e5a3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:22e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:50ba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:cbcc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2404:6800:400... 2404:6800:4004:811::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f00f:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
1	2404:6800:400... 2404:6800:4004:81d::2002	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:818::2004	15169 (GOOGLE) (GOOGLE)
1	2404:6800:400... 2404:6800:4004:823::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f10... 2a03:2880:f10f:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
105	21

43 91.191.214.162 (Dallas, United States)

ASN29802 (HVC-AS, US)
PTR: deca.startertc.com

covid-19taxrecovery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4004:81e::200a (Australia)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2404:6800:4004:824::2003 (Australia)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2606:4700:20::ac43:4785 (United States)

ASN13335 (CLOUDFLARENET, US)

portal.ertcexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ertcexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4004:80f::200a (Australia)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:bf59 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:140b:1a00:b::17c8:3708 (Tokyo, Japan)

ASN20940 (AKAMAI-ASN1, NL)

acrobatservices.adobe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:3036::ac43:9b33 (United States)

ASN13335 (CLOUDFLARENET, US)

route.ertc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:e5a3 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsadspixel.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22e5 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:50ba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:cbcc (United States)

ASN13335 (CLOUDFLARENET, US)

api.hubapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:811::2008 (Australia)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f00f:8:face:b00c:0:1 (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:81d::2002 (Australia)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:818::2004 (Australia)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4004:823::2003 (Australia)

ASN15169 (GOOGLE, US)

www.google.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f10f:83:face:b00c:0:25de (Tokyo, Japan)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	covid-19taxrecovery.com covid-19taxrecovery.com	849 KB
19	ertcexpress.com portal.ertcexpress.com cdn.ertcexpress.com	745 KB
12	gstatic.com fonts.gstatic.com	265 KB
7	ertc.com route.ertc.com	14 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49 maps.googleapis.com — Cisco Umbrella Rank: 418	69 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	85 KB
2	adobe.com acrobatservices.adobe.com — Cisco Umbrella Rank: 345170	153 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	185 B
1	google.co.jp www.google.co.jp — Cisco Umbrella Rank: 22445	455 B
1	google.com www.google.com — Cisco Umbrella Rank: 2	455 B
1	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 45	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	80 KB
1	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2658	1 KB
1	hubapi.com api.hubapi.com — Cisco Umbrella Rank: 3870	1 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2519	21 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2528	20 KB
1	hsadspixel.net js.hsadspixel.net — Cisco Umbrella Rank: 3531	4 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1113	7 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2742	1 KB
105	19

	Domain	Requested by
43	covid-19taxrecovery.com	covid-19taxrecovery.com
16	cdn.ertcexpress.com	portal.ertcexpress.com cdn.ertcexpress.com
12	fonts.gstatic.com	fonts.googleapis.com
7	route.ertc.com	portal.ertcexpress.com cdn.ertcexpress.com
4	fonts.googleapis.com	covid-19taxrecovery.com portal.ertcexpress.com
3	portal.ertcexpress.com	covid-19taxrecovery.com cdn.ertcexpress.com
2	connect.facebook.net	js.hsadspixel.net connect.facebook.net
2	acrobatservices.adobe.com	portal.ertcexpress.com acrobatservices.adobe.com
2	maps.googleapis.com	portal.ertcexpress.com maps.googleapis.com
1	www.facebook.com
1	www.google.co.jp
1	www.google.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	www.googletagmanager.com	js.hsadspixel.net
1	track.hubspot.com
1	api.hubapi.com	cdn.ertcexpress.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hsadspixel.net	js.hs-scripts.com
1	static.cloudflareinsights.com	portal.ertcexpress.com
1	js.hs-scripts.com	portal.ertcexpress.com
105	21

This site contains no links.

Subject Issuer	Validity	Valid
covid-19taxrecovery.com R3	`2023-10-22` - `2024-01-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-17` - `2024-02-17`	a year	crt.sh
static.adobesigncdn.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-15` - `2024-04-14`	a year	crt.sh
ertc.com GTS CA 1P5	`2023-10-20` - `2024-01-18`	3 months	crt.sh
hubapi.com Cloudflare Inc ECC CA-3	`2023-04-07` - `2024-04-06`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-07-31` - `2023-10-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh
*.google.co.jp GTS CA 1C3	`2023-09-28` - `2023-12-21`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://covid-19taxrecovery.com/
Frame ID: 85DF043EF767B075119608BE25E5C1F9
Requests: 53 HTTP requests in this frame

Frame: https://portal.ertcexpress.com/lead-intake?&source=https://covid-19taxrecovery.com/
Frame ID: C17D2AA3B0ABC563965CF19746EBCAC7
Requests: 49 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Business Netwerx, LLC – Covid 19 Relief for Businesses

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Elementor (Landing Page Builders) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href=(?:"|')[^"']*elementor/assets
<link [^>]*href=(?:"|')[^"']*uploads/elementor/css

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

105
Requests

98 %
HTTPS

95 %
IPv6

19
Domains

21
Subdomains

21
IPs

3
Countries

2318 kB
Transfer

7250 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

105 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
covid-19taxrecovery.com/ 96 KB
19 KB 1835ms
916ms Document
text/html 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: ca6af30f771c29faf14116175ceeb54f11e6a922f1e4a7d9327a4d370a7750c1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 18996
Content-Type: text/html; charset=UTF-8
Date: Sun, 22 Oct 2023 05:32:20 GMT
Keep-Alive: timeout=3, max=100
Link: <https://covid-19taxrecovery.com/index.php/wp-json/>; rel="https://api.w.org/", <https://covid-19taxrecovery.com/index.php/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json", <https://covid-19taxrecovery.com/>; rel=shortlink
Referrer-Policy: no-referrer-when-downgrade
Server: Apache
Vary: Accept-Encoding
X-Pingback: https://covid-19taxrecovery.com/xmlrpc.php

GET
H/1.1 200
OK style.min.css
covid-19taxrecovery.com/wp-includes/css/dist/block-library/ 102 KB
14 KB 432ms
145ms Stylesheet
text/css 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:21 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 09 Aug 2023 12:15:56 GMT
Server: Apache
ETag: "19824-6027c710f59cb-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=99
Content-Length: 13841
Expires: Mon, 21 Oct 2024 05:32:21 GMT

GET
H/1.1 200
OK style.css
covid-19taxrecovery.com/wp-content/themes/twentytwentyone/ 153 KB
23 KB 450ms
150ms Stylesheet
text/css 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-content/themes/twentytwentyone/style.css?ver=1.7
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: f2f7f242fee995f68f1b40eacb9f27ce53d583abf960ed7069b60289a87dcb38

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:21 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 02 Nov 2022 03:17:12 GMT
Server: Apache
ETag: "2624b-5ec7446d0be00-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=100
Content-Length: 22792
Expires: Mon, 21 Oct 2024 05:32:21 GMT

GET
H/1.1 200
OK elementor-icons.min.css
covid-19taxrecovery.com/wp-content/plugins/elementor/assets/lib/eicons/css/ 19 KB
4 KB 445ms
140ms Stylesheet
text/css 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-content/plugins/elementor/assets/lib/eicons/css/elementor-icons.min.css?ver=5.20.0
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: a0c3e823a07498a845daa25db9e85afdb4a985866f00b4cf1518f363336cd030

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:21 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 24 May 2023 08:35:54 GMT
Server: Apache
ETag: "4bf3-5fc6c6468e6f2-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=100
Content-Length: 3992
Expires: Mon, 21 Oct 2024 05:32:21 GMT

GET
H/1.1 200
OK frontend-lite.min.css
covid-19taxrecovery.com/wp-content/plugins/elementor/assets/css/ 82 KB
11 KB 447ms
143ms Stylesheet
text/css 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-content/plugins/elementor/assets/css/frontend-lite.min.css?ver=3.13.3
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 22fbb5eff578438da0e7dac3f5613495aa7997f245952e11fa24e4ec085a1880

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:21 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 24 May 2023 08:35:54 GMT
Server: Apache
ETag: "1466c-5fc6c6467067b-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=100
Content-Length: 11141
Expires: Mon, 21 Oct 2024 05:32:21 GMT

GET
H/1.1 200
OK swiper.min.css
covid-19taxrecovery.com/wp-content/plugins/elementor/assets/lib/swiper/css/ 13 KB
3 KB 470ms
161ms Stylesheet
text/css 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-content/plugins/elementor/assets/lib/swiper/css/swiper.min.css?ver=5.3.6
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:21 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 24 May 2023 08:35:54 GMT
Server: Apache
ETag: "324c-5fc6c6469bdca-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=100
Content-Length: 2409
Expires: Mon, 21 Oct 2024 05:32:21 GMT

GET
H/1.1 200
OK post-5.css
covid-19taxrecovery.com/wp-content/uploads/elementor/css/ 1 KB
831 B 468ms
160ms Stylesheet
text/css 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-content/uploads/elementor/css/post-5.css?ver=1684942065
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 09ea064d0d74a5f579d8bd9f89993b77c512bceb089db62455bc9769c32097ba

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:21 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 24 May 2023 15:27:45 GMT
Server: Apache
ETag: "4a1-5fc7225450a27-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=100
Content-Length: 393
Expires: Mon, 21 Oct 2024 05:32:21 GMT

GET
H/1.1 200
OK frontend-lite.min.css
covid-19taxrecovery.com/wp-content/plugins/elementor-pro/assets/css/ 9 KB
2 KB 572ms
141ms Stylesheet
text/css 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-content/plugins/elementor-pro/assets/css/frontend-lite.min.css?ver=3.12.3
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: adfdeb4d7e4a5f5de6839a079fd8816135a5bcb6c6acb9e546ef4a66c62c18d4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:21 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 26 Apr 2023 16:28:16 GMT
Server: Apache
ETag: "235f-5fa3fba22d349-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=98
Content-Length: 1438
Expires: Mon, 21 Oct 2024 05:32:21 GMT

GET
H/1.1 200
OK global.css
covid-19taxrecovery.com/wp-content/uploads/elementor/css/ 39 KB
3 KB 588ms
143ms Stylesheet
text/css 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-content/uploads/elementor/css/global.css?ver=1684942065
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 9603078d83691c1cc2badd9655952460d4fcd62d78966655a00ad9eecb3eb016

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:21 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 24 May 2023 15:27:45 GMT
Server: Apache
ETag: "9d0f-5fc72254a3a46-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=99
Content-Length: 2828
Expires: Mon, 21 Oct 2024 05:32:21 GMT

GET
H/1.1 200
OK post-2.css
covid-19taxrecovery.com/wp-content/uploads/elementor/css/ 26 KB
3 KB 626ms
156ms Stylesheet
text/css 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-content/uploads/elementor/css/post-2.css?ver=1684942066
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: abc7d4f620aa5dafbc0477ad4113c68c2deb5289add3d68a632ce68da28dd0cc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:21 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 24 May 2023 15:27:46 GMT
Server: Apache
ETag: "694e-5fc722557ee13-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=99
Content-Length: 2735
Expires: Mon, 21 Oct 2024 05:32:21 GMT

GET
H2 200 css
fonts.googleapis.com/ 70 KB
3 KB 95ms
50ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CChivo%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAlmarai%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.3.2

Requested by

Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8e67594ad4af2d8ce12a9a539e57d842d8e2520cca79f018303c456aa12f97f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 22 Oct 2023 05:32:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 22 Oct 2023 05:32:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 22 Oct 2023 05:32:21 GMT

GET
H/1.1 200
OK fontawesome.min.css
covid-19taxrecovery.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 57 KB
13 KB 628ms
159ms Stylesheet
text/css 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/fontawesome.min.css?ver=5.15.3
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:21 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 24 May 2023 08:35:54 GMT
Server: Apache
ETag: "e238-5fc6c64691da2-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=99
Content-Length: 12582
Expires: Mon, 21 Oct 2024 05:32:21 GMT

GET
H/1.1 200
OK solid.min.css
covid-19taxrecovery.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/ 669 B
746 B 723ms
151ms Stylesheet
text/css 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:21 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 24 May 2023 08:35:54 GMT
Server: Apache
ETag: "29d-5fc6c64691da2-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=97
Content-Length: 309
Expires: Mon, 21 Oct 2024 05:32:21 GMT

GET
H/1.1 200
OK ERTC-LOGO.png
covid-19taxrecovery.com/wp-content/uploads/2023/02/ 15 KB
16 KB 738ms
153ms Image
image/png 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://covid-19taxrecovery.com/wp-content/uploads/2023/02/ERTC-LOGO.png
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: d6c6b4956a7df11934a1ae164470d441ba297ccc4b898a5614425162f321d180

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:21 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 20 Feb 2023 03:19:01 GMT
Server: Apache
ETag: "3c9a-5f5191fdc579a"
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=99
Content-Length: 15514
Expires: Mon, 21 Oct 2024 05:32:21 GMT

GET
H/1.1 200
OK widget-flip-box.min.css
covid-19taxrecovery.com/wp-content/plugins/elementor-pro/assets/css/ 8 KB
2 KB 691ms
152ms Stylesheet
text/css 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-content/plugins/elementor-pro/assets/css/widget-flip-box.min.css
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: d2c27793dfafc5f892933fb0ada6c22b49bd2b991bc19ebd1b7abdcede029de2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:21 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 26 Apr 2023 16:28:16 GMT
Server: Apache
ETag: "21df-5fa3fba22c791-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=99
Content-Length: 1289
Expires: Mon, 21 Oct 2024 05:32:21 GMT

GET
H/1.1 200
OK print.css
covid-19taxrecovery.com/wp-content/themes/twentytwentyone/assets/css/ 3 KB
1 KB 140ms
139ms Stylesheet
text/css 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-content/themes/twentytwentyone/assets/css/print.css?ver=1.7
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 3467f3eee5c95a86bb4992918b1368458185bf349949f862e6e3c5954fcd69f9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:22 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 12 Nov 2020 18:36:15 GMT
Server: Apache
ETag: "b51-5b3ed2fda25c0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=92
Content-Length: 1084
Expires: Mon, 21 Oct 2024 05:32:22 GMT

GET
BLOB 200
OK 23133b66-367e-4e5b-a121-c091cadd0a3a
https://covid-19taxrecovery.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://covid-19taxrecovery.com/23133b66-367e-4e5b-a121-c091cadd0a3a
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H/1.1 200
OK widget-icon-list.min.css
covid-19taxrecovery.com/wp-content/plugins/elementor/assets/css/ 10 KB
1 KB 154ms
153ms Stylesheet
text/css 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 76165601b100d2a490189d0521eb1fd9729f7008a75e359170b4b699c06c7d59

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:21 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 24 May 2023 08:35:54 GMT
Server: Apache
ETag: "26c1-5fc6c646748e3-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=98
Content-Length: 972
Expires: Mon, 21 Oct 2024 05:32:21 GMT

GET
H/1.1 200
OK bizcons-scaled-1-1-300x200.jpeg
covid-19taxrecovery.com/wp-content/uploads/2023/02/ 11 KB
11 KB 141ms
140ms Image
image/jpeg 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://covid-19taxrecovery.com/wp-content/uploads/2023/02/bizcons-scaled-1-1-300x200.jpeg
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 3d95841bd5ae6655a3c5ebe534fae99d5cb088aaf0b0916bbe62c7bbf1bb0388

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:21 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 20 Feb 2023 03:19:04 GMT
Server: Apache
ETag: "2a9a-5f51920092838"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=98
Content-Length: 10906
Expires: Mon, 21 Oct 2024 05:32:21 GMT

GET
H/1.1 200
OK design-firm-scaled-1-1-300x209.jpeg
covid-19taxrecovery.com/wp-content/uploads/2023/02/ 9 KB
10 KB 140ms
140ms Image
image/jpeg 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://covid-19taxrecovery.com/wp-content/uploads/2023/02/design-firm-scaled-1-1-300x209.jpeg
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 49cc70f01a24fa93d97dbb6568321be1296f84e6bc4552645f47c461c94c127f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:21 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 20 Feb 2023 03:19:05 GMT
Server: Apache
ETag: "2562-5f519201c98c3"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=98
Content-Length: 9570
Expires: Mon, 21 Oct 2024 05:32:21 GMT

GET
H/1.1 200
OK responsive-embeds.js Show response
covid-19taxrecovery.com/wp-content/themes/twentytwentyone/assets/js/ 1 KB
998 B 161ms
161ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-content/themes/twentytwentyone/assets/js/responsive-embeds.js?ver=1.7
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: c84b9432dad75b6cce98abcd62eecccc82cf4e293e92f80678d8d50bd1060cfe

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:22 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 17 Dec 2020 14:57:07 GMT
Server: Apache
ETag: "467-5b6aa349db6c0-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=96
Content-Length: 545
Expires: Mon, 21 Oct 2024 05:32:22 GMT

GET
H/1.1 200
OK webpack-pro.runtime.min.js Show response
covid-19taxrecovery.com/wp-content/plugins/elementor-pro/assets/js/ 5 KB
3 KB 162ms
161ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-content/plugins/elementor-pro/assets/js/webpack-pro.runtime.min.js?ver=3.12.3
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: e6ed06388b8a934651b5005f2ece104a979f56b5fa6203ef4a2d8ab0a60c07dd

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:22 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 26 Apr 2023 16:28:16 GMT
Server: Apache
ETag: "156d-5fa3fba2392b0-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=98
Content-Length: 2494
Expires: Mon, 21 Oct 2024 05:32:22 GMT

GET
H/1.1 200
OK webpack.runtime.min.js Show response
covid-19taxrecovery.com/wp-content/plugins/elementor/assets/js/ 5 KB
3 KB 162ms
161ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.13.3
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 070b7d89cff01806f23c0e4e10c5820955064ab7c451ae52ca1a4d0d65a770a1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:22 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 24 May 2023 08:35:54 GMT
Server: Apache
ETag: "135e-5fc6c6468d753-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=98
Content-Length: 2199
Expires: Mon, 21 Oct 2024 05:32:22 GMT

GET
H/1.1 200
OK jquery.min.js Show response
covid-19taxrecovery.com/wp-includes/js/jquery/ 85 KB
30 KB 332ms
332ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:22 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 09 Aug 2023 12:15:56 GMT
Server: Apache
ETag: "155ba-6027c7110cce2-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=97
Content-Length: 30343
Expires: Mon, 21 Oct 2024 05:32:22 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
covid-19taxrecovery.com/wp-includes/js/jquery/ 13 KB
5 KB 138ms
138ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:22 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 09 Aug 2023 12:15:56 GMT
Server: Apache
ETag: "3509-6027c7110d4b2-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=97
Content-Length: 4872
Expires: Mon, 21 Oct 2024 05:32:22 GMT

GET
H/1.1 200
OK frontend-modules.min.js Show response
covid-19taxrecovery.com/wp-content/plugins/elementor/assets/js/ 45 KB
14 KB 166ms
166ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-content/plugins/elementor/assets/js/frontend-modules.min.js?ver=3.13.3
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: db7be69d987d1cfaed5fa7ee93a3b4ede6f78a2817512e57b74fc74ef0fa69b6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:22 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 24 May 2023 08:35:54 GMT
Server: Apache
ETag: "b263-5fc6c646869f3-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=95
Content-Length: 13942
Expires: Mon, 21 Oct 2024 05:32:22 GMT

GET
H/1.1 200
OK wp-polyfill-inert.min.js Show response
covid-19taxrecovery.com/wp-includes/js/dist/vendor/ 8 KB
3 KB 162ms
162ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:22 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 30 Mar 2023 13:32:21 GMT
Server: Apache
ETag: "1feb-5f81e1f553f45-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=97
Content-Length: 2484
Expires: Mon, 21 Oct 2024 05:32:22 GMT

GET
H/1.1 200
OK regenerator-runtime.min.js Show response
covid-19taxrecovery.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 163ms
162ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:22 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 30 Mar 2023 13:32:21 GMT
Server: Apache
ETag: "19cf-5f81e1f554715-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=97
Content-Length: 2499
Expires: Mon, 21 Oct 2024 05:32:22 GMT

GET
H/1.1 200
OK wp-polyfill.min.js Show response
covid-19taxrecovery.com/wp-includes/js/dist/vendor/ 16 KB
6 KB 142ms
142ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:22 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 09 Aug 2023 12:15:56 GMT
Server: Apache
ETag: "3f12-6027c7110b18a-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=96
Content-Length: 5889
Expires: Mon, 21 Oct 2024 05:32:22 GMT

GET
H/1.1 200
OK hooks.min.js Show response
covid-19taxrecovery.com/wp-includes/js/dist/ 5 KB
2 KB 155ms
154ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:22 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 09 Aug 2023 12:15:56 GMT
Server: Apache
ETag: "1213-6027c71109a1a-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=96
Content-Length: 1567
Expires: Mon, 21 Oct 2024 05:32:22 GMT

GET
H/1.1 200
OK i18n.min.js Show response
covid-19taxrecovery.com/wp-includes/js/dist/ 9 KB
4 KB 156ms
154ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:22 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 09 Aug 2023 12:15:56 GMT
Server: Apache
ETag: "24e5-6027c71107ec2-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=94
Content-Length: 3692
Expires: Mon, 21 Oct 2024 05:32:22 GMT

GET
H/1.1 200
OK frontend.min.js Show response
covid-19taxrecovery.com/wp-content/plugins/elementor-pro/assets/js/ 24 KB
7 KB 161ms
160ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-content/plugins/elementor-pro/assets/js/frontend.min.js?ver=3.12.3
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 9c31a014c17b72f36eadba67add0dd225a238265895ba5729870f9ad469f0a95

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:22 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 26 Apr 2023 16:28:16 GMT
Server: Apache
ETag: "5f3c-5fa3fba2334f0-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=95
Content-Length: 6552
Expires: Mon, 21 Oct 2024 05:32:22 GMT

GET
H/1.1 200
OK waypoints.min.js Show response
covid-19taxrecovery.com/wp-content/plugins/elementor/assets/lib/waypoints/ 12 KB
3 KB 154ms
153ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-content/plugins/elementor/assets/lib/waypoints/waypoints.min.js?ver=4.0.2
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:22 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 24 May 2023 08:35:54 GMT
Server: Apache
ETag: "2fa6-5fc6c6469d53a-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=96
Content-Length: 2993
Expires: Mon, 21 Oct 2024 05:32:22 GMT

GET
H/1.1 200
OK core.min.js Show response
covid-19taxrecovery.com/wp-includes/js/jquery/ui/ 21 KB
7 KB 152ms
152ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:22 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 30 Mar 2023 13:32:21 GMT
Server: Apache
ETag: "53be-5f81e1f5575f5-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=96
Content-Length: 7099
Expires: Mon, 21 Oct 2024 05:32:22 GMT

GET
H/1.1 200
OK frontend.min.js Show response
covid-19taxrecovery.com/wp-content/plugins/elementor/assets/js/ 40 KB
12 KB 164ms
163ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-content/plugins/elementor/assets/js/frontend.min.js?ver=3.13.3
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 6b0a49e9aac3aaee72ee6a03c6331fd21c7316791eb38a92a75e1feccd1573fc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:22 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 24 May 2023 08:35:54 GMT
Server: Apache
ETag: "9eb1-5fc6c6468660b-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=96
Content-Length: 12211
Expires: Mon, 21 Oct 2024 05:32:22 GMT

GET
H/1.1 200
OK elements-handlers.min.js Show response
covid-19taxrecovery.com/wp-content/plugins/elementor-pro/assets/js/ 29 KB
7 KB 142ms
141ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-content/plugins/elementor-pro/assets/js/elements-handlers.min.js?ver=3.12.3
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 63aaa27a904bf63aa8c6e177abd2f389756b6ca2df27f9159c4564dcdb49bc6d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:22 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 26 Apr 2023 16:28:16 GMT
Server: Apache
ETag: "73c3-5fa3fba237370-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=93
Content-Length: 6893
Expires: Mon, 21 Oct 2024 05:32:22 GMT

GET
H/1.1 200
OK fa-solid-900.woff2
covid-19taxrecovery.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 76 KB
77 KB 142ms
139ms Font
application/font-woff2 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer: https://covid-19taxrecovery.com/wp-content/plugins/elementor/assets/lib/font-awesome/css/solid.min.css?ver=5.15.3
Origin: https://covid-19taxrecovery.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:22 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 24 May 2023 08:35:54 GMT
Server: Apache
ETag: "13174-5fc6c6469ae2a-gzip"
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: application/font-woff2
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=97
Expires: Mon, 21 Oct 2024 05:32:22 GMT

GET
H2 200 va9I4kzIxd1KFrBoQeM.woff2
fonts.gstatic.com/s/chivo/v18/ 30 KB
31 KB 49ms
7ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/chivo/v18/va9I4kzIxd1KFrBoQeM.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CRoboto+Slab%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CChivo%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CAlmarai%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap&ver=6.3.2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

64aa7a01c38e5f51aa6b7cd48decf2bd9ef228857df6ff47b0f58b38c1bdfc30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://covid-19taxrecovery.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 08:50:25 GMT
x-content-type-options: nosniff
age: 160917
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31216
x-xss-protection: 0
last-modified: Thu, 17 Nov 2022 15:51:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Oct 2024 08:50:25 GMT

GET
H2 200 tsstApxBaigK_hnnQ1iFow.woff2
fonts.gstatic.com/s/almarai/v12/ 46 KB
46 KB 48ms
6ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/almarai/v12/tsstApxBaigK_hnnQ1iFow.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a6bda3553569fc700de73f81edc96180d144db1e05a702bc9854dbe14961c5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://covid-19taxrecovery.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 00:58:49 GMT
x-content-type-options: nosniff
age: 189213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46804
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:10:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Oct 2024 00:58:49 GMT

GET
H2 200 tssoApxBaigK_hnnS-agtnqWow.woff2
fonts.gstatic.com/s/almarai/v12/ 47 KB
47 KB 51ms
10ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/almarai/v12/tssoApxBaigK_hnnS-agtnqWow.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b5a1116fedf74e888369da43f27b4ea6e21a7c5b3e3dde3227da6c21a2ef67c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://covid-19taxrecovery.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 06:34:14 GMT
x-content-type-options: nosniff
age: 82688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48004
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:29:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Oct 2024 06:34:14 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 46ms
5ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://covid-19taxrecovery.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 03:09:26 GMT
x-content-type-options: nosniff
age: 94976
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Oct 2024 03:09:26 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 38ms
4ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://covid-19taxrecovery.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 12:11:55 GMT
x-content-type-options: nosniff
age: 62427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Oct 2024 12:11:55 GMT

GET
H/1.1 200
OK easyertc-scaled-1-1.jpeg
covid-19taxrecovery.com/wp-content/uploads/2023/02/ 193 KB
193 KB 140ms
139ms Image
image/jpeg 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://covid-19taxrecovery.com/wp-content/uploads/2023/02/easyertc-scaled-1-1.jpeg
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/wp-content/uploads/elementor/css/post-2.css?ver=1684942066
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 92ebce4ec69d541063f847087b2d1427041dd58a56ae3eade2a4e6e5012652d6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/wp-content/uploads/elementor/css/post-2.css?ver=1684942066
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:22 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 20 Feb 2023 03:19:03 GMT
Server: Apache
ETag: "302ac-5f5191ffd58ca"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=95
Content-Length: 197292
Expires: Mon, 21 Oct 2024 05:32:22 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 20ms
9ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://covid-19taxrecovery.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 10:53:08 GMT
x-content-type-options: nosniff
age: 153554
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Oct 2024 10:53:08 GMT

GET
H/1.1 200
OK ownership-group-scaled-1-1-300x200.jpeg
covid-19taxrecovery.com/wp-content/uploads/2023/02/ 14 KB
14 KB 139ms
139ms Image
image/jpeg 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://covid-19taxrecovery.com/wp-content/uploads/2023/02/ownership-group-scaled-1-1-300x200.jpeg
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 771730781accfc4376e3659f8785f1a4c3bc9b2423b846968c340febf63ba5f9

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:22 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 20 Feb 2023 03:19:06 GMT
Server: Apache
ETag: "3773-5f519202c38bf"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=95
Content-Length: 14195
Expires: Mon, 21 Oct 2024 05:32:22 GMT

GET
H/1.1 200
OK smallrestaurant-1-300x200.jpeg
covid-19taxrecovery.com/wp-content/uploads/2023/02/ 20 KB
20 KB 160ms
160ms Image
image/jpeg 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://covid-19taxrecovery.com/wp-content/uploads/2023/02/smallrestaurant-1-300x200.jpeg
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: ed508990efc3630ba5d70d90a54d3fa408ba901a756e7a79aa7cb2aa93e7ab6b

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:22 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 20 Feb 2023 03:19:07 GMT
Server: Apache
ETag: "4f1c-5f519203b7713"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=94
Content-Length: 20252
Expires: Mon, 21 Oct 2024 05:32:22 GMT

GET
H/1.1 200
OK educational-1-300x200.jpg
covid-19taxrecovery.com/wp-content/uploads/2023/02/ 17 KB
17 KB 140ms
139ms Image
image/jpeg 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://covid-19taxrecovery.com/wp-content/uploads/2023/02/educational-1-300x200.jpg
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: bf0d2fbc27d54a1df417599f2d14039a7fcd0df06803036e7bedcc7aa48f83b5

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:22 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 20 Feb 2023 03:19:07 GMT
Server: Apache
ETag: "42a4-5f519203eb332"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=95
Content-Length: 17060
Expires: Mon, 21 Oct 2024 05:32:22 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 5ms
2ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://covid-19taxrecovery.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 11:39:39 GMT
x-content-type-options: nosniff
age: 409963
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Oct 2024 11:39:39 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 6ms
3ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://covid-19taxrecovery.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 18:17:50 GMT
x-content-type-options: nosniff
age: 40472
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Oct 2024 18:17:50 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
covid-19taxrecovery.com/wp-includes/js/ 18 KB
5 KB 158ms
158ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.2
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:22 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Thu, 30 Mar 2023 13:32:21 GMT
Server: Apache
ETag: "4904-5f81e1f55626d-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=93
Content-Length: 5039
Expires: Mon, 21 Oct 2024 05:32:22 GMT

GET
H/1.1 200
OK text-editor.2c35aafbe5bf0e127950.bundle.min.js Show response
covid-19taxrecovery.com/wp-content/plugins/elementor/assets/js/ 1 KB
1 KB 154ms
154ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-content/plugins/elementor/assets/js/text-editor.2c35aafbe5bf0e127950.bundle.min.js
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.13.3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: c5354cf09ffa00326e1e3f941eceb22c2ef542798a3bd1b6b223a6b4ea5f65c4

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:22 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 24 May 2023 08:35:54 GMT
Server: Apache
ETag: "550-5fc6c6468c7b3-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=95
Content-Length: 665
Expires: Mon, 21 Oct 2024 05:32:22 GMT

GET
H/1.1 200
OK Boardroom-header-scaled-1-1.jpeg
covid-19taxrecovery.com/wp-content/uploads/2023/02/ 271 KB
271 KB 140ms
139ms Image
image/jpeg 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://covid-19taxrecovery.com/wp-content/uploads/2023/02/Boardroom-header-scaled-1-1.jpeg
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: e6105ad2f6c3e71e41e51ec5f4e1f7e70d27847c16d531d41973774089268fec

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:22 GMT
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Mon, 20 Feb 2023 03:19:01 GMT
Server: Apache
ETag: "43a59-5f5191fdd8462"
Content-Type: image/jpeg
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=94
Content-Length: 277081
Expires: Mon, 21 Oct 2024 05:32:22 GMT

GET
H/1.1 200
OK toggle.31881477c45ff5cf9d4d.bundle.min.js Show response
covid-19taxrecovery.com/wp-content/plugins/elementor/assets/js/ 4 KB
2 KB 142ms
141ms Script
application/x-javascript 91.191.214.162
HVC-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://covid-19taxrecovery.com/wp-content/plugins/elementor/assets/js/toggle.31881477c45ff5cf9d4d.bundle.min.js
Requested by: Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/wp-content/plugins/elementor/assets/js/webpack.runtime.min.js?ver=3.13.3
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 91.191.214.162 Dallas, United States, ASN29802 (HVC-AS, US),
Reverse DNS: deca.startertc.com
Software: Apache /
Resource Hash: cf6653c72c7aa6cbbbe4ed0b4713a48a8bf9c80c6cbbb7284a9e4889dc97897e

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://covid-19taxrecovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Sun, 22 Oct 2023 05:32:22 GMT
Content-Encoding: gzip
Referrer-Policy: no-referrer-when-downgrade
Last-Modified: Wed, 24 May 2023 08:35:54 GMT
Server: Apache
ETag: "eba-5fc6c6468cb9b-gzip"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=3, max=91
Content-Length: 1401
Expires: Mon, 21 Oct 2024 05:32:22 GMT

GET
H2 200 lead-intake Show response
portal.ertcexpress.com/ Frame C17D 4 KB
2 KB 589ms
555ms Document
text/html 2606:4700:20::ac43:4785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.ertcexpress.com/lead-intake?&source=https://covid-19taxrecovery.com/

Requested by

Host: covid-19taxrecovery.com
URL: https://covid-19taxrecovery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e3c396b628167bd2a632101eac961971b856090af709508a5c506d99bbd5484

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	0

Request headers

Referer: https://covid-19taxrecovery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

access-control-allow-origin: *
cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 819f5c05db3fafd3-NRT
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 22 Oct 2023 05:32:23 GMT
expect-ct: max-age=0
last-modified: Tue, 17 Oct 2023 21:30:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ByqmWb9HgRtE1qvRIf9EysAXgu6ifwhhMRHVhDR%2BXV%2BUISkRPF5FuosErguiMTsoYoHouUmzghREULLKU3DCM2NFST8G0WuRVuU0InwtievnoYhMXtIL4no%2FPVqY7usjYGphV3U2oh3YmAN019%2BVbAtHurU%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: ALLOWALL
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame C17D 27 KB
1 KB 44ms
40ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: portal.ertcexpress.com
URL: https://portal.ertcexpress.com/lead-intake?&source=https://covid-19taxrecovery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 22 Oct 2023 05:32:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 22 Oct 2023 05:13:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 22 Oct 2023 05:32:23 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame C17D 7 KB
722 B 43ms
41ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;600;700&display=swap

Requested by

Host: portal.ertcexpress.com
URL: https://portal.ertcexpress.com/lead-intake?&source=https://covid-19taxrecovery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f54b99785acc4da20eed75eb0bf1505a4c155f1234a5fd315b0be963536220f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 22 Oct 2023 05:32:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 22 Oct 2023 05:06:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 22 Oct 2023 05:32:23 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame C17D 434 B
403 B 44ms
43ms Stylesheet
text/css 2404:6800:4004:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Homemade+Apple&display=swap

Requested by

Host: portal.ertcexpress.com
URL: https://portal.ertcexpress.com/lead-intake?&source=https://covid-19taxrecovery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81e::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a49078732b54fb2767d28ce73ac556b84d43dbbe8ffcabcd33e45ce423c42c63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 22 Oct 2023 05:32:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 22 Oct 2023 05:28:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 22 Oct 2023 05:32:23 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ Frame C17D 190 KB
64 KB 142ms
83ms Script
text/javascript 2404:6800:4004:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBWoHM2_MNc0jsu215pBfJOo0rOjmh3TPM&libraries=places

Requested by

Host: portal.ertcexpress.com
URL: https://portal.ertcexpress.com/lead-intake?&source=https://covid-19taxrecovery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:80f::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

60865838dfab75ad5046e5dfa87cd2fdc6794380be62e1a53c7d01cdd7161a4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 05:32:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65357
x-xss-protection: 0

GET
H2 200 main.f8bdd19a.js Show response
cdn.ertcexpress.com/static/js/ Frame C17D 810 KB
236 KB 217ms
217ms Script
application/javascript 2606:4700:20::ac43:4785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ertcexpress.com/static/js/main.f8bdd19a.js

Requested by

Host: portal.ertcexpress.com
URL: https://portal.ertcexpress.com/lead-intake?&source=https://covid-19taxrecovery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

804450485eaf4bb82539fb2265a99570644edda9b13d8eaa89e098a9aa62fa6a

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 05:32:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=829305
cf-bgj: minify
last-modified: Tue, 17 Oct 2023 21:30:18 GMT
server: cloudflare
etag: W/"ca779-607f03aa98e80-gzip"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
content-type: application/javascript
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QE5OOwqhT6DZORjT0YCAgcp3mm%2B8RZYsWS7aFHfUo%2FLK0Y7MCWmQnz7GtFtEM6%2F1n3EwE83t%2FQHKkXbiU3ETJS5HtnuQ29Vu%2FCUfNUTwF%2FokowoLbyQACeswHg4NM7uBKMcnp%2B%2FK0Ij5ENTNlGxc6Rc%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
x-frame-options: ALLOWALL
cache-control: max-age=86400
cf-ray: 819f5c09af34afd3-NRT
access-control-allow-headers: *

GET
H2 200 main.11a9dd53.css
cdn.ertcexpress.com/static/css/ Frame C17D 66 KB
12 KB 36ms
14ms Stylesheet
text/css 2606:4700:20::ac43:4785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ertcexpress.com/static/css/main.11a9dd53.css

Requested by

Host: portal.ertcexpress.com
URL: https://portal.ertcexpress.com/lead-intake?&source=https://covid-19taxrecovery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a17aed63dbba092fb1dcc26885c624f8fe56aa02d840ff3f67833952899c5d7

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 05:32:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59486
cf-polished: origSize=68047
cf-bgj: minify
last-modified: Tue, 17 Oct 2023 21:30:18 GMT
server: cloudflare
etag: W/"109cf-607f03aa98e80-gzip"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
content-type: text/css
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BLLLjxUv0PrH3ZUdD%2BwNl7DESAD%2FlxlAWQJXvM9u%2Fb68S%2BHHKupS5ZhSCqp2T9OQr1NaJmbC4brqZd3yah%2FavLWSn1aeTDGsMTFH3FoIybIIl3tHqijdqceYLDUwEq%2F31xqN2Vyto6c7AQPnsIatLrc%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
x-frame-options: ALLOWALL
cache-control: max-age=86400
cf-ray: 819f5c097f02afd3-NRT
access-control-allow-headers: *

GET
H2 200 21903561.js Show response
js.hs-scripts.com/ Frame C17D 1 KB
1 KB 227ms
200ms Script
application/javascript 2606:4700::6810:bf59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/21903561.js

Requested by

Host: portal.ertcexpress.com
URL: https://portal.ertcexpress.com/lead-intake?&source=https://covid-19taxrecovery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bf59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

987f6630e4a1f8f6103b7fc7eac467293788fdfcf7cb6f63d5739d705c95bd2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 05:32:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 3c62cd9e-bfa7-4b1f-bcd3-7c94bc1cb2ad
x-envoy-upstream-service-time: 4
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 3c62cd9e-bfa7-4b1f-bcd3-7c94bc1cb2ad
last-modified: Sun, 22 Oct 2023 02:20:58 GMT
server: cloudflare
x-trace: 2B904324474E67637C47A9381E276F6133DC7F5513000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-fghm2
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 819f5c09d9be3414-NRT
expires: Sun, 22 Oct 2023 05:33:24 GMT

GET
H2 200 viewer.js Show response
acrobatservices.adobe.com/view-sdk/ Frame C17D 1005 B
925 B 202ms
7ms Script
application/javascript 2600:140b:1a00:b::17c8:3708
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://acrobatservices.adobe.com/view-sdk/viewer.js

Requested by

Host: portal.ertcexpress.com
URL: https://portal.ertcexpress.com/lead-intake?&source=https://covid-19taxrecovery.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:140b:1a00:b::17c8:3708 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5b122f334cf09f2b45962ab0b316f54c7d2d3cc33c0bd2a5a2489743c610f196

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 05:32:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-server-side-encryption: AES256
content-length: 576
last-modified: Wed, 18 Oct 2023 10:42:37 GMT
etag: "29123f08eb1010277a6395e20b0f43af"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
cache-control: max-age=60, must-revalidate
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ Frame C17D 20 KB
7 KB 47ms
34ms Script
text/javascript 2606:4700::6810:3865
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: portal.ertcexpress.com
URL: https://portal.ertcexpress.com/lead-intake?&source=https://covid-19taxrecovery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
Origin: https://portal.ertcexpress.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 05:32:23 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 819f5c09ccf3e08a-NRT

GET
H2 200 universal-script Show response
route.ertc.com/v1/lst/ Frame C17D 42 KB
12 KB 731ms
704ms Script
text/javascript 2606:4700:3036::ac43:9b33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://route.ertc.com/v1/lst/universal-script?ph=5fb30b78ab4439089bd4dbb1c05fec7e7f0bc196fb2351ef9e102b22a335fe90&tag=!clicked&ref_url=https://portal.ertcexpress.com/lead-intake?&source=https://covid-19taxrecovery.com/
Requested by: Host: portal.ertcexpress.com
URL: https://portal.ertcexpress.com/lead-intake?&source=https://covid-19taxrecovery.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9b33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8253b452c021ea2c6071bea2992927a8e0a3d267bf6a776ff324067910d24487

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 05:32:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
front-end-https: off
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
content-type: text/javascript;charset=ISO-8859-1
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7s9YwQ4XJ5tOOtNsJTDicLbgDs%2F12kxt5uqVMNaIdqwMiaQIK0jM9ZPTrOFw5Cdz8NXq9lXT%2Fc3%2BRUjZmt1g2gN5uCNLoFZBJ7KK5TlvOACBI%2BvdQD8ImxTHIOWYsIxf1L6wh%2FepAZprZjDQiA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
cf-ray: 819f5c09dcd96885-NRT
alt-svc: h3=":443"; ma=86400

GET
H2 200 ViewSDKInterface.js Show response
acrobatservices.adobe.com/view-sdk/3.12.1_3.2.2-bee18b73/ Frame C17D 1015 KB
152 KB 8ms
7ms Script
application/javascript 2600:140b:1a00:b::17c8:3708
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://acrobatservices.adobe.com/view-sdk/3.12.1_3.2.2-bee18b73/ViewSDKInterface.js

Requested by

Host: acrobatservices.adobe.com
URL: https://acrobatservices.adobe.com/view-sdk/viewer.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:140b:1a00:b::17c8:3708 Tokyo, Japan, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

306a94cac80aef83d1131851d446811553bde4387ec0d93dfb4a671514f0b274

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 05:32:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-server-side-encryption: AES256
content-length: 155059
last-modified: Wed, 18 Oct 2023 07:24:37 GMT
etag: "0d0b9a4b632bb2ce024390834158ac65"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,OPTIONS
cache-control: max-age=2592000, must-revalidate
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ Frame C17D 3 B
45 B 93ms
53ms XHR
application/json 2404:6800:4004:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBWoHM2_MNc0jsu215pBfJOo0rOjmh3TPM&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:80f::200a , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 05:32:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://portal.ertcexpress.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 fb.js Show response
js.hsadspixel.net/ Frame C17D 6 KB
4 KB 29ms
12ms Script
application/javascript 2606:4700::6811:e5a3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsadspixel.net/fb.js

Requested by

Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21903561.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:e5a3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

413237d22e25097e3cee2595c2cedccc0d680158bd638a421aecaa1a7237321f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 05:32:24 GMT
x-amz-version-id: 6Rl00Bao8JSR9sjVJgKGfhCjk_eTdRhI
via: 1.1 05133180bbd1649d4b8f97441bf305e8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-cf-pop: IAD12-P3
age: 410
x-amz-server-side-encryption: AES256
x-evy-trace-route-service-name: envoyset-translator
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=adsscriptloaderstatic/static-1.490/bundles/pixels-release.js&cfRay=819f5208abf2f625-NRT
x-cache: Hit from cloudfront
x-hubspot-correlation-id: 74d8adee-03de-41c5-a34e-52a5c3085b27
cache-tag: staticjsapp-AdsScriptLoaderCloudflare-web-prod,staticjsapp-prod
content-encoding: br
x-envoy-upstream-service-time: 0
x-amz-replication-status: COMPLETED
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 74d8adee-03de-41c5-a34e-52a5c3085b27
last-modified: Mon, 16 Oct 2023 16:51:04 UTC
server: cloudflare
etag: W/"7e8c6b3c97842ae7b4b13d1465637fd9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-hs-cache-status: HIT
x-evy-trace-virtual-host: all
cache-control: max-age=600
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-7c89bb96b9-bnhh6
cf-ray: 819f5c0b68751d8f-NRT
x-amz-cf-id: Nh0KIzCkd4O478Wu-MO_-SJ57eK5DIce0YQYuzNVfaghB1XuKMU2Nw==
x-hs-target-asset: adsscriptloaderstatic/static-1.490/bundles/pixels-release.js

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/21903561/ Frame C17D 66 KB
20 KB 801ms
788ms Script
text/javascript 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/21903561/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21903561.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 001099934d9c715560ff8c13539a61aef6ee9458f7f4363c586d62cd39aea6e6

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 05:32:25 GMT
x-amz-version-id: 5b8xhTDuPQP173DAVV07yRhKeVYug58F
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: DP0NNYNY1C21NG7J
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: dca72a27-f0ac-4600-b12b-5f7e9f0d8f84
x-envoy-upstream-service-time: 34
x-amz-id-2: 6g8efq8dFLBl5J8+0nCObhjMwg9WcoTbbMfAhiviCYjJ2aBoGtiOMmKrhBUuendWdjNKd8eOGds=
x-evy-trace-listener: listener_https
x-request-id: dca72a27-f0ac-4600-b12b-5f7e9f0d8f84
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 18 Oct 2023 19:09:25 GMT
server: cloudflare
etag: W/"7c23d6a00292d15c7fed199acc4ecc9c"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://ertc.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-fc6l5
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 819f5c0b6b9a688c-NRT
expires: Sun, 22 Oct 2023 05:37:24 GMT

GET
H2 200 21903561.js Show response
js.hs-analytics.net/analytics/1697952600000/ Frame C17D 66 KB
21 KB 226ms
214ms Script
text/javascript 2606:4700::6810:50ba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1697952600000/21903561.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/21903561.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:50ba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40469bc33a6c3f5e9b0f6e6a06535ba1b6f37a5c1dbc1238bbbc1917d143fab1

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 05:32:24 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 8DCZ8S1MVQBDT33B
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 32aa6c8c-092d-47e2-8b00-b35ead9def3f
x-envoy-upstream-service-time: 20
x-amz-id-2: KRO6PwT0XUjTP3DeLPCIxPrZyQWbajumic7+mfLoBTQVAqhDpUFZ2KSdj/ERd841iiFxgjfwIejTFpTYumoHrw==
x-evy-trace-listener: listener_https
x-request-id: 32aa6c8c-092d-47e2-8b00-b35ead9def3f
x-evy-trace-route-configuration: listener_https/all
last-modified: Thu, 12 Oct 2023 15:46:54 GMT
server: cloudflare
etag: W/"eaeceba86bca7023fb46ea67fa160087"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-85c95667b4-snk2v
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 819f5c0b5a44e001-NRT
expires: Sun, 22 Oct 2023 05:37:24 GMT

GET
H2 200 3180.4890e40f.chunk.js Show response
cdn.ertcexpress.com/static/js/ Frame C17D 7 KB
3 KB 190ms
190ms Script
application/javascript 2606:4700:20::ac43:4785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ertcexpress.com/static/js/3180.4890e40f.chunk.js

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.f8bdd19a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9acd284e7a9acfcaa479887f26bc0e972c17859c31bdac7b629561590c6a28d3

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 05:32:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=7210
cf-bgj: minify
last-modified: Tue, 17 Oct 2023 21:30:18 GMT
server: cloudflare
etag: W/"1c2a-607f03aa98e80-gzip"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
content-type: application/javascript
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fmsXTseMeUHK6EiXH%2FEoZQpTlmzUVlFICyqg5ynTSXJEarCueDwYwr26xJb4YeAYcYinmdsiBRa2F%2FbLj0r%2BFZ34%2F0X7DK%2FQnYxDgRkEYpasYKeh8NiEGbXcm0VTocYaRiIzQrgrCz3RnsB%2F7%2FWmstg%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
x-frame-options: ALLOWALL
cache-control: max-age=86400
cf-ray: 819f5c0bb9d7afd3-NRT
access-control-allow-headers: *

GET
H2 200 3528.8d194cab.chunk.js Show response
cdn.ertcexpress.com/static/js/ Frame C17D 816 KB
57 KB 205ms
205ms Script
application/javascript 2606:4700:20::ac43:4785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ertcexpress.com/static/js/3528.8d194cab.chunk.js

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.f8bdd19a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcaddde09d5c1500fb67895a243ac1cc9065b079bd13003fdf1b2efec94f6b3e

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 05:32:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=835955
cf-bgj: minify
last-modified: Tue, 17 Oct 2023 21:30:18 GMT
server: cloudflare
etag: W/"cc173-607f03aa98e80-gzip"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
content-type: application/javascript
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BrpvkXrz7Jtlsq%2FbolEhlKGH%2BbdPR9VQwJSG3mV98dMaGMblJRBWHqp%2Fde7L1d22Z%2Bj0TEFVWJIpuLKaOKw%2Fq0EYVqAJYTascdYocQWCcBH0IHRM17nQ%2BWffuju8mywq%2Ba80L7l5Shldl8Uu%2FUsHhk%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
x-frame-options: ALLOWALL
cache-control: max-age=86400
cf-ray: 819f5c0bb9d8afd3-NRT
access-control-allow-headers: *

GET
H2 200 976.9eebeaf7.chunk.js Show response
cdn.ertcexpress.com/static/js/ Frame C17D 35 KB
13 KB 193ms
192ms Script
application/javascript 2606:4700:20::ac43:4785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ertcexpress.com/static/js/976.9eebeaf7.chunk.js

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.f8bdd19a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c4a55d404d8ab3dd9599b71fb1c1154117fd9ab44922ae9e4d24e60cf52e9d8

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 05:32:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=35767
cf-bgj: minify
last-modified: Tue, 17 Oct 2023 21:30:18 GMT
server: cloudflare
etag: W/"8bb7-607f03aa98e80-gzip"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
content-type: application/javascript
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2BmV8Z8r21vnt2JEHD9vlYRs6mjp8zTEbYWBE%2BA%2BOKfBuqz7YmpfRHE%2F0anjlB9n74xzK17nrMrGaqZUg9npzMg4XdXhptEUnVwyEi9%2Bi%2FGMbyS0NyqEEbo%2Bajh%2BVkOE%2B%2F8EVnBjFrzjmleUP4qiCqY%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
x-frame-options: ALLOWALL
cache-control: max-age=86400
cf-ray: 819f5c0bb9daafd3-NRT
access-control-allow-headers: *

GET
H2 200 5919.f106f374.chunk.js Show response
cdn.ertcexpress.com/static/js/ Frame C17D 11 KB
4 KB 189ms
188ms Script
application/javascript 2606:4700:20::ac43:4785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ertcexpress.com/static/js/5919.f106f374.chunk.js

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.f8bdd19a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f23f2c22a1a29736dc3bbf4bbe2abc16376b42a14b5236e72809b0f05665132c

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 05:32:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=11745
cf-bgj: minify
last-modified: Tue, 17 Oct 2023 21:30:18 GMT
server: cloudflare
etag: W/"2de1-607f03aa98e80-gzip"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
content-type: application/javascript
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zf6zUZnt4UsfIClmU7ZKSjxRhGPd8TWIEnHspVkZRpuIEbsn3I24PmyffNbNP5ZlMor0HxOKQlLrPIRRn03Q4e4KMJhhZnJkYqZ2CH6QEyQZBM5FUCZODXsq7IyEsaJxZR19Tbc5ZYccZ%2BUr6ylcHsQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
x-frame-options: ALLOWALL
cache-control: max-age=86400
cf-ray: 819f5c0bb9dbafd3-NRT
access-control-allow-headers: *

GET
H2 200 8782.96082b64.chunk.js Show response
cdn.ertcexpress.com/static/js/ Frame C17D 871 KB
258 KB 712ms
712ms Script
application/javascript 2606:4700:20::ac43:4785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ertcexpress.com/static/js/8782.96082b64.chunk.js

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.f8bdd19a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

661ec165a5d9b2a9fc7e1fcf14d263d61365fe37aa271c3623d3fc8e2b5fde02

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 05:32:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=891998
cf-bgj: minify
last-modified: Tue, 17 Oct 2023 21:30:18 GMT
server: cloudflare
etag: W/"d9c5e-607f03aa98e80-gzip"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
content-type: application/javascript
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LgZvo9FrNOTeInY399g3LatQPuA%2FfDwiUjrnjbjD3js9A4Q1UQbAKum%2FQWO8yJoHfwzuqRSVRfErIrNiorFP37pcp85wqEZ5XJ4sxfe0FADQmsal7FaXofVzlN6GSObLOqjG9irCtxyU%2BXFv%2BaZcZXI%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
x-frame-options: ALLOWALL
cache-control: max-age=86400
cf-ray: 819f5c0bb9dcafd3-NRT
access-control-allow-headers: *

GET
H2 200 6884.73c2e985.chunk.js Show response
cdn.ertcexpress.com/static/js/ Frame C17D 7 KB
3 KB 197ms
197ms Script
application/javascript 2606:4700:20::ac43:4785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ertcexpress.com/static/js/6884.73c2e985.chunk.js

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.f8bdd19a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0e777768145abf5ec388ec18c094f17c51e8a6e6a7d5c12e5b37304758494ae

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 05:32:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=7510
cf-bgj: minify
last-modified: Tue, 17 Oct 2023 21:30:18 GMT
server: cloudflare
etag: W/"1d56-607f03aa98e80-gzip"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
content-type: application/javascript
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XWpnUXB2YVlNErSyF4LrUBwuqJwhCd6BsY8KwA4rdP6%2F61yqRODRd%2BJucHcDBPChnyuR6ixrsePlP7CbieRHD82rzmg2GiC8wJ5SEHfIB%2FUV8ybbOOaW3b1vOG%2FMw%2FAkgP6SvzPp1YgwyVj%2FgL1P7RY%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
x-frame-options: ALLOWALL
cache-control: max-age=86400
cf-ray: 819f5c0bb9ddafd3-NRT
access-control-allow-headers: *

GET
H2 200 1056.8c8af8e1.chunk.js Show response
cdn.ertcexpress.com/static/js/ Frame C17D 29 KB
7 KB 196ms
196ms Script
application/javascript 2606:4700:20::ac43:4785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ertcexpress.com/static/js/1056.8c8af8e1.chunk.js

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.f8bdd19a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f2b3b7d278167daa4bf1b4bb36d73163963b7b2f54a8232d58bee72ffc3b0bb

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 05:32:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=29903
cf-bgj: minify
last-modified: Tue, 17 Oct 2023 21:30:18 GMT
server: cloudflare
etag: W/"74cf-607f03aa98e80-gzip"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
content-type: application/javascript
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pxsoh%2BSNbth%2BxdJaKjapZ3nCJlLHkYU7QBYjdEwefY0NtJWrItrXy1Jtil%2FSDrJAql5F9rc756VK8lzK1wZ0jYa8s%2BqIdbfhDSJMeDOOT34NF%2Bvu6o%2F5X2ihHPVSCFqKrgZJ4qjAJeSHZxeVjIvXVWY%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
x-frame-options: ALLOWALL
cache-control: max-age=86400
cf-ray: 819f5c0cebabafd3-NRT
access-control-allow-headers: *

GET
H2 200 6251.a4471e96.chunk.js Show response
cdn.ertcexpress.com/static/js/ Frame C17D 16 KB
6 KB 202ms
202ms Script
application/javascript 2606:4700:20::ac43:4785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ertcexpress.com/static/js/6251.a4471e96.chunk.js

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.f8bdd19a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49d97362121993208eb1972755ffaf866da0905998482bbf4965f2a0cc34a574

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 05:32:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=16904
cf-bgj: minify
last-modified: Tue, 17 Oct 2023 21:30:18 GMT
server: cloudflare
etag: W/"4208-607f03aa98e80-gzip"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
content-type: application/javascript
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZz4gP%2BxK4XgTWo7T5KcCl82rFk1CUh9IML1AQJBG6mAkibCDuMiI%2FHpR5GOYTncigwOADdxb9s4Wr3DzoMPxjfdwnKZjrsfcxM%2BjqzojeRfrhC3pXPAJ0LpRIqGX2y3ZUpt0PPpgl2Dxf%2FwGw3dT%2FE%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
x-frame-options: ALLOWALL
cache-control: max-age=86400
cf-ray: 819f5c0cebb0afd3-NRT
access-control-allow-headers: *

GET
H2 200 9687.76a66a49.chunk.js Show response
cdn.ertcexpress.com/static/js/ Frame C17D 288 KB
75 KB 194ms
194ms Script
application/javascript 2606:4700:20::ac43:4785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ertcexpress.com/static/js/9687.76a66a49.chunk.js

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.f8bdd19a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a441e6cc68582383acadbd865464293482567b0f58f81b70631ec5e1c039374

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 05:32:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=294965
cf-bgj: minify
last-modified: Tue, 17 Oct 2023 21:30:18 GMT
server: cloudflare
etag: W/"48035-607f03aa98e80-gzip"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
content-type: application/javascript
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B388xeKVsPMnbR2Yi%2BVHgCAoEtSmEDLcLmrbyQ4vzhkjpOxVUY2zTnv%2BLQEmknN0pTy62pMLKzGHPZnflAtkTExdU4lCnxj0yJZDQoG2NX5kzjf%2FlnTw%2BWXBRA2tHx9t%2FaUwy3duppmajUuWtx5rdqA%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
x-frame-options: ALLOWALL
cache-control: max-age=86400
cf-ray: 819f5c0cebc1afd3-NRT
access-control-allow-headers: *

GET
H2 200 6129.1af52e49.chunk.js Show response
cdn.ertcexpress.com/static/js/ Frame C17D 15 KB
5 KB 193ms
193ms Script
application/javascript 2606:4700:20::ac43:4785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ertcexpress.com/static/js/6129.1af52e49.chunk.js

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.f8bdd19a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e0c69a2f0fcdf6fb91c41427992ef3b25cdd1e3ad0de4b82d5c55d82515c0c8

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 05:32:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=15071
cf-bgj: minify
last-modified: Tue, 17 Oct 2023 21:30:18 GMT
server: cloudflare
etag: W/"3adf-607f03aa98e80-gzip"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
content-type: application/javascript
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7WGdoI3LVtMeGV0zTsKK1Q6XmAPv1lM1hc48Zi38bpzX2%2F8FTq%2B0u40ekzYTWSjDgzYLUYH8hPvrvbXlBT4s6gXH4MwO7lP6v%2FvuNlpLIAhcJKZY1sH53sbtiwzmGZQfHgAVWyObmEe9veQV%2FM7bNpk%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
x-frame-options: ALLOWALL
cache-control: max-age=86400
cf-ray: 819f5c0cebc7afd3-NRT
access-control-allow-headers: *

GET
H2 200 8567.38257a49.chunk.js Show response
cdn.ertcexpress.com/static/js/ Frame C17D 156 KB
38 KB 194ms
194ms Script
application/javascript 2606:4700:20::ac43:4785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ertcexpress.com/static/js/8567.38257a49.chunk.js

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.f8bdd19a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b948623d7d318e3f4ed638f0696771e3d640bc6356763fbb0205fb85bf38fb4

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 05:32:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=160017
cf-bgj: minify
last-modified: Tue, 17 Oct 2023 21:30:18 GMT
server: cloudflare
etag: W/"27111-607f03aa98e80-gzip"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
content-type: application/javascript
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecGiWLeyUhs13%2Bgz7Et3IUhmQ9zVmFPAnT8n9ogEx9QNocHmae3BWNLTo0%2BQxShGp7pJlk%2BtGyBhpCz25VcPyFQKDmKzUPscVnl%2BQwudZzF%2FycDDKiuJRk54h3f3OUgIvuJud75r4sKdDwCItlETmyk%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
x-frame-options: ALLOWALL
cache-control: max-age=86400
cf-ray: 819f5c0cfbecafd3-NRT
access-control-allow-headers: *

GET
H2 200 6813.00c84a5e.chunk.js Show response
cdn.ertcexpress.com/static/js/ Frame C17D 112 KB
18 KB 191ms
190ms Script
application/javascript 2606:4700:20::ac43:4785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ertcexpress.com/static/js/6813.00c84a5e.chunk.js

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.f8bdd19a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e89a2d1718e06cd791ba8e28f0bf9f046b69afebb0371dd6bdf7b8d590bd6e44

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 05:32:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=114237
cf-bgj: minify
last-modified: Tue, 17 Oct 2023 21:30:18 GMT
server: cloudflare
etag: W/"1be3d-607f03aa98e80-gzip"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
content-type: application/javascript
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FR9eegNcPB9MTDZrAVrCGDNyXAN976W4PPnYrp4YWlQIdcazV%2FEb%2Ff2SQx4DA4m94QtEJupeiqBtUR%2FxbfEj4zbkEyVY%2FQWqqs8tzCK8R9PmS%2FvyxOPfdKFG8d5Ye%2BmXgK4GTqOos94%2Fj8T8j3cfbWI%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
x-frame-options: ALLOWALL
cache-control: max-age=86400
cf-ray: 819f5c0e1d6fafd3-NRT
access-control-allow-headers: *

GET
H2 200 498.bb8f03e4.chunk.js Show response
cdn.ertcexpress.com/static/js/ Frame C17D 30 KB
7 KB 201ms
201ms Script
application/javascript 2606:4700:20::ac43:4785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ertcexpress.com/static/js/498.bb8f03e4.chunk.js

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.f8bdd19a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

698b098bb6b72887272b825cbbf12338bc3eec9f104f13ce447a1568f0339b9c

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 05:32:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=30624
cf-bgj: minify
last-modified: Tue, 17 Oct 2023 21:30:18 GMT
server: cloudflare
etag: W/"77a0-607f03aa98e80-gzip"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
content-type: application/javascript
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8qGwUw3PD4nbtUec904XRY7SEsKY1n3c%2F5vpKOa76PVLGC4yngA30Y3fWvxjRhH4yDd1XXtTIyxbeOA9e7680Q3%2BIH76aWo8qOnT6Yl3z6rLIQkK0aDcclqwb9cMU0CW2O%2B4B%2FUQblKkk2lDGmBLpyE%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
x-frame-options: ALLOWALL
cache-control: max-age=86400
cf-ray: 819f5c0e2d75afd3-NRT
access-control-allow-headers: *

GET
H2 200 264.903f8388.chunk.js Show response
cdn.ertcexpress.com/static/js/ Frame C17D 2 KB
1 KB 191ms
191ms Script
application/javascript 2606:4700:20::ac43:4785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ertcexpress.com/static/js/264.903f8388.chunk.js

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.f8bdd19a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bee029e127fcd94cb1e04e7794e06a260d3c04f0e9849999a89dff7312a5306

Security Headers

Name	Value
X-Frame-Options	ALLOWALL

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 05:32:24 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=2587
cf-bgj: minify
last-modified: Tue, 17 Oct 2023 21:30:18 GMT
server: cloudflare
etag: W/"a1b-607f03aa98e80-gzip"
vary: Accept-Encoding
access-control-allow-methods: OPTIONS,GET,HEAD
content-type: application/javascript
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mklqAPKvuXoJpUsUusLeh%2B9847X84Dha35H7GWRo4EGwG0OcnOnNesItAf24KHDvWIc3epDCG7NCbyHkSrn6BrmHeMQTxPLpGjTtam8B2k0L1LfDX4HMP6wDGsqCu%2FdMSQV0s4e1stSyHEoCq6F0eHQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Content-Security-Policy, Location
x-frame-options: ALLOWALL
cache-control: max-age=86400
cf-ray: 819f5c0e2d78afd3-NRT
access-control-allow-headers: *

GET
BLOB 200
OK a4d2d67a-27b6-468c-a530-13e885934520
https://portal.ertcexpress.com/ Frame C17D 46 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://portal.ertcexpress.com/a4d2d67a-27b6-468c-a530-13e885934520
Requested by: Host: portal.ertcexpress.com
URL: https://portal.ertcexpress.com/lead-intake?&source=https://covid-19taxrecovery.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3436a3567df14bd76a0e5b2ab1edba77ff61c49fb811b64de0dd23899103ecdc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Length: 46922
Content-Type

GET
H2 200 gusid Show response
route.ertc.com/v1/lst/ Frame C17D 0
559 B 190ms
189ms XHR
text/plain 2606:4700:3036::ac43:9b33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://route.ertc.com/v1/lst/gusid?ref_url=https%3A%2F%2Fportal.ertcexpress.com%2Flead-intake%3F%26source%3Dhttps%3A%2F%2Fcovid-19taxrecovery.com%2F
Requested by: Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.f8bdd19a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9b33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
Product-ID: 186379
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 05:32:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
session-id: HB-ET_be28b447f16d19516aacb239d074d1e00082e27253e9f1aceba108da8203b6ef
server: cloudflare
etag: HB-ET_be28b447f16d19516aacb239d074d1e00082e27253e9f1aceba108da8203b6ef
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IC5HiDh04vPxUtl1ZcdP9Wn%2F9tLz1sGsfZDjwnl%2FP0abt9AKAKaK7%2FAfk5RH3LqixHGb%2FTu7zygHFG8V0XMgmg4galvSnLG3XXVuhMfJOoe8fIjJZL2fZHiI8a2T3Zci3HFiliNloMsutT9ZjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://portal.ertcexpress.com
access-control-expose-headers: Session-ID
front-end-https: off
access-control-allow-credentials: true
cf-ray: 819f5c12ed906885-NRT

OPTIONS
H3 200 gusid
route.ertc.com/v1/lst/ Frame 0
0 575ms
562ms Preflight 2606:4700:3036::ac43:9b33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://route.ertc.com/v1/lst/gusid?ref_url=https%3A%2F%2Fportal.ertcexpress.com%2Flead-intake%3F%26source%3Dhttps%3A%2F%2Fcovid-19taxrecovery.com%2F
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9b33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: product-id
Access-Control-Request-Method: GET
Origin: https://portal.ertcexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: product-id
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://portal.ertcexpress.com
access-control-expose-headers: Session-ID
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 819f5c0f6b2c3c03-NRT
content-length: 0
date: Sun, 22 Oct 2023 05:32:25 GMT
front-end-https: off
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8b3AgKu%2Fl6HffpbJpy4S3ciBvfkeOKAfYdomP6dv8Id6m77jgBjL%2F0vPHItVXwkaA7geSLCRUAlxEG0ducbHToOT2xpxodXCbQ31WPDGghbIwZnuRYzcfVM4hC5h63T2NsxAxmk6xqTHhoJ%2B%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 json Show response
api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/ Frame C17D 190 B
1 KB 221ms
204ms XHR
application/json 2606:4700::6811:cbcc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hubapi.com/hs-script-loader-public/v1/config/pixels-and-events/json?portalId=21903561

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.f8bdd19a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:cbcc , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8b930490397895660eafb90cf0718d66b65d24103f7aaf6c5da0cb0cea13d1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 05:32:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: f266d61b-30b4-4f14-bff1-901ace867b37
content-encoding: br
x-envoy-upstream-service-time: 3
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: f266d61b-30b4-4f14-bff1-901ace867b37
server: cloudflare
x-trace: 2BD2E5D79409F688D0F18576B108DA166F5AA6D24F000000000000000000
vary: origin, Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: application/json;charset=utf-8
access-control-allow-origin: https://portal.ertcexpress.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5b5c96c966-wts5f
access-control-max-age: 180
access-control-allow-credentials: false
x-evy-trace-virtual-host: all
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x0JwK7OAZAdMWxzyI%2Fx2U0vK8x1ypSaGiqfiffTIXayKb00yLzx7gwtgGTit%2FuMxeBIJ6oR6Ha9%2Fcpnw%2BkwIie%2BMYNUaE%2FaZx5EeSimx%2BnewFqidEfKsg2ztIQ8NWhZxDMqAmxDb%2Bqj2qV9E"}],"group":"cf-nel","max_age":604800}
cf-ray: 819f5c107a7634d5-NRT
access-control-allow-headers: *

GET
H2 200 verify Show response
portal.ertcexpress.com/api/referrers/ Frame C17D 369 B
721 B 299ms
299ms XHR
application/json 2606:4700:20::ac43:4785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.ertcexpress.com/api/referrers/verify?source=https%3A%2F%2Fcovid-19taxrecovery.com%2F&uri=https%3A%2F%2Fportal.ertcexpress.com%2Flead-intake%3F%26source%3Dhttps%3A%2F%2Fcovid-19taxrecovery.com%2F

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.f8bdd19a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd357c43f8f306702746b70da854577da2ea99647deead986bd758e35fb21e50

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 05:32:25 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
x-dns-prefetch-control: off
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
etag: W/"171-rbMtAmg0l+OU5JRxzjCjrlsVj1A"
x-download-options: noopen
expect-ct: max-age=0
x-frame-options: ALLOWALL
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pdTn4cXh96avWR%2BPjggbY5Zq%2F3WruHKtFvE5ZY0VYkHm6wEst5PgGjt9pqd4MGZmhmvKw%2BvMjZ9pxvCCmr6WFfr54la7Snj0GRlYnJ6Zly6uE6%2B5We97NbTG9MHFxs5m682MShB4rV1GzglRAfEhIhu9COE%3D"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-ray: 819f5c10d922afd3-NRT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C17D 15 KB
15 KB 3ms
3ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portal.ertcexpress.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 12:11:55 GMT
x-content-type-options: nosniff
age: 62430
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Oct 2024 12:11:55 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ Frame C17D 45 B
1 KB 225ms
207ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2732646938&v=1.1&a=21903561&r=https%3A%2F%2Fcovid-19taxrecovery.com%2F&pu=https%3A%2F%2Fportal.ertcexpress.com%2Flead-intake%3F%26source%3Dhttps%3A%2F%2Fcovid-19taxrecovery.com%2F&t=ERTC+Express&cts=1697952745093&vi=03e53893302126a4c5a125ad23abd589&nc=true&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 05:32:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 500a5d58-3609-4f18-9b6a-5b6e8fe4c043
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 10
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 500a5d58-3609-4f18-9b6a-5b6e8fe4c043
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DpSOsjm8VrgVg5NPj1lZ5eiUyLGjax6JXHcEhd8GTysQe1N3gSxBa9cQ8Gs1LtbIYQwJmS5fDGaBhBXmOr4qy8ExzgXlKMZSE7yfB%2FC7pUUdwnXxi9szvywBbWOoPk%2Fc3q0vSe%2BK7MylsSATrNhN"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-674b9fb979-fc5kj
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 819f5c110dbc34bd-NRT
x-robots-tag: none

POST
H2 204 rum Show response
portal.ertcexpress.com/cdn-cgi/ Frame C17D 0
156 B 5ms
5ms XHR
text/plain 2606:4700:20::ac43:4785
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://portal.ertcexpress.com/cdn-cgi/rum?

Requested by

Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.f8bdd19a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4785 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
content-type: application/json

Response headers

date: Sun, 22 Oct 2023 05:32:25 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://portal.ertcexpress.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 819f5c10e939afd3-NRT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame C17D 232 KB
80 KB 101ms
53ms Script
application/javascript 2404:6800:4004:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-11028985773

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:811::2008 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d757b17930dab5c1ab132f0ef33fef687c90dc99926bcfe5580b2941d39f516c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sun, 22 Oct 2023 05:32:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 82007
x-xss-protection: 0
last-modified: Sun, 22 Oct 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 22 Oct 2023 05:32:25 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame C17D 199 KB
53 KB 101ms
4ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: js.hsadspixel.net
URL: https://js.hsadspixel.net/fb.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 22 Oct 2023 05:32:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53588
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 72eo3sN/bxtgrPNQJbB1M3MJVa9euWNBPxHfDzJtO7OwoynXiVDDBJ6Lwi9CNHGEZMYVLz0wnj9GnaXNFjNj9w==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 128303466905142 Show response
connect.facebook.net/signals/config/ Frame C17D 128 KB
31 KB 331ms
330ms Script
application/x-javascript 2a03:2880:f00f:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/128303466905142?v=2.9.135&r=stable&domain=covid-19taxrecovery.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f00f:8:face:b00c:0:1 Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e97b124cefcfec1c8e35e99a629c4db1f9c802072cae213a752fce32b43334c9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 22 Oct 2023 05:32:25 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: pRTcwEP3sHsCHr99A1OrkQxQH3NiZej4o94A75IPZPz7ZDYg6NMEzx6MJQ6NtubRImw97N9CVWnH30CrHOprFA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C17D 15 KB
16 KB 3ms
3ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portal.ertcexpress.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Sat, 21 Oct 2023 03:09:26 GMT
x-content-type-options: nosniff
age: 94979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 20 Oct 2024 03:09:26 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C17D 16 KB
16 KB 5ms
5ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portal.ertcexpress.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Fri, 20 Oct 2023 10:53:08 GMT
x-content-type-options: nosniff
age: 153557
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Oct 2024 10:53:08 GMT

GET
H3 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C17D 17 KB
17 KB 5ms
4ms Font
font/woff2 2404:6800:4004:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2404:6800:4004:824::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://portal.ertcexpress.com
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Tue, 17 Oct 2023 04:58:17 GMT
x-content-type-options: nosniff
age: 434048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Oct 2024 04:58:17 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/11028985773/ Frame C17D 3 KB
2 KB 94ms
44ms Script
text/javascript 2404:6800:4004:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11028985773/?random=1697952745604&cv=11&fst=1697952745604&bg=ffffff&guid=ON&async=1&gtm=45be3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.ertcexpress.com%2Flead-intake%3F%26source%3Dhttps%3A%2F%2Fcovid-19taxrecovery.com%2F&ref=https%3A%2F%2Fcovid-19taxrecovery.com%2F&hn=www.googleadservices.com&frm=2&tiba=ERTC%20Express&did=dZTQ1Zm&gdid=dZTQ1Zm&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11028985773

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:81d::2002 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ad46f8236bfa1c9c5e3739c6d02fee08a6aa078630c8692b84c26c0283b1652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Oct 2023 05:32:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1356
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 cte Show response
route.ertc.com/v1/lst/ Frame C17D 159 B
647 B 197ms
197ms XHR
application/json 2606:4700:3036::ac43:9b33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://route.ertc.com/v1/lst/cte
Requested by: Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.f8bdd19a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9b33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94004fac68d16a60d66c399f154edbb1a2d1fa2146fb73cd42d697704a85a0ae

Request headers

Session-ID: HB-ET_be28b447f16d19516aacb239d074d1e00082e27253e9f1aceba108da8203b6ef
Product-ID: 186379
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Referer
Access-Control-Allow-Headers: *

Response headers

date: Sun, 22 Oct 2023 05:32:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
front-end-https: off
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q6VH%2BNxD%2FVccyTebZ0IOZZfoL%2BhOMY4gqsQn0vjrmGim3dBNF%2FReaB%2FXJS1IDHeiMdVRunkdPLkcRAjrCpwWcEs6Z4b66zDej7H1mqp6cWggO%2BMTgkQrwMx91bRr%2B2omlOE66dT3E283xpCUrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
cf-ray: 819f5c156b893c03-NRT
alt-svc: h3=":443"; ma=86400

OPTIONS
H3 200 cte
route.ertc.com/v1/lst/ Frame 0
0 197ms
196ms Preflight 2606:4700:3036::ac43:9b33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://route.ertc.com/v1/lst/cte
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9b33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
Access-Control-Request-Method: POST
Origin: https://portal.ertcexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://portal.ertcexpress.com
access-control-expose-headers: Session-ID
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 819f5c1429e03c03-NRT
content-length: 0
date: Sun, 22 Oct 2023 05:32:25 GMT
front-end-https: off
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gvHnnu%2FMdkBd4NuRpr8UpssjphblLbm2YhVCOv9uXogFx0xms5G%2F84dNORg%2BJ5Rtu5uenumwVYVEh1UxhG2G0sBq8Hw0n%2F6b19JO4Meht2un8ixNnYCLBO2O0XKK8HypEB12XpH2eJHbq916qg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 /
www.google.com/pagead/1p-user-list/11028985773/ Frame C17D 42 B
455 B 101ms
46ms Image
image/gif 2404:6800:4004:818::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/11028985773/?random=1697952745604&cv=11&fst=1697950800000&bg=ffffff&guid=ON&async=1&gtm=45be3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.ertcexpress.com%2Flead-intake%3F%26source%3Dhttps%3A%2F%2Fcovid-19taxrecovery.com%2F&ref=https%3A%2F%2Fcovid-19taxrecovery.com%2F&frm=2&tiba=ERTC%20Express&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2806021987&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:818::2004 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Oct 2023 05:32:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.jp/pagead/1p-user-list/11028985773/ Frame C17D 42 B
455 B 101ms
46ms Image
image/gif 2404:6800:4004:823::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.jp/pagead/1p-user-list/11028985773/?random=1697952745604&cv=11&fst=1697950800000&bg=ffffff&guid=ON&async=1&gtm=45be3ai0&u_w=1600&u_h=1200&url=https%3A%2F%2Fportal.ertcexpress.com%2Flead-intake%3F%26source%3Dhttps%3A%2F%2Fcovid-19taxrecovery.com%2F&ref=https%3A%2F%2Fcovid-19taxrecovery.com%2F&frm=2&tiba=ERTC%20Express&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2806021987&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4004:823::2003 , Australia, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 22 Oct 2023 05:32:25 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame C17D 0
185 B 17ms
4ms Image
text/plain 2a03:2880:f10f:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=128303466905142&ev=PageView&dl=https%3A%2F%2Fportal.ertcexpress.com&rl=https%3A%2F%2Fcovid-19taxrecovery.com&if=true&ts=1697952745777&sw=1600&sh=1200&ud[external_id]=03e53893302126a4c5a125ad23abd589&v=2.9.135&r=stable&ec=0&o=28&pm=1&hrl=9b1436&ler=other&it=1697952745383&coo=false&cs_cc=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f10f:83:face:b00c:0:25de Tokyo, Japan, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://portal.ertcexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 22 Oct 2023 05:32:25 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

OPTIONS
H3 200 pc
route.ertc.com/v1/lst/ Frame 0
0 195ms
194ms Preflight 2606:4700:3036::ac43:9b33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://route.ertc.com/v1/lst/pc?prev_url=https%3A%2F%2Fcovid-19taxrecovery.com%2F&ref_url=https%3A%2F%2Fportal.ertcexpress.com%2Flead-intake%3F%26source%3Dhttps%3A%2F%2Fcovid-19taxrecovery.com%2F&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F118.0.5993.88+Safari%2F537.36
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9b33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
Access-Control-Request-Method: GET
Origin: https://portal.ertcexpress.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: access-control-allow-headers,access-control-allow-origin,content-type,product-id,session-id
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://portal.ertcexpress.com
access-control-expose-headers: Session-ID
access-control-max-age: 86400
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 819f5c16cd5b3c03-NRT
content-length: 0
date: Sun, 22 Oct 2023 05:32:26 GMT
front-end-https: off
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zpMmS2YE8VgfsP815UdyoEnWfGL6MC0gT0Ln6iEAG%2BU%2BysrFDez2RPGMuO8NtA6pWhBUYS5YSp2OFmM34e5s3fjTwbrEyhrp30pJJz1yKW8dgmqaZXgHoHKhbHiv5IIBsAuL5XLErMremBrOuA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H3 200 pc Show response
route.ertc.com/v1/lst/ Frame C17D 117 B
672 B 557ms
556ms XHR
application/json 2606:4700:3036::ac43:9b33
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://route.ertc.com/v1/lst/pc?prev_url=https%3A%2F%2Fcovid-19taxrecovery.com%2F&ref_url=https%3A%2F%2Fportal.ertcexpress.com%2Flead-intake%3F%26source%3Dhttps%3A%2F%2Fcovid-19taxrecovery.com%2F&u_agent=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F118.0.5993.88+Safari%2F537.36
Requested by: Host: cdn.ertcexpress.com
URL: https://cdn.ertcexpress.com/static/js/main.f8bdd19a.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9b33 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72eaa2d2a676496321769450c1977489f106bbd46b8ec8f8de9303a9507ba916

Request headers

Session-ID: HB-ET_be28b447f16d19516aacb239d074d1e00082e27253e9f1aceba108da8203b6ef
Product-ID: 186379
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Referer
Access-Control-Allow-Headers: *

Response headers

date: Sun, 22 Oct 2023 05:32:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
front-end-https: off
access-control-max-age: 86400
access-control-allow-methods: GET, PUT, POST, OPTIONS, DELETE
access-control-allow-origin: https://portal.ertcexpress.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J0JYq%2BQQPc7%2Bm6SXQQrsPFjXfgjjafufRai274jxN%2Bmb6VjJK1Ls4qWVCCTmCqM8Nm2EtlYMwrZ7IrzZWNXta73Qv0eK2N3791UT7nfnmC7CiW%2BKkTgizfiaukJAawKQvZVfMBjOnOkXfUEftg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers: Session-ID
access-control-allow-credentials: true
content-type: application/json;charset=UTF-8
cf-ray: 819f5c180eeef583-NRT
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
route.ertc.com/v1/lst	1970-01-21 01:15:12	Name: __mh_tt_s Value: HB-ET_be28b447f16d19516aacb239d074d1e00082e27253e9f1aceba108da8203b6ef
covid-19taxrecovery.com/	1969-12-31 23:59:59	Name: htmega_has_count-2 Value: htmega_already_count
.hubspot.com/	1970-01-20 15:39:14	Name: __cf_bm Value: O9y6ugvO5QI.OUlw71cT6asKuszCkUu9Bx6yIzj_S3Y-1697952745-0-AelksvntBoqTMPaqHQTM8c2qqICRV8DIgSJfbpPL6i4tmn7I4fAQYV2f7awXKepIRh5fETXsH6fSjNoAovL6Djc=
.doubleclick.net/	1970-01-20 15:39:13	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acrobatservices.adobe.com
api.hubapi.com
cdn.ertcexpress.com
connect.facebook.net
covid-19taxrecovery.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsadspixel.net
maps.googleapis.com
portal.ertcexpress.com
route.ertc.com
static.cloudflareinsights.com
track.hubspot.com
www.facebook.com
www.google.co.jp
www.google.com
www.googletagmanager.com
2404:6800:4004:80f::200a
2404:6800:4004:811::2008
2404:6800:4004:818::2004
2404:6800:4004:81d::2002
2404:6800:4004:81e::200a
2404:6800:4004:823::2003
2404:6800:4004:824::2003
2600:140b:1a00:b::17c8:3708
2606:4700:20::ac43:4785
2606:4700:3036::ac43:9b33
2606:4700:4400::6812:22e5
2606:4700::6810:3865
2606:4700::6810:50ba
2606:4700::6810:bf59
2606:4700::6811:cbcc
2606:4700::6811:e5a3
2606:4700::6813:9b53
2a03:2880:f00f:8:face:b00c:0:1
2a03:2880:f10f:83:face:b00c:0:25de
91.191.214.162
001099934d9c715560ff8c13539a61aef6ee9458f7f4363c586d62cd39aea6e6
070b7d89cff01806f23c0e4e10c5820955064ab7c451ae52ca1a4d0d65a770a1
09ea064d0d74a5f579d8bd9f89993b77c512bceb089db62455bc9769c32097ba
0b948623d7d318e3f4ed638f0696771e3d640bc6356763fbb0205fb85bf38fb4
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
1c4a55d404d8ab3dd9599b71fb1c1154117fd9ab44922ae9e4d24e60cf52e9d8
214674cc77aba35ab3567b88e2739fd08e8e96c61d279559ad61874069683ea0
22fbb5eff578438da0e7dac3f5613495aa7997f245952e11fa24e4ec085a1880
2a6bda3553569fc700de73f81edc96180d144db1e05a702bc9854dbe14961c5e
306a94cac80aef83d1131851d446811553bde4387ec0d93dfb4a671514f0b274
3436a3567df14bd76a0e5b2ab1edba77ff61c49fb811b64de0dd23899103ecdc
3467f3eee5c95a86bb4992918b1368458185bf349949f862e6e3c5954fcd69f9
37bab6cd583982e8eff58501a99d7c5c4d63664c1ca34f9e3b7cf526c5b73ae2
3a441e6cc68582383acadbd865464293482567b0f58f81b70631ec5e1c039374
3ad46f8236bfa1c9c5e3739c6d02fee08a6aa078630c8692b84c26c0283b1652
3d95841bd5ae6655a3c5ebe534fae99d5cb088aaf0b0916bbe62c7bbf1bb0388
40469bc33a6c3f5e9b0f6e6a06535ba1b6f37a5c1dbc1238bbbc1917d143fab1
413237d22e25097e3cee2595c2cedccc0d680158bd638a421aecaa1a7237321f
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
49cc70f01a24fa93d97dbb6568321be1296f84e6bc4552645f47c461c94c127f
49d97362121993208eb1972755ffaf866da0905998482bbf4965f2a0cc34a574
4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032
4f54b99785acc4da20eed75eb0bf1505a4c155f1234a5fd315b0be963536220f
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5a17aed63dbba092fb1dcc26885c624f8fe56aa02d840ff3f67833952899c5d7
5b122f334cf09f2b45962ab0b316f54c7d2d3cc33c0bd2a5a2489743c610f196
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5ff9e1789aa671352c261693750b28f50cda54b2c1a2e50372434c26d9589e55
60865838dfab75ad5046e5dfa87cd2fdc6794380be62e1a53c7d01cdd7161a4e
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
63aaa27a904bf63aa8c6e177abd2f389756b6ca2df27f9159c4564dcdb49bc6d
64aa7a01c38e5f51aa6b7cd48decf2bd9ef228857df6ff47b0f58b38c1bdfc30
661ec165a5d9b2a9fc7e1fcf14d263d61365fe37aa271c3623d3fc8e2b5fde02
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
698b098bb6b72887272b825cbbf12338bc3eec9f104f13ce447a1568f0339b9c
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
6b0a49e9aac3aaee72ee6a03c6331fd21c7316791eb38a92a75e1feccd1573fc
6b5a1116fedf74e888369da43f27b4ea6e21a7c5b3e3dde3227da6c21a2ef67c
6e3c396b628167bd2a632101eac961971b856090af709508a5c506d99bbd5484
72eaa2d2a676496321769450c1977489f106bbd46b8ec8f8de9303a9507ba916
76165601b100d2a490189d0521eb1fd9729f7008a75e359170b4b699c06c7d59
771730781accfc4376e3659f8785f1a4c3bc9b2423b846968c340febf63ba5f9
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7f2b3b7d278167daa4bf1b4bb36d73163963b7b2f54a8232d58bee72ffc3b0bb
804450485eaf4bb82539fb2265a99570644edda9b13d8eaa89e098a9aa62fa6a
8253b452c021ea2c6071bea2992927a8e0a3d267bf6a776ff324067910d24487
8bee029e127fcd94cb1e04e7794e06a260d3c04f0e9849999a89dff7312a5306
8e0c69a2f0fcdf6fb91c41427992ef3b25cdd1e3ad0de4b82d5c55d82515c0c8
8e67594ad4af2d8ce12a9a539e57d842d8e2520cca79f018303c456aa12f97f4
92ebce4ec69d541063f847087b2d1427041dd58a56ae3eade2a4e6e5012652d6
94004fac68d16a60d66c399f154edbb1a2d1fa2146fb73cd42d697704a85a0ae
9603078d83691c1cc2badd9655952460d4fcd62d78966655a00ad9eecb3eb016
987f6630e4a1f8f6103b7fc7eac467293788fdfcf7cb6f63d5739d705c95bd2a
9acd284e7a9acfcaa479887f26bc0e972c17859c31bdac7b629561590c6a28d3
9c31a014c17b72f36eadba67add0dd225a238265895ba5729870f9ad469f0a95
a0c3e823a07498a845daa25db9e85afdb4a985866f00b4cf1518f363336cd030
a0e777768145abf5ec388ec18c094f17c51e8a6e6a7d5c12e5b37304758494ae
a49078732b54fb2767d28ce73ac556b84d43dbbe8ffcabcd33e45ce423c42c63
abc7d4f620aa5dafbc0477ad4113c68c2deb5289add3d68a632ce68da28dd0cc
adfdeb4d7e4a5f5de6839a079fd8816135a5bcb6c6acb9e546ef4a66c62c18d4
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b8b930490397895660eafb90cf0718d66b65d24103f7aaf6c5da0cb0cea13d1b
bd357c43f8f306702746b70da854577da2ea99647deead986bd758e35fb21e50
bf0d2fbc27d54a1df417599f2d14039a7fcd0df06803036e7bedcc7aa48f83b5
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c5354cf09ffa00326e1e3f941eceb22c2ef542798a3bd1b6b223a6b4ea5f65c4
c84b9432dad75b6cce98abcd62eecccc82cf4e293e92f80678d8d50bd1060cfe
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca6af30f771c29faf14116175ceeb54f11e6a922f1e4a7d9327a4d370a7750c1
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cf6653c72c7aa6cbbbe4ed0b4713a48a8bf9c80c6cbbb7284a9e4889dc97897e
d01a2ba2805c78957e15a2958135de0f3cb88e95159dd0f6c0a032bd76b1b0e9
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d2c27793dfafc5f892933fb0ada6c22b49bd2b991bc19ebd1b7abdcede029de2
d622534d53d3ac1095af275f0b30274fcd835785577df2dde6d9398e6f7a2c8f
d6c6b4956a7df11934a1ae164470d441ba297ccc4b898a5614425162f321d180
d757b17930dab5c1ab132f0ef33fef687c90dc99926bcfe5580b2941d39f516c
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
db7be69d987d1cfaed5fa7ee93a3b4ede6f78a2817512e57b74fc74ef0fa69b6
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcaddde09d5c1500fb67895a243ac1cc9065b079bd13003fdf1b2efec94f6b3e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6105ad2f6c3e71e41e51ec5f4e1f7e70d27847c16d531d41973774089268fec
e6ed06388b8a934651b5005f2ece104a979f56b5fa6203ef4a2d8ab0a60c07dd
e89a2d1718e06cd791ba8e28f0bf9f046b69afebb0371dd6bdf7b8d590bd6e44
e97b124cefcfec1c8e35e99a629c4db1f9c802072cae213a752fce32b43334c9
ed508990efc3630ba5d70d90a54d3fa408ba901a756e7a79aa7cb2aa93e7ab6b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f23f2c22a1a29736dc3bbf4bbe2abc16376b42a14b5236e72809b0f05665132c
f2f7f242fee995f68f1b40eacb9f27ce53d583abf960ed7069b60289a87dcb38
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

covid-19taxrecovery.com Open in urlscan Pro 91.191.214.162 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

105 Requests

98 %HTTPS

95 %IPv6

19 Domains

21 Subdomains

21 IPs

3 Countries

2318 kBTransfer

7250 kBSize

4 Cookies

0 Outgoing links

Redirected requests

105 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

covid-19taxrecovery.com Open in urlscan Pro
91.191.214.162 Public Scan

Screenshot
Live screenshot

Full Image

105
Requests

98 %
HTTPS

95 %
IPv6

19
Domains

21
Subdomains

21
IPs

3
Countries

2318 kB
Transfer

7250 kB
Size

4
Cookies

105 HTTP transactions
0 data transactions