urlscan.io logo urlscan.io
SecurityTrails logo

tax.variantliving.us Open in urlscan Pro
103.76.129.70  Public Scan

Go To Rescan Add Verdict Report
URL: https://tax.variantliving.us/
Submission: On July 01 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 4 domains to perform 34 HTTP transactions. The main IP is 103.76.129.70, located in Jakarta, Indonesia and belongs to IDNIC-IKADA-AS-ID PT Industri Kreatif Digital, ID. The main domain is tax.variantliving.us.
TLS certificate: Issued by E6 on June 29th 2024. Valid for: 3 months.
This is the only time tax.variantliving.us was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 7 103.76.129.70 141968 (IDNIC-IKA...)
5 209.85.201.155 15169 (GOOGLE)
5 172.217.197.154 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
11 209.85.232.100 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 173.194.68.132 15169 (GOOGLE)
1 173.194.68.104 15169 (GOOGLE)
34 9
7    103.76.129.70 (Jakarta, Indonesia)

ASN141968 (IDNIC-IKADA-AS-ID PT Industri Kreatif Digital, ID)
PTR: da1.hostdata.id
tax.variantliving.us
5    209.85.201.155 (United States)

ASN15169 (GOOGLE, US)
PTR: qu-in-f155.1e100.net
pagead2.googlesyndication.com
5    172.217.197.154 (United States)

ASN15169 (GOOGLE, US)
PTR: qa-in-f154.1e100.net
googleads.g.doubleclick.net
2    2607:f8b0:400d:c0d::65 (Morganton, United States)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
11    209.85.232.100 (United States)

ASN15169 (GOOGLE, US)
PTR: qt-in-f100.1e100.net
fundingchoicesmessages.google.com
1    2607:f8b0:400d:c0c::84 (Morganton, United States)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    173.194.68.132 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f132.1e100.net
tpc.googlesyndication.com
1    173.194.68.104 (United States)

ASN15169 (GOOGLE, US)
PTR: qr-in-f104.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
14 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 744
www.google.com — Cisco Umbrella Rank: 5
78 KB
7 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 137
tpc.googlesyndication.com — Cisco Umbrella Rank: 177
296 KB
7 variantliving.us
tax.variantliving.us
41 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 70
34 4
Domain Requested by
13 fundingchoicesmessages.google.com pagead2.googlesyndication.com
7 tax.variantliving.us 1 redirects tax.variantliving.us
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
5 pagead2.googlesyndication.com tax.variantliving.us
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
34 6

This site contains links to these domains. Also see Links.

Domain
generatepress.com
Subject Issuer Validity Valid
tax.variantliving.us
E6		 2024-06-29 -
2024-09-27		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
*.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://tax.variantliving.us/
Frame ID: E4E5521C3DFCFF425DDF263706941D7A
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240625/r20110914/zrt_lookup_fy2021.html
Frame ID: C8DAF267073704292601DB770D6FA414
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5617693718633880&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1719818060&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftax.variantliving.us%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=28~30~31~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=28~30~31~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=28_22~30_23~31_3~27_4~29_11&aiixl=28_4~30_6~31_8~27_3~29_5&aslmct=0.7&asamct=0.7&aisaib=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719818060133&bpp=5&bdt=324&idt=527&shv=r20240625&mjsv=m202406250101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=7125684211045&frm=20&pv=2&ga_vid=1250236823.1719818061&ga_sid=1719818061&ga_hid=878694191&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C31084864%2C44795922%2C95330276%2C95334510%2C95334528%2C95334566%2C95334571%2C95334580%2C95335897%2C95335290%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3386922619379140&tmod=733646314&uas=0&nvt=1&fsapi=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=551
Frame ID: 1DC4F251750CF1B34231186A9DB377E8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5617693718633880&output=html&h=280&slotname=8859441412&adk=3950464019&adf=1705576686&pi=t.ma~as.8859441412&w=1020&abgtt=6&fwrn=4&fwrnh=100&lmt=1719818060&rafmt=1&format=1020x280&url=https%3A%2F%2Ftax.variantliving.us%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719818060153&bpp=3&bdt=344&idt=552&shv=r20240625&mjsv=m202406250101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7125684211045&frm=20&pv=1&ga_vid=1250236823.1719818061&ga_sid=1719818061&ga_hid=878694191&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C31084864%2C44795922%2C95330276%2C95334510%2C95334528%2C95334566%2C95334571%2C95334580%2C95335897%2C95335290%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3386922619379140&tmod=733646314&uas=0&nvt=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=563
Frame ID: C181A35E32FF34E10994DEE0CF95D57F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240625/r20110914/zrt_lookup_fy2021.html
Frame ID: 0E0FCE27C584C707F4379F774AEE33C9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240625/r20110914/zrt_lookup_fy2021.html
Frame ID: 201FAB1AA8CB6DB18522B52DCBF24637
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D414029B710515DCA132329A10C989C1
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B47364A944D92BDD74E19A8B54375DA5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Tax credit – Tax credit

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Page Statistics

34
Requests

91 %
HTTPS

25 %
IPv6

4
Domains

6
Subdomains

9
IPs

2
Countries

415 kB
Transfer

1275 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://tax.variantliving.us/favicon.ico HTTP 302
  • https://tax.variantliving.us/wp-includes/images/w-logo-blue-white-bg.png

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tax.variantliving.us/ 		39 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tax.variantliving.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.76.129.70 Jakarta, Indonesia, ASN141968 (IDNIC-IKADA-AS-ID PT Industri Kreatif Digital, ID),
Reverse DNS
da1.hostdata.id
Software
Apache/2 /
Resource Hash
01b03de0a28758c37583e9bccb8c54219f5e610783345811869ac02410020352

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
10375
content-type
text/html; charset=UTF-8
date
Mon, 01 Jul 2024 07:14:18 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
link
<https://tax.variantliving.us/wp-json/>; rel="https://api.w.org/"
pragma
no-cache
server
Apache/2
vary
Accept-Encoding,User-Agent
x-ua-compatible
IE=edge
style.min.css
tax.variantliving.us/wp-includes/css/dist/block-library/ 		111 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tax.variantliving.us/wp-includes/css/dist/block-library/style.min.css?ver=6.5.5
Requested by
Host: tax.variantliving.us
URL: https://tax.variantliving.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.76.129.70 Jakarta, Indonesia, ASN141968 (IDNIC-IKADA-AS-ID PT Industri Kreatif Digital, ID),
Reverse DNS
da1.hostdata.id
Software
Apache/2 /
Resource Hash
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tax.variantliving.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 07:14:19 GMT
content-encoding
gzip
last-modified
Sat, 29 Jun 2024 20:52:16 GMT
server
Apache/2
etag
"1bae5-61c0d8a0ba4e6-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
14991
main.min.css
tax.variantliving.us/wp-content/themes/generatepress/assets/css/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://tax.variantliving.us/wp-content/themes/generatepress/assets/css/main.min.css?ver=3.4.0
Requested by
Host: tax.variantliving.us
URL: https://tax.variantliving.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.76.129.70 Jakarta, Indonesia, ASN141968 (IDNIC-IKADA-AS-ID PT Industri Kreatif Digital, ID),
Reverse DNS
da1.hostdata.id
Software
Apache/2 /
Resource Hash
bc3b2c1e618a27e485095a3c0db20da5ba2fbfaf3b872ccd6ca35cb19eb37b5d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tax.variantliving.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 07:14:19 GMT
content-encoding
gzip
last-modified
Sat, 29 Jun 2024 20:55:31 GMT
server
Apache/2
etag
"4c6c-61c0d95a80ef3-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
accept-ranges
bytes
content-length
4683
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		157 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5617693718633880
Requested by
Host: tax.variantliving.us
URL: https://tax.variantliving.us/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f155.1e100.net
Software
cafe /
Resource Hash
814e9ea9b02728737d800304a7163bad33e60ea61f373ad3a0f0c1db53a7929b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tax.variantliving.us/
Origin
https://tax.variantliving.us
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 07:14:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52631
x-xss-protection
0
server
cafe
etag
11001095888004156283
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Mon, 01 Jul 2024 07:14:19 GMT
menu.min.js
tax.variantliving.us/wp-content/themes/generatepress/assets/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tax.variantliving.us/wp-content/themes/generatepress/assets/js/menu.min.js?ver=3.4.0
Requested by
Host: tax.variantliving.us
URL: https://tax.variantliving.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.76.129.70 Jakarta, Indonesia, ASN141968 (IDNIC-IKADA-AS-ID PT Industri Kreatif Digital, ID),
Reverse DNS
da1.hostdata.id
Software
Apache/2 /
Resource Hash
395121e5b9981325951ef88bec68d065d23087b16a70d4459109e1dd84a10936

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tax.variantliving.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 07:14:19 GMT
content-encoding
gzip
last-modified
Sat, 29 Jun 2024 20:55:31 GMT
server
Apache/2
etag
"1b2d-61c0d95a8ed9c-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
1693
a653cc7a-51e0-4131-a9d6-1a04a9e7f8d3
https://tax.variantliving.us/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://tax.variantliving.us/a653cc7a-51e0-4131-a9d6-1a04a9e7f8d3
Requested by
Host: tax.variantliving.us
URL: https://tax.variantliving.us/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
1185
Content-Type
text/javascript
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/ 		425 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5617693718633880
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f155.1e100.net
Software
cafe /
Resource Hash
84d8bf1092b01959aa9abeb869f7ca3c88a05f6f2ecacf636ce6c691506786d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tax.variantliving.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 07:14:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
146921
x-xss-protection
0
server
cafe
etag
15143029555565528937
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jul 2024 07:14:20 GMT
wp-emoji-release.min.js
tax.variantliving.us/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tax.variantliving.us/wp-includes/js/wp-emoji-release.min.js?ver=6.5.5
Requested by
Host: tax.variantliving.us
URL: https://tax.variantliving.us/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.76.129.70 Jakarta, Indonesia, ASN141968 (IDNIC-IKADA-AS-ID PT Industri Kreatif Digital, ID),
Reverse DNS
da1.hostdata.id
Software
Apache/2 /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tax.variantliving.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 07:14:20 GMT
content-encoding
gzip
last-modified
Sat, 29 Jun 2024 20:52:16 GMT
server
Apache/2
etag
"4926-61c0d8a0da889-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/javascript
accept-ranges
bytes
content-length
5062
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240625/r20110914/ Frame C8DA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240625/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://tax.variantliving.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
15824
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4164
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jul 2024 02:50:36 GMT
etag
9187630395144177108
expires
Mon, 15 Jul 2024 02:50:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1DC4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5617693718633880&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1719818060&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftax.variantliving.us%2F&pra=5&wgl=1&easpi=0&aihb=0&asro=0&ailel=28~30~31~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aiael=28~30~31~27~29~1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24&aifxl=28_22~30_23~31_3~27_4~29_11&aiixl=28_4~30_6~31_8~27_3~29_5&aslmct=0.7&asamct=0.7&aisaib=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719818060133&bpp=5&bdt=324&idt=527&shv=r20240625&mjsv=m202406250101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=7125684211045&frm=20&pv=2&ga_vid=1250236823.1719818061&ga_sid=1719818061&ga_hid=878694191&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C31084864%2C44795922%2C95330276%2C95334510%2C95334528%2C95334566%2C95334571%2C95334580%2C95335897%2C95335290%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3386922619379140&tmod=733646314&uas=0&nvt=1&fsapi=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=551
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://tax.variantliving.us/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
63892
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jul 2024 07:14:21 GMT
expires
Mon, 01 Jul 2024 07:14:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C181 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5617693718633880&output=html&h=280&slotname=8859441412&adk=3950464019&adf=1705576686&pi=t.ma~as.8859441412&w=1020&abgtt=6&fwrn=4&fwrnh=100&lmt=1719818060&rafmt=1&format=1020x280&url=https%3A%2F%2Ftax.variantliving.us%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW4zMiIsIjEwLjAuMCIsIng4NiIsIiIsIjEyNi4wLjY0NzguMTI2IixudWxsLDAsbnVsbCwiNjQiLFtbIk5vdC9BKUJyYW5kIiwiOC4wLjAuMCJdLFsiQ2hyb21pdW0iLCIxMjYuMC42NDc4LjEyNiJdLFsiR29vZ2xlIENocm9tZSIsIjEyNi4wLjY0NzguMTI2Il1dLDBd&dt=1719818060153&bpp=3&bdt=344&idt=552&shv=r20240625&mjsv=m202406250101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=7125684211045&frm=20&pv=1&ga_vid=1250236823.1719818061&ga_sid=1719818061&ga_hid=878694191&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=40&ady=367&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759837%2C31084864%2C44795922%2C95330276%2C95334510%2C95334528%2C95334566%2C95334571%2C95334580%2C95335897%2C95335290%2C31078663%2C31078668%2C31078670&oid=2&pvsid=3386922619379140&tmod=733646314&uas=0&nvt=1&fc=1920&brdim=20%2C20%2C20%2C20%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=563
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://tax.variantliving.us/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jul 2024 07:14:21 GMT
expires
Mon, 01 Jul 2024 07:14:21 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/ 		169 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f155.1e100.net
Software
cafe /
Resource Hash
e0562b90115b34203a0932ce6572c11de569c6025970ab723255af3daa181f08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tax.variantliving.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 07:14:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58331
x-xss-protection
0
server
cafe
etag
15236099207347308053
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 01 Jul 2024 07:14:21 GMT
ca-pub-5617693718633880
fundingchoicesmessages.google.com/i/ 		199 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-5617693718633880?href=https%3A%2F%2Ftax.variantliving.us&ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::65 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9440bf19aa44097134c147505679fbc68e44d423b2191fb45bdef05221f1b700
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Q5-vPLUUpwAuOVQ5mJHT5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tax.variantliving.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 07:14:21 GMT
content-security-policy
script-src 'report-sample' 'nonce-Q5-vPLUUpwAuOVQ5mJHT5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjCtDikmII0JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgFuLhOLuucwubwIWnXb8ZlTSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMzIzM9QxM4wsMAACTOiQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX0kbVwojj52sUrQAksMDUU1HrjgWMSIr6q8h5BSpvx_0MLN3QWO6I0P8m4AShcwl-Mnw0VAcA4e_Jw1LX7pE1li6_Q14exGntqoHJ6sMTMY1DS0NBPJ6dTzD2DkHTnb1nZ_DLehg==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX0kbVwojj52sUrQAksMDUU1HrjgWMSIr6q8h5BSpvx_0MLN3QWO6I0P8m4AShcwl-Mnw0VAcA4e_Jw1LX7pE1li6_Q14exGntqoHJ6sMTMY1DS0NBPJ6dTzD2DkHTnb1nZ_DLehg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE5ODE4MDYxLDcyMTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly90YXgudmFyaWFudGxpdmluZy51cy8iLG51bGwsW1s4LCJCX29FQnNvYmtJOCJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsyMiwiZmFsc2UiXSxbMjAsIltudWxsLG51bGwsWzMxMDg0MjY4XSxudWxsLDEyXSJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.B_oEBsobkI8.es5.O/am=GAY/d=1/rs=AJlcJMyXuXVqQx12-MGZjyIzxtIx8pjH9g/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0d::65 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f3904584fd0c0b7e4bd6b50daa018db09c1f16751d19740edbfb6d757d3db1c8
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-dvWqWA40td2oWqTat7YLkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tax.variantliving.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 07:14:21 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-dvWqWA40td2oWqTat7YLkw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmJw1JBiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgFuLhOLuucwubwIrdLz8yKWkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYmBmZ6xmYxhcYAAD5CjoZ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240625/r20110914/ Frame 0E0F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240625/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://tax.variantliving.us/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
15824
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4164
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jul 2024 02:50:36 GMT
etag
9187630395144177108
expires
Mon, 15 Jul 2024 02:50:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240625/r20110914/ Frame 201F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240625/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.197.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qa-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://tax.variantliving.us/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

age
15824
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4164
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jul 2024 02:50:36 GMT
etag
9187630395144177108
expires
Mon, 15 Jul 2024 02:50:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
frontale.
fundingchoicesmessages.google.com/f/AGSKWxXvWg4VTeh5ReYawIpp3rhdvZpiMzNzcyPAHkPZ3AZ_luxJjunSOBVdaMs11EsFW0_LE8MMNcziqeHyRt3mrT3Tdf3PKHuKF4t97sNmdr46l1KRi4EAoSIn33bjLHyBx4VYxkZi2eCxRC_tAtwURBDLqjkxG... 		54 B
109 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXvWg4VTeh5ReYawIpp3rhdvZpiMzNzcyPAHkPZ3AZ_luxJjunSOBVdaMs11EsFW0_LE8MMNcziqeHyRt3mrT3Tdf3PKHuKF4t97sNmdr46l1KRi4EAoSIn33bjLHyBx4VYxkZi2eCxRC_tAtwURBDLqjkxG2B0XatfBBL7ryWQhVhwciUCeKLrKhKy/_-ad-plugin--popexit./Disable%2BAdblock..ga/ads./nb/frontale.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.B_oEBsobkI8.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwx1oATGFmcqz2aLvOy9AgDUOQxuw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f100.1e100.net
Software
ESF /
Resource Hash
eee5eb633615ac34a0aef6632ce1c54583cb1b55586b0e6d9ea85621b19f3521
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-uSZ72aHLI5-wILXiVkCYjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tax.variantliving.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 07:14:22 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-uSZ72aHLI5-wILXiVkCYjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjitDikmLw0JBiOHHrNtMFID7vdIfpOhBLfH3JpAbETukzWAOA2Kd-BmsUELfePMc6GYg_Pz7H-huIk_6dZy0A4iURF1kPJF5kPfj4IutJIBbi4Ti3rnMLm8CNu9duMippJOUXxifn55UUZSaVluQXpSWnpRanFpWlFsUbGRiZGJgZmesZmMYXGAAArlo_VQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
rum.js
pagead2.googlesyndication.com/pagead/js/ 		68 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.B_oEBsobkI8.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwx1oATGFmcqz2aLvOy9AgDUOQxuw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f155.1e100.net
Software
cafe /
Resource Hash
aff29bea3eb01d73c6f9b5b41867f0d3a9cec6204e88822a99dd6fdbbcc34e4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tax.variantliving.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 06:52:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
1291
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25678
x-xss-protection
0
server
cafe
etag
6704855416901562528
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 01 Jul 2024 07:52:51 GMT
AGSKWxUHsrKln6KzwzV_9e7XzaQHV72ZamblN_J3N7OpZ-60R28k9y1VpjYPpnBGPO6ZpS6mX9bAOAStvRERfmvsfRotnsArgdViW4tT1LZ8GqddSPPXbMB5P47PG-O53H1Bqi4pJHfgmQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUHsrKln6KzwzV_9e7XzaQHV72ZamblN_J3N7OpZ-60R28k9y1VpjYPpnBGPO6ZpS6mX9bAOAStvRERfmvsfRotnsArgdViW4tT1LZ8GqddSPPXbMB5P47PG-O53H1Bqi4pJHfgmQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.B_oEBsobkI8.es5.O/am=GAY/d=1/rs=AJlcJMyXuXVqQx12-MGZjyIzxtIx8pjH9g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lbHCPUbcUPL21UUjiSHGkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://tax.variantliving.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Jul 2024 07:14:22 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-lbHCPUbcUPL21UUjiSHGkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw15BiWMS_i8kpfQZrCBB_fnyO9TcQL4m4yHok8SKrEA_HuXWdW9gEJjz_OJ1JySUpvzA-OT-vJDWvRDcxpVgXxC7KTCotyS9CYaeWgVTk5KenZ-alxxsZGJkYmBmZ6xmYxRcYAAD_Ky1Z"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://tax.variantliving.us
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUHsrKln6KzwzV_9e7XzaQHV72ZamblN_J3N7OpZ-60R28k9y1VpjYPpnBGPO6ZpS6mX9bAOAStvRERfmvsfRotnsArgdViW4tT1LZ8GqddSPPXbMB5P47PG-O53H1Bqi4pJHfgmQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUHsrKln6KzwzV_9e7XzaQHV72ZamblN_J3N7OpZ-60R28k9y1VpjYPpnBGPO6ZpS6mX9bAOAStvRERfmvsfRotnsArgdViW4tT1LZ8GqddSPPXbMB5P47PG-O53H1Bqi4pJHfgmQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.B_oEBsobkI8.es5.O/am=GAY/d=1/rs=AJlcJMyXuXVqQx12-MGZjyIzxtIx8pjH9g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-i3Z-wzHSNXiuLrTUGgiXpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://tax.variantliving.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Jul 2024 07:14:22 GMT
content-security-policy
script-src 'report-sample' 'nonce-i3Z-wzHSNXiuLrTUGgiXpw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1JBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw3FuXecWNoEZK5_NYFJyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgZmRuZ6BmbxBQYASWkrqg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://tax.variantliving.us
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUHsrKln6KzwzV_9e7XzaQHV72ZamblN_J3N7OpZ-60R28k9y1VpjYPpnBGPO6ZpS6mX9bAOAStvRERfmvsfRotnsArgdViW4tT1LZ8GqddSPPXbMB5P47PG-O53H1Bqi4pJHfgmQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUHsrKln6KzwzV_9e7XzaQHV72ZamblN_J3N7OpZ-60R28k9y1VpjYPpnBGPO6ZpS6mX9bAOAStvRERfmvsfRotnsArgdViW4tT1LZ8GqddSPPXbMB5P47PG-O53H1Bqi4pJHfgmQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.B_oEBsobkI8.es5.O/am=GAY/d=1/rs=AJlcJMyXuXVqQx12-MGZjyIzxtIx8pjH9g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kOVHO86V9XoHZTktiQLUrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://tax.variantliving.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Jul 2024 07:14:22 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-kOVHO86V9XoHZTktiQLUrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0JBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw3FuXecWNoEbve0zmJRckvIL45Pz80pS80p0E1OKdUHsosyk0pL8IhR2ahlIRU5-enpmXnq8kYGRiYGZkbmegVl8gQEAOIorbg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://tax.variantliving.us
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUHsrKln6KzwzV_9e7XzaQHV72ZamblN_J3N7OpZ-60R28k9y1VpjYPpnBGPO6ZpS6mX9bAOAStvRERfmvsfRotnsArgdViW4tT1LZ8GqddSPPXbMB5P47PG-O53H1Bqi4pJHfgmQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUHsrKln6KzwzV_9e7XzaQHV72ZamblN_J3N7OpZ-60R28k9y1VpjYPpnBGPO6ZpS6mX9bAOAStvRERfmvsfRotnsArgdViW4tT1LZ8GqddSPPXbMB5P47PG-O53H1Bqi4pJHfgmQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.B_oEBsobkI8.es5.O/am=GAY/d=1/rs=AJlcJMyXuXVqQx12-MGZjyIzxtIx8pjH9g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-bUUhl7dSAGMk0D-oLhyCSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://tax.variantliving.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Jul 2024 07:14:22 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-bUUhl7dSAGMk0D-oLhyCSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0gDi9BmsIUD8-fE51t9AvCTiIuuRxIusQjwc59Z1bmET2LDq2XQmJZek_ML45Py8ktS8Et3ElGJdELsoM6m0JL8IhZ1aBlKRk5-enpmXHm9kYGRiYGZkrmdgFl9gAABJ4yuz"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://tax.variantliving.us
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVqPIqAo37c7UoXGsAv1vRNpJQUjYIgYRbTYqx13kI_Ptp8w7jLHXgF13PlqP2qhkIApeoqnNN_TxB4jcvaxaQ5RnyA5y-mMkCErBOE-D5n6ta7HlVOZmmhkfSD7-H8hnN2__H3gQ==
fundingchoicesmessages.google.com/f/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVqPIqAo37c7UoXGsAv1vRNpJQUjYIgYRbTYqx13kI_Ptp8w7jLHXgF13PlqP2qhkIApeoqnNN_TxB4jcvaxaQ5RnyA5y-mMkCErBOE-D5n6ta7HlVOZmmhkfSD7-H8hnN2__H3gQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE5ODE4MDYyLDQ4NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vdGF4LnZhcmlhbnRsaXZpbmcudXMvIixudWxsLFtbOCwiQl9vRUJzb2JrSTgiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMjIsImZhbHNlIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4NDI2OF0sbnVsbCwxMl0iXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.B_oEBsobkI8.es5.O/am=GAY/d=1/rs=AJlcJMyXuXVqQx12-MGZjyIzxtIx8pjH9g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f100.1e100.net
Software
ESF /
Resource Hash
d0f41f55ccfc086642f9f58733f6e1049bd4ddf12b4dc63e16ac1d75aae4b0e4
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-dNEo-k5lrATRS67SRUwLPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tax.variantliving.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 07:14:22 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-dNEo-k5lrATRS67SRUwLPA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmLw15BiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgFuLhOLeucwubwIU5uxqZlDSS8gvjk_PzSooyk0pL8ovSktNSi1OLylKL4o0MjEwMzIzM9QxM4wsMAOa6OZI"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUHsrKln6KzwzV_9e7XzaQHV72ZamblN_J3N7OpZ-60R28k9y1VpjYPpnBGPO6ZpS6mX9bAOAStvRERfmvsfRotnsArgdViW4tT1LZ8GqddSPPXbMB5P47PG-O53H1Bqi4pJHfgmQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUHsrKln6KzwzV_9e7XzaQHV72ZamblN_J3N7OpZ-60R28k9y1VpjYPpnBGPO6ZpS6mX9bAOAStvRERfmvsfRotnsArgdViW4tT1LZ8GqddSPPXbMB5P47PG-O53H1Bqi4pJHfgmQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.B_oEBsobkI8.es5.O/am=GAY/d=1/rs=AJlcJMyXuXVqQx12-MGZjyIzxtIx8pjH9g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9f5ZOkJkvVpApYoZA9dKrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://tax.variantliving.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Jul 2024 07:14:22 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-9f5ZOkJkvVpApYoZA9dKrQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0ZBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw3FuXecWNoEbB-7NZ1JyScovjE_OzytJzSvRTUwp1gWxizKTSkvyi1DYqWUgFTn56emZeenxRgZGJgZmRuZ6BmbxBQYAXM8r8w"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://tax.variantliving.us
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWvwZjvbgcLQ3rKJmyA6_kXqoW5WJf5kkGADtsUoCD3p86TH5yMarEG388wTGsAxm1W4wA9neL7J4I4zNx5Gh564lX3aV21Oddih9j3y0sW6VqK51v4h1gpAwSHn54hWUO7RUkKOA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWvwZjvbgcLQ3rKJmyA6_kXqoW5WJf5kkGADtsUoCD3p86TH5yMarEG388wTGsAxm1W4wA9neL7J4I4zNx5Gh564lX3aV21Oddih9j3y0sW6VqK51v4h1gpAwSHn54hWUO7RUkKOA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE5ODE4MDYyLDU3MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMF0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vdGF4LnZhcmlhbnRsaXZpbmcudXMvIixudWxsLFtbOCwiQl9vRUJzb2JrSTgiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMjIsImZhbHNlIl0sWzIwLCJbbnVsbCxudWxsLFszMTA4NDI2OF0sbnVsbCwxMl0iXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.B_oEBsobkI8.es5.O/am=GAY/d=1/rs=AJlcJMyXuXVqQx12-MGZjyIzxtIx8pjH9g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f100.1e100.net
Software
ESF /
Resource Hash
2fe353e209d2f2033a3353426ac94fa0d52310e355bdcac3f96067322cc79771
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-4h-9w_jGibVwOujUO8i1ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tax.variantliving.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 07:14:22 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-4h-9w_jGibVwOujUO8i1ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmJw15BiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgFuLhOLeucwubwI67m5YzKWkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYmBmZ6xmYxhcYAADvADnR"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU0M8WvMUr2irUYbdf_d1ODMNimzqvSmUkWu15thIYgnF1lbaodLiwaL17o7k9FOmQOfvdC1crKd9oH1RGIw2rAkMqXlFGlV496NeJcl8YjA2pIZW7UNJEZ5F7lY8eYLqH8YiF1hA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU0M8WvMUr2irUYbdf_d1ODMNimzqvSmUkWu15thIYgnF1lbaodLiwaL17o7k9FOmQOfvdC1crKd9oH1RGIw2rAkMqXlFGlV496NeJcl8YjA2pIZW7UNJEZ5F7lY8eYLqH8YiF1hA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzE5ODE4MDYyLDY0OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsNiwxMCw5XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly90YXgudmFyaWFudGxpdmluZy51cy8iLG51bGwsW1s4LCJCX29FQnNvYmtJOCJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsyMiwiZmFsc2UiXSxbMjAsIltudWxsLG51bGwsWzMxMDg0MjY4XSxudWxsLDEyXSJdLFsxOSwiMiJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.B_oEBsobkI8.es5.O/am=GAY/d=1/rs=AJlcJMyXuXVqQx12-MGZjyIzxtIx8pjH9g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f100.1e100.net
Software
ESF /
Resource Hash
177c3c860ee677b6a49e3bb895d8f7838aed78ecba6ff3d9f65aa8128909d5c4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FkZ2nqw1IAhq7CTruLE-VA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tax.variantliving.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 07:14:22 GMT
content-security-policy
script-src 'report-sample' 'nonce-FkZ2nqw1IAhq7CTruLE-VA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjCtDikmLw15BiOO90h-k6EEt8fcmkBsRO6TNYA4DYp34GaxQQt948xzoZiD8_Psf6G4iT_p1nLQDiJREXWQ8kXmQ9-Pgi60kgFuLhOLeucwubwI4Hmy8wKWkk5RfGJ-fnlRRlJpWW5BelJaelFqcWlaUWxRsZGJkYmBmZ6xmYxhcYAAD64zoG"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVM3oZlbzdhRULVYPWGxRhqHdMscmzywYj5EqQalAzt8LHj8IOeYB6qt5qMvEgBHhto3lDZ2PZpIS_yCjq25Fh23bqZFX0NUP-uARxjF6LKvO6252cFk4_bCjz8CNstcrLX5T6_2g==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVM3oZlbzdhRULVYPWGxRhqHdMscmzywYj5EqQalAzt8LHj8IOeYB6qt5qMvEgBHhto3lDZ2PZpIS_yCjq25Fh23bqZFX0NUP-uARxjF6LKvO6252cFk4_bCjz8CNstcrLX5T6_2g==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.B_oEBsobkI8.es5.O/am=GAY/d=1/rs=AJlcJMyXuXVqQx12-MGZjyIzxtIx8pjH9g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-iVq29Ok_gs9iUSwjBYjFlA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://tax.variantliving.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Jul 2024 07:14:22 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-iVq29Ok_gs9iUSwjBYjFlA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1JBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw3FuXecWNoEFxzo-MCm5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjEwMzI3M9A7P4AgMATpUrwQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://tax.variantliving.us
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUHsrKln6KzwzV_9e7XzaQHV72ZamblN_J3N7OpZ-60R28k9y1VpjYPpnBGPO6ZpS6mX9bAOAStvRERfmvsfRotnsArgdViW4tT1LZ8GqddSPPXbMB5P47PG-O53H1Bqi4pJHfgmQ==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUHsrKln6KzwzV_9e7XzaQHV72ZamblN_J3N7OpZ-60R28k9y1VpjYPpnBGPO6ZpS6mX9bAOAStvRERfmvsfRotnsArgdViW4tT1LZ8GqddSPPXbMB5P47PG-O53H1Bqi4pJHfgmQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.B_oEBsobkI8.es5.O/am=GAY/d=1/rs=AJlcJMyXuXVqQx12-MGZjyIzxtIx8pjH9g/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.232.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qt-in-f100.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6mz_yg52FWVIJolC8l1VAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform
"Win32"
Referer
https://tax.variantliving.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 01 Jul 2024 07:14:22 GMT
content-security-policy
script-src 'report-sample' 'nonce-6mz_yg52FWVIJolC8l1VAA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1pBicEqfwRoCxJ8fn2P9DcRLIi6yHkm8yCrEw3FuXecWNoGGaVv-Mym5JOUXxifn55Wk5pXoJqYU64LYRZlJpSX5RSjs1DKQipz89PTMvPR4IwMjEwMzI3M9A7P4AgMATHkrtg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://tax.variantliving.us
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240625&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
209.85.201.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qu-in-f155.1e100.net
Software
cafe /
Resource Hash
037e3e84f5fdb1660150ab23c5cb319cc261eb1d537c10e661c01dcead4dcf40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tax.variantliving.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 07:14:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12639
x-xss-protection
0
w-logo-blue-white-bg.png
tax.variantliving.us/wp-includes/images/
Redirect Chain
  • https://tax.variantliving.us/favicon.ico
  • https://tax.variantliving.us/wp-includes/images/w-logo-blue-white-bg.png
4 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://tax.variantliving.us/wp-includes/images/w-logo-blue-white-bg.png
Protocol
H2
Server
103.76.129.70 Jakarta, Indonesia, ASN141968 (IDNIC-IKADA-AS-ID PT Industri Kreatif Digital, ID),
Reverse DNS
da1.hostdata.id
Software
Apache/2 /
Resource Hash
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://tax.variantliving.us/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 01 Jul 2024 07:14:23 GMT
last-modified
Sat, 29 Jun 2024 20:52:16 GMT
server
Apache/2
accept-ranges
bytes
etag
"1017-61c0d8a0b3b6d"
content-length
4119
content-type
image/png

Redirect headers

expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
date
Mon, 01 Jul 2024 07:14:22 GMT
server
Apache/2
x-redirect-by
WordPress
vary
User-Agent
content-type
text/html; charset=UTF-8
location
https://tax.variantliving.us/wp-includes/images/w-logo-blue-white-bg.png
cache-control
no-store, no-cache, must-revalidate
link
<https://tax.variantliving.us/wp-json/>; rel="https://api.w.org/"
content-length
0
x-ua-compatible
IE=edge
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202406250101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0c::84 Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://tax.variantliving.us/
Accept-Language
en-US,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 07:14:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 01 Jul 2024 07:14:22 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D414 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f132.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://tax.variantliving.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
age
521113
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Jun 2024 06:29:10 GMT
expires
Wed, 25 Jun 2025 06:29:10 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B473 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.68.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qr-in-f104.1e100.net
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hTYo5gum123fDXask30NXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9;q=0.9
Referer
https://tax.variantliving.us/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-hTYo5gum123fDXask30NXA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 01 Jul 2024 07:14:23 GMT
expires
Mon, 01 Jul 2024 07:14:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240625&jk=3386922619379140&bg=!NzSlNHvNAAb64txl2uI7ADQBe5WfOLmLfCU2a_Fb_UbTT-ozAxCqCp70gWwH2X6_k891_aePeQOcet2BdGzmyqiodMrOAgAAAD9SAAAAA2gBB34ANeiEZ53dDPtgMmhV4cF5heN7k12hzIbRBS1j-L2gMphMuWDbCfPd4gfuLrFomdBfDGImvkeqmQKk7bPrDvKlJDcL7I-BTzH7f1hf3CpzDUhtjPO1znvaKEA8JigMDifI_qW54Wnug9-PgisS_JJiqhC5lpDCuZ8ImIczJfcmbv46Kon62NMpm9MG9_EIz89FytEk4oaoQlfcn6HGAay4dLtSJAuOWM0yN8ZDr6GC-FAiL2yLd4HWKSw8EPi9iDe9D1FK8xrByrN8R07tl9YUEOfbEdyXt9MKdQhZ8XeUQvIpL-qllejFoX_WKQ4YuFyWV7P3H9I6Km3ffD04uVfuq-KQxEIkqXw_cHLcReqwsnJmjmHWBdn0XUe1UwuGBLtQvzxTNzv2rLxPoUO1qNGRoSVFlzznoGfbGrb1imQwPECI45AYS9B0xhS9DMsETTab1La42CG8geJzyypWFBFVmiWN0JTjS3twBRfUdo4P43pmRs51qq1kwn-a3Ygrb3UZyj14GyqREXTDIax5j6ai4v133HWrZcICCVvi_NJYGzVIED3dMiHQh0tsdWobjPJWZ73T1PgrMBX6TNb5taA9l808LF983Gj2pGApZZlJ1fmFhBy-mCa4Z08GnVkdkz8Sqh0KfXsMWbb8G5nEwCsYo65GsKv2mesKtaDxkVkV63ZVO8QJ1EKPRMB74oBmu7uJQDxsjf0U3MExGy35EusM-6f0T-CUgqLFVY2BgTVgUKZvtSz6nK1hddFiW_pczM5AQ0qacabjnMF_GmOW_3pUNHFNXDLiTifr64BD3D9BGTJ4DEQdpMNZW6xE9pT75RP3lInQ_OvR9LF9LAKFAoNzZGqzRJVLZwjZ4GlujHEde20IZizvdKWC4RQOZF3CwGBRlzdxKWrCcqNH5C961jwOzpbnosVYWIb_vddAvqxKdPp9s12iogFhcZwZNGw0e9_kcvuKJSdEKuDfEAYdSA

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 undefined| event object| fence object| sharedStorage object| _wpemojiSettings object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| generatepressMenu object| twemoji object| wp function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| MzA3ZjQyOTFkYmE5MGY3ZGxvYWRlcl9qcw== string| MzA3ZjQyOTFkYmE5MGY3ZGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady object| googletag object| _google_rum_ns_ boolean| 9f75e980-e05c-4de7-8399-fbe032ecf36d undefined| google_rum_values object| GoogleGcLKhOms object| google_image_requests

14 Cookies

Domain/Path Name / Value
tax.variantliving.us/ Name: PHPSESSID
Value: d001318fdbb7834e459ba09b496fa671
.variantliving.us/ Name: __gads
Value: ID=7bf92048c4a9b679:T=1719818060:RT=1719818060:S=ALNI_MYABRVPbxNMMbc8Nat7YOCF0hn31A
.variantliving.us/ Name: __gpi
Value: UID=00000db1e1e37a70:T=1719818060:RT=1719818060:S=ALNI_Mb9iHENxmauQZ737bnHqYJn6Q_V7Q
.variantliving.us/ Name: __eoi
Value: ID=ef1132bf93154040:T=1719818060:RT=1719818060:S=AA-AfjZlsbEpUP4RcU7Rr_CJkXop
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: APC
Value: AfxxVi6KAhu2cN9rwirfHmZkNcgRz37LiJsOeQ3lDXDwMi02yDDzkg
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUnSODG0jP0FYLqbmQnnDXuryHU05SG3W8GH5WlvxjpkQ7sEsxR1Eku_o39X
.doubleclick.net/ Name: ar_debug
Value: 1
.casalemedia.com/ Name: CMID
Value: ZoJXTsAoJJ8AAAslAZbdGwAA
.casalemedia.com/ Name: CMPS
Value: 1635
.casalemedia.com/ Name: CMPRO
Value: 1635
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.variantliving.us/ Name: FCNEC
Value: %5B%5B%22AKsRol8rWu5QT8oNkxYz_t48iqoqKfrARhGphhngcph13VrtMrixikg12l_RsaT84i8Z8AXheyar91rHgyUwXU4B29CzOgZDhLNctCuUDP7GAvxXBo5Fp81k9EiW9vXJkZWMeolbpYvqrqdc1ykIZcovm0Va-wAfGw%3D%3D%22%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tax.variantliving.us
tpc.googlesyndication.com
www.google.com
pagead2.googlesyndication.com
103.76.129.70
172.217.197.154
173.194.68.104
173.194.68.132
209.85.201.155
209.85.232.100
2607:f8b0:400d:c0c::84
2607:f8b0:400d:c0d::65
01b03de0a28758c37583e9bccb8c54219f5e610783345811869ac02410020352
037e3e84f5fdb1660150ab23c5cb319cc261eb1d537c10e661c01dcead4dcf40
177c3c860ee677b6a49e3bb895d8f7838aed78ecba6ff3d9f65aa8128909d5c4
2fe353e209d2f2033a3353426ac94fa0d52310e355bdcac3f96067322cc79771
395121e5b9981325951ef88bec68d065d23087b16a70d4459109e1dd84a10936
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5b9f9afe7621ec465573f58064f5bef3a229e5e19362351168fd211f6a28bb5c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6bdb369337ac2496761c6f063bffea0aa6a91d4662279c399071a468251f51f0
814e9ea9b02728737d800304a7163bad33e60ea61f373ad3a0f0c1db53a7929b
84d8bf1092b01959aa9abeb869f7ca3c88a05f6f2ecacf636ce6c691506786d5
9440bf19aa44097134c147505679fbc68e44d423b2191fb45bdef05221f1b700
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
aff29bea3eb01d73c6f9b5b41867f0d3a9cec6204e88822a99dd6fdbbcc34e4a
bc3b2c1e618a27e485095a3c0db20da5ba2fbfaf3b872ccd6ca35cb19eb37b5d
d0f41f55ccfc086642f9f58733f6e1049bd4ddf12b4dc63e16ac1d75aae4b0e4
e0562b90115b34203a0932ce6572c11de569c6025970ab723255af3daa181f08
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eee5eb633615ac34a0aef6632ce1c54583cb1b55586b0e6d9ea85621b19f3521
f3904584fd0c0b7e4bd6b50daa018db09c1f16751d19740edbfb6d757d3db1c8