Overview

URL yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/
IP185.241.124.33
ASNBuzinessware FZCO
Location United Arab Emirates
Report completed2022-09-16 03:54:43 UTC
StatusLoading report..
urlquery Alerts Scam / Fake AntiVirus


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (18)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS stats.g.doubleclick.net (1) 96 2013-06-02 22:47:44 UTC 2022-09-15 04:51:17 UTC 142.251.1.156
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-15 04:50:53 UTC 34.117.237.239
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-15 05:55:58 UTC 44.242.32.27
mnemonic passive DNS yourtaxadvice.com (48) 0 2020-07-31 12:31:32 UTC 2022-09-07 18:10:30 UTC 185.241.124.33 Unknown ranking
mnemonic passive DNS ocsp.pki.goog (12) 175 2017-06-14 07:23:31 UTC 2022-09-15 04:51:27 UTC 142.250.74.3
mnemonic passive DNS www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-09-15 22:52:26 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-15 23:57:23 UTC 93.184.220.29
mnemonic passive DNS ocsp.sectigo.com (1) 487 2018-12-17 11:31:55 UTC 2022-09-15 21:51:47 UTC 172.64.155.188
mnemonic passive DNS region1.analytics.google.com (1) 0 2022-03-17 11:26:33 UTC 2022-09-15 05:18:01 UTC 216.239.32.36 Domain (google.com) ranked at: 1
mnemonic passive DNS www.google.com (1) 7 2016-08-04 12:36:31 UTC 2022-09-15 22:41:28 UTC 142.250.74.164
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-09-15 22:45:35 UTC 142.250.74.174
mnemonic passive DNS www.google.no (1) 25607 2016-04-05 19:50:59 UTC 2022-09-15 22:45:48 UTC 142.250.74.3
mnemonic passive DNS r3.o.lencr.org (4) 344 2020-12-02 08:52:13 UTC 2022-09-15 04:51:36 UTC 23.36.77.32
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-15 05:55:39 UTC 143.204.55.25
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-15 04:47:36 UTC 34.120.237.76
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-09-15 04:51:39 UTC 142.250.74.72
mnemonic passive DNS googleads.g.doubleclick.net (1) 42 2021-02-20 15:43:32 UTC 2022-09-16 03:06:22 UTC 142.250.74.2
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-09-16 00:14:15 UTC 143.204.55.115


Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 185.241.124.33

Date UQ / IDS / BL URL IP
2022-09-16 03:54:43 +0000
2 - 0 - 0 yourtaxadvice.com/offers/offshore-company-for (...) 185.241.124.33

Last 5 reports on ASN: Buzinessware FZCO

Date UQ / IDS / BL URL IP
2022-12-01 07:33:33 +0000
0 - 0 - 89 capitalhealth.ae/ 185.140.248.170
2022-11-07 15:46:28 +0000
0 - 0 - 1 sinoeuropeanholding.cn/ 185.56.90.61
2022-10-26 13:14:25 +0000
0 - 0 - 4 limitedoffersgcc.com/landers/635847138334b/in (...) 185.56.89.30
2022-10-26 04:54:32 +0000
0 - 0 - 4 limitedoffersgcc.com/landers/635847138334b/in (...) 185.56.89.30
2022-10-25 22:30:01 +0000
0 - 0 - 4 limitedoffersgcc.com/landers/635847138334b/in (...) 185.56.89.30

Last 1 reports on domain: yourtaxadvice.com

Date UQ / IDS / BL URL IP
2022-09-16 03:54:43 +0000
2 - 0 - 0 yourtaxadvice.com/offers/offshore-company-for (...) 185.241.124.33

No other reports with similar screenshot



JavaScript

Executed Scripts (27)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (85)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 16 Sep 2022 03:10:43 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tq1vqgNglUEHnixszDAsmDC3b961XXJAy6sZsrnyCe8bt1cjmJIQPQ==
Age: 2628


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    91dd975a7b17b2922dd23c0e49314e40
Sha1:   57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
Sha256: 09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "FEF9CE9F75EC19E7AE2CCBFFB6654DB2473A2B4ACC94C1B4303E5EC24149465F"
Last-Modified: Thu, 15 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16880
Expires: Fri, 16 Sep 2022 08:35:52 GMT
Date: Fri, 16 Sep 2022 03:54:32 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TDku_cvBjBBZG5nnb7uKmpGLL-r_WPBo-WGhbnSh45TXwSfLjNSI7g==
age: 83957
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    742edb4038f38bc533514982f3d2e861
Sha1:   cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
Sha256: b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 16 Sep 2022 03:54:32 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.115
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 16 Sep 2022 03:03:22 GMT
Cache-Control: max-age=3600
Expires: Fri, 16 Sep 2022 03:08:34 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: GN5Mjpk9-eSBZz4PjJn0tE6lqKptUmPo-oeDbgObAe8jCyVxFlENgQ==
Age: 3071


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2192
Cache-Control: 'max-age=158059'
Date: Fri, 16 Sep 2022 03:54:33 GMT
Last-Modified: Fri, 16 Sep 2022 03:18:01 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: GSDrhYn7NokgNZFcEf9Vlw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         44.242.32.27
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JRkdxuTzCKdrmeoWmtFCSFmI72o=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20273
Expires: Fri, 16 Sep 2022 09:32:27 GMT
Date: Fri, 16 Sep 2022 03:54:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20273
Expires: Fri, 16 Sep 2022 09:32:27 GMT
Date: Fri, 16 Sep 2022 03:54:34 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20273
Expires: Fri, 16 Sep 2022 09:32:27 GMT
Date: Fri, 16 Sep 2022 03:54:34 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F855bc857-3105-4de6-b3a8-0eb895422ea5.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13536
x-amzn-requestid: 5533b257-1558-472b-aeb9-8207a78e1110
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhVDzFa4IAMF9Rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239bb1-05d0dfde7a488ed97d2a40d5;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:40:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aCCBUNe1NErAN4RiVGCdh-sBxSnMm-XfcFzE-h8IcCq6W1Om-UX45g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:45:46 GMT
age: 22128
etag: "de5c3e010fca76659455a144875a52c25fa72bdd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13536
Md5:    512280055633fcce9abc7d11a9816a24
Sha1:   de5c3e010fca76659455a144875a52c25fa72bdd
Sha256: 435eadb36830928b20d4cf8ead62134b75bd0ed3228489d9fdee66450bcbeaed
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cc7f760-37bd-48b3-a202-6f1423e82c4d.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8551
x-amzn-requestid: fcb8406f-a0a4-463a-8d6c-86a465867db4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhUkiG2FIAMFQsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239ae9-4e2927b52b5ac3f907f52027;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:36:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: f7ER8lbphHucpnBSlWF1oGktAVq-lmLrZQUtLCSXrkEYdhYYaX6W3g==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:44:19 GMT
age: 22215
etag: "50cb093cd31e53a67e0a27d9ce9439fbb8a03df8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8551
Md5:    c6df210d4ad73c1cb4bf14a8b68aaaf6
Sha1:   50cb093cd31e53a67e0a27d9ce9439fbb8a03df8
Sha256: 832d746a04665e8fd808e02a3d4c4d2525fb55e8685f2c654836ebea37c4ca92
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Febd0c996-9a44-4dd0-b1b3-c5e213f14167.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10296
x-amzn-requestid: f3bb82cc-9d5d-4dea-8a22-26b35fe603e6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbIRLHBUIAMF7hQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632120d4-64832ad820f6aeaf7868495d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 00:31:16 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: mtDiHNtey-YZnI8xoyrMF4vTWWO2DW9VWp1nAHuZFeHhsfGfm_poiA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:53:00 GMT
age: 21694
etag: "2656d1e3e105c1929b18ebf9b00bd603f2f410a6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10296
Md5:    252e27665094eccd2f18dfed46d4e871
Sha1:   2656d1e3e105c1929b18ebf9b00bd603f2f410a6
Sha256: ccd05f3e869946687ec611ee0d6c5a118a99f73abb1957c556e346ed522d3088
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F032fbd06-806d-41e6-9160-3fdf480555ac.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9256
x-amzn-requestid: 19e81e48-6501-4938-906c-60aa7acdb33a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhUj5EE5oAMFvwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239ae5-3031e84f158e1ad94da4875b;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:36:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MgjhIwjrfVL6-SF04ZPyZVUIOlXUTJu8E8r6KtOZ_QH0OEZC4uG4yQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:45:09 GMT
age: 22165
etag: "afbe7dae2d65763a004b5bddc697131762da7bf2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9256
Md5:    d242ded8ac40a1eb617303256d5f34eb
Sha1:   afbe7dae2d65763a004b5bddc697131762da7bf2
Sha256: b4b08292f36acfca7df3710c29c184c5ff18592e6383eddc5582d302184fce59
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e3eca0d-da18-4b3c-8625-afa9f187d0e3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4955
x-amzn-requestid: e7c21397-14e0-42fd-86f3-3f1e6940da8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhU0zG1uIAMF_mA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239b51-386abef75b6435a0656e86cd;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:38:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: psbU0gPXDKEAq7hBKNMHHjMm7icXZ2WbJZ6xd0CeXGdue92n5shrHg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 22:02:34 GMT
age: 21120
etag: "2b8a6de0faac5c1a99b48c28da9c05f520ef6add"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4955
Md5:    8bedb04287b8f09d30fed0ae386b9bcc
Sha1:   2b8a6de0faac5c1a99b48c28da9c05f520ef6add
Sha256: cec3955f3330184ace4388b7c00262b52c9ca43e9ece6fb8f2fdec2ee9e53a9e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a73e855-9877-4793-b59a-30b8e5a96117.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8435
x-amzn-requestid: f6efd924-4f54-41a6-8771-087803b5b8ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhU0-EJaoAMFvtQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239b52-37c21ee857fe27d104b70337;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:38:26 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hhh1q_MrZVAaRWwmc1IuJbL3KhhwwHQgceaL15okbg4NvKJlWfUjyA==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 22:02:34 GMT
age: 21120
etag: "b6e634ef27eba9da38c6472565e0fdca6898e4f0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8435
Md5:    b7d4ee58e0f26ec6817dbab72aa7db6d
Sha1:   b6e634ef27eba9da38c6472565e0fdca6898e4f0
Sha256: 07db05a6ee70a699164ad55da47bfca58e6639956e256d902cbe0388cd7995c6
                                        
                                            GET /offers/offshore-company-formation-in-the-emirate-of-dubai/ HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Link: <https://yourtaxadvice.com/wp-json/>; rel="https://api.w.org/", <https://yourtaxadvice.com/wp-json/wp/v2/offers/264>; rel="alternate"; type="application/json", <https://yourtaxadvice.com/?p=264>; rel=shortlink
X-Powered-By: PHP/7.4.1, ASP.NET
Date: Fri, 16 Sep 2022 03:54:35 GMT
Content-Length: 27723


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Size:   27723
Md5:    f697b23e3524b4aaaff63c63e09bf1dc
Sha1:   876bb1d492a2061bf5026ebe84fd0b91192427fa
Sha256: c634cf33231ba1fd0091a8e4cce498fd55df3c69f52c4c4989b0ccaa9e9e6a72
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 16 Sep 2022 03:54:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtm.js?id=GTM-MK4GV5J HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yourtaxadvice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.72
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 16 Sep 2022 03:54:35 GMT
expires: Fri, 16 Sep 2022 03:54:35 GMT
cache-control: private, max-age=900
last-modified: Fri, 16 Sep 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 57954
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (3551)
Size:   57954
Md5:    0039b1483224a4e26d0bc69f262567b5
Sha1:   6cd19b5d8b289c2b4ae7d76db3a1c450629bb575
Sha256: f9dbbdeaaabbbfef56192e2b710e43e658a03c1e2ef3803eaa6beb7953a38a1c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 16 Sep 2022 03:54:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /js/nav-scripts.min.js HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Wed, 05 Aug 2020 15:55:00 GMT
Accept-Ranges: bytes
ETag: "416a3ec6406bd61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:35 GMT
Content-Length: 1709


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1709
Md5:    64990587d7adb5e894f802654cccf4a6
Sha1:   c059406308c255b7c8d530b90c2e7ab31a4a223a
Sha256: 7bb2d57dfdc5eabdfe7e147a7f0437ecf4575b2f73aa7a52d48eadea241ec3c9
                                        
                                            GET /wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2106 HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Encoding: gzip
Last-Modified: Thu, 29 Jul 2021 12:11:22 GMT
Accept-Ranges: bytes
ETag: "e3eba4d87284d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:35 GMT
Content-Length: 597


--- Additional Info ---
Magic:  ASCII text, with very long lines (1156), with no line terminators
Size:   597
Md5:    07d964c6c1a513f998a518583e674706
Sha1:   c5b4006fdf88874d8b41680a7dc299c2a5bf4a83
Sha256: 2511a8fc06ba6ddf29a8408647d16773216b599ec25471a1f2280fde63b8b7d3
                                        
                                            GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Tue, 19 Jan 2021 14:55:37 GMT
Accept-Ranges: bytes
ETag: "97d2f72573eed61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:35 GMT
Content-Length: 4994


--- Additional Info ---
Magic:  ASCII text, with very long lines (11126)
Size:   4994
Md5:    f9aa3aa9fd0743851fe52747dc98ab58
Sha1:   20efd968d25b0f720cc71f97b8522f95120085a1
Sha256: a6a2336d4bbf7f10472afd72c043f7a3bc4628665efcf53af07f0dd24a7c8483
                                        
                                            GET /wp-content/plugins/image-map-pro-wordpress/css/image-map-pro.min.css?ver=5.3.1 HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Encoding: gzip
Last-Modified: Thu, 08 Aug 2019 12:39:46 GMT
Accept-Ranges: bytes
ETag: "015155ce64dd51:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:35 GMT
Content-Length: 12992


--- Additional Info ---
Magic:  ASCII text, with very long lines (30429)
Size:   12992
Md5:    03c91ad306e8d0c20a25e8b58914ab96
Sha1:   ea9f7a68e71c0fbc88d3ba3092330b750379598b
Sha256: 5ba7d3f03636f8164195ab17eaa8017862a7907c775142bf92b206113d8966e8
                                        
                                            GET /wp-content/themes/blankslate/css/navbar.css HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Encoding: gzip
Last-Modified: Tue, 16 Nov 2021 09:27:31 GMT
Accept-Ranges: bytes
ETag: "803f62dccdad71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:35 GMT
Content-Length: 9644


--- Additional Info ---
Magic:  ASCII text, with very long lines (1408), with CRLF line terminators
Size:   9644
Md5:    775a1fc4a63ec919e957905d60300f15
Sha1:   92ae874b40f4d01f9624f4e55e2a508396d3b887
Sha256: 321d481066ee5ae61363f31631b2f3f7a8af0125fd188aa7fa5286b16552b165
                                        
                                            GET /wp-content/themes/blankslate/css/bootstrap.css HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Encoding: gzip
Last-Modified: Mon, 13 Sep 2021 12:42:19 GMT
Accept-Ranges: bytes
ETag: "80471dca9ca8d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:35 GMT
Content-Length: 32823


--- Additional Info ---
Magic:  ASCII text, with very long lines (388), with CRLF line terminators
Size:   32823
Md5:    ae1319b2480e0594f6b111d858fec987
Sha1:   1fc76c858714a1b807b338db8a6f3d85bd131c9a
Sha256: df3b22d1e324de5f7491b147b4cf1a957dfa9da81d741447ff6e010b8da537b5
                                        
                                            GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.0 HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Thu, 25 Aug 2022 11:17:58 GMT
Accept-Ranges: bytes
ETag: "7445b85474b8d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:35 GMT
Content-Length: 39763


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   39763
Md5:    59e233ae35f844463587a189f62aacef
Sha1:   92f46e8f1d1954040e9ff19d7702e5ac3cd1ecd6
Sha256: 3ba6995e7f9d8ad74faf6ca6a812ba743dc8d237ef570151fbd20ee8719e4f63
                                        
                                            GET /wp-content/themes/blankslate/style.css?ver=1663078725 HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Encoding: gzip
Last-Modified: Tue, 13 Sep 2022 14:18:45 GMT
Accept-Ranges: bytes
ETag: "80909dbb7bc7d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:35 GMT
Content-Length: 28385


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   28385
Md5:    e0b7aa192202d6f5a6661da330103cba
Sha1:   412ad0b4bdd31bf78ae4652a2400478afaf793e7
Sha256: c185cf05707adcf3802ab740e25aec42f152dd27d69d67a5d74adfbe5cd4a285
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=6.0.2 HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Content-Encoding: gzip
Last-Modified: Thu, 25 Aug 2022 11:17:56 GMT
Accept-Ranges: bytes
ETag: "21fab15374b8d81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:35 GMT
Content-Length: 16612


--- Additional Info ---
Magic:  ASCII text, with very long lines (43771)
Size:   16612
Md5:    80e77ee88576bf29fce3627b7a68ba93
Sha1:   cad7a80e221262df968ef3cf18edbfc2c6a01388
Sha256: 7629ec786ee7f42bbd14715062a2e8fafe210484570acd4f06aef19191e160d6
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 16 Sep 2022 03:54:36 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 13 Sep 2022 19:56:07 GMT
Expires: Tue, 20 Sep 2022 19:56:06 GMT
Etag: "2d8f0de53baae7e0f842942dca262ae614d6e905"
Cache-Control: max-age=402689,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74b6a9661a7c0b02-OSL

                                        
                                            GET /js/bootstrap.min.js HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Fri, 28 Sep 2018 22:57:32 GMT
Accept-Ranges: bytes
ETag: "0566ea37e57d41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:35 GMT
Content-Length: 13045


--- Additional Info ---
Magic:  ASCII text, with very long lines (32033)
Size:   13045
Md5:    3f9ec5c445cf8f77a6390449a7541505
Sha1:   669418484f3303459663923b63a579a879727b05
Sha256: d93d22df61a1ecf911a54330835bb468fb26e5f10e0555cb48a464dfe69d7648
                                        
                                            GET /wp-content/plugins/image-map-pro-wordpress/js/image-map-pro.min.js?ver=5.3.1 HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Mon, 20 Apr 2020 19:39:08 GMT
Accept-Ranges: bytes
ETag: "0968d5b4b17d61:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:35 GMT
Content-Length: 29590


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (46565)
Size:   29590
Md5:    0eb04b732f3d0f650485f7f808514716
Sha1:   b13c3ca1b29f0e7f125cb273e56eb3c79bf61ebc
Sha256: 06aeff6795b8e6cedd68d9c9d61a86c4c5f24cb4ed3fe0adffbe9cbfb2cef821
                                        
                                            GET /wp-content/plugins/table-of-contents-plus/front.min.js?ver=2106 HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Thu, 29 Jul 2021 12:11:22 GMT
Accept-Ranges: bytes
ETag: "83c89dd87284d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:35 GMT
Content-Length: 2837


--- Additional Info ---
Magic:  ASCII text, with very long lines (6091), with no line terminators
Size:   2837
Md5:    12b7ca888a300ecd1861ceca89fe4421
Sha1:   cdee8d5e597b84168142010ccb7bd2a2ecc14abf
Sha256: 5804899079fff35dccbb7814de5e3c065bf521536f70dcba3f5bf560c26cd639
                                        
                                            GET /wp-content/themes/blankslate/assets/js/core.js?v=1&ver=6.0.2 HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Fri, 10 Sep 2021 17:22:49 GMT
Accept-Ranges: bytes
ETag: "803a567a68a6d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:35 GMT
Content-Length: 694


--- Additional Info ---
Magic:  ASCII text
Size:   694
Md5:    1196f1b8df504bd6d2c9edc57eebe97b
Sha1:   6e5f89ee70c82ece8e91c47f8f9fa9c88468e4b2
Sha256: 039c50a5dc62c820e997e8f2cc974cde80650bc9f86077ae7ba2264e4ca2823c
                                        
                                            GET /wp-content/uploads/flags/HK.svg HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yourtaxadvice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.241.124.33
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Wed, 26 Jan 2022 14:26:58 GMT
accept-ranges: bytes
etag: "0e574c6c012d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 16 Sep 2022 03:54:35 GMT
content-length: 3838
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text
Size:   3838
Md5:    14c09da6675a7c29fee73c8008cf1974
Sha1:   0fa9df06e865e4c9256a3c09610e92a4d0768c3a
Sha256: 0c405f4dce2d4215137c870d054968575de436dade3642269a589467b4fea007
                                        
                                            GET /wp-content/uploads/close.png HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yourtaxadvice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.241.124.33
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Tue, 26 Oct 2021 00:32:27 GMT
accept-ranges: bytes
etag: "809fcff30cad71:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 16 Sep 2022 03:54:35 GMT
content-length: 8350
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size:   8350
Md5:    0139bc5bdf466894ec687696e2dc65cd
Sha1:   5c0a326bfbd3ca27e73d36d8ea3fdfd8f8c53b1b
Sha256: 13ee09efef992ec899ca28dea08d00886fce5e8b3ad6c19e6c753a899bcfdaea

Alerts:
  urlquery:
    - Scam / Fake AntiVirus
                                        
                                            GET /wp-content/uploads/flags/CYPRUS.svg HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yourtaxadvice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.241.124.33
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Wed, 26 Jan 2022 14:26:53 GMT
accept-ranges: bytes
etag: "80f479c3c012d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 16 Sep 2022 03:54:35 GMT
content-length: 9054
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2464)
Size:   9054
Md5:    aa3f56e18dc5bdca2c668be3345eb8dc
Sha1:   cace7893bab9fa684b016b31530a498eff4ea0ab
Sha256: fdc9d8af731b605458608029b0a1be8385b81fe67da1a0599f267c091740acda
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 16 Sep 2022 03:54:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 16 Sep 2022 03:54:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /g/collect?v=2&tid=G-XTT744TYGK&gtm=2oe9e0&_p=648646390&_gaz=1&cid=191993670.1663300460&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663300460&sct=1&seg=0&dl=http%3A%2F%2Fyourtaxadvice.com%2Foffers%2Foffshore-company-formation-in-the-emirate-of-dubai%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 
Host: region1.analytics.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://yourtaxadvice.com
Connection: keep-alive
Referer: http://yourtaxadvice.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         216.239.32.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: http://yourtaxadvice.com
date: Fri, 16 Sep 2022 03:54:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            POST /g/collect?v=2&tid=G-XTT744TYGK&cid=191993670.1663300460&gtm=2oe9e0&aip=1 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://yourtaxadvice.com
Connection: keep-alive
Referer: http://yourtaxadvice.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         142.251.1.156
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: http://yourtaxadvice.com
date: Fri, 16 Sep 2022 03:54:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

                                        
                                            GET /wp-content/uploads/flag_uk.png HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yourtaxadvice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.241.124.33
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Mon, 13 Sep 2021 13:49:05 GMT
accept-ranges: bytes
etag: "805ee01da6a8d71:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 16 Sep 2022 03:54:35 GMT
content-length: 31971
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size:   31971
Md5:    c37683abd93abf64f8aee04309cec0ce
Sha1:   b846f74949f832e0b4c09bc9e6fdac55631ad939
Sha256: 948f773ddb779e66ae4f8542c4af154e2d9144580c5f826e34f29793c501590b
                                        
                                            GET /wp-content/uploads/flags/SEYCHELLES.svg HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yourtaxadvice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.241.124.33
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Fri, 28 Jan 2022 10:21:02 GMT
accept-ranges: bytes
etag: "07b5c03014d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 16 Sep 2022 03:54:35 GMT
content-length: 1918
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text
Size:   1918
Md5:    2b054683c51a7fab4b191eb88a0b9126
Sha1:   5d24e84d9654ebe1c9216df308f89fe516d78f66
Sha256: e2f7dc4db38d18c63f34958b49332942dde89844e23e468050771d6916ae7567
                                        
                                            GET /wp-content/uploads/icons/phone_green.png HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yourtaxadvice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.241.124.33
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Wed, 26 Jan 2022 14:43:21 GMT
accept-ranges: bytes
etag: "80ca5e10c312d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 16 Sep 2022 03:54:35 GMT
content-length: 2045
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 512 x 512, 1-bit colormap, non-interlaced\012- data
Size:   2045
Md5:    c2a7d136c0f9f7c62e35bef37c2febaa
Sha1:   885ac182079342db2ad95f62e5853d4f7f0bf5cb
Sha256: 4d9f8b78187aa5f2469477a8ac27ef9ca634422d397684d0522c34abad0477a5
                                        
                                            GET /wp-content/uploads/flags/UAE.svg HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yourtaxadvice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.241.124.33
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Wed, 26 Jan 2022 14:26:56 GMT
accept-ranges: bytes
etag: "0b843c5c012d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 16 Sep 2022 03:54:35 GMT
content-length: 1565
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text
Size:   1565
Md5:    56b0cf570ca06d51133b6b6c4b11b64a
Sha1:   c47c42bf327e1ca65e32cf80015181a25b868e41
Sha256: e58642320ade63c39b9315bd0254be37bfc4a48e8372c84b03035ca822a8ad6c
                                        
                                            GET /wp-content/uploads/flags/ROMANIA.svg HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yourtaxadvice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.241.124.33
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Wed, 26 Jan 2022 14:26:50 GMT
accept-ranges: bytes
etag: "031b0c1c012d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 16 Sep 2022 03:54:35 GMT
content-length: 1319
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text
Size:   1319
Md5:    bbdb10d634be5a0052b2d7f450003b04
Sha1:   2578a8e99ca8609a8d19bf5b50beccfe50991ded
Sha256: 4818bdb228f0163de9bdd2ca0ef4f3a3957c94c378b22da2dc2acc2bd36522ac
                                        
                                            GET /wp-content/uploads/flag_uae.png HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yourtaxadvice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.241.124.33
HTTP/2 200 OK
content-type: image/png
                                        
last-modified: Mon, 13 Sep 2021 13:49:05 GMT
accept-ranges: bytes
etag: "805ee01da6a8d71:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 16 Sep 2022 03:54:36 GMT
content-length: 2748
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size:   2748
Md5:    56a5c976d46752613d28db30f87b748a
Sha1:   f03822c61727bcd8d45c099c91986caa85fb3627
Sha256: 0c0a1f06bde7398c4750f7f99ba007afdbca3150cd64ef3bf4ce794ff889608f
                                        
                                            GET /wp-content/uploads/flags/UK.svg HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yourtaxadvice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.241.124.33
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Wed, 26 Jan 2022 14:26:47 GMT
accept-ranges: bytes
etag: "806de6bfc012d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 16 Sep 2022 03:54:36 GMT
content-length: 4216
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (324)
Size:   4216
Md5:    6a2896d5ff6fe0082f2bf964d1da8bc6
Sha1:   4a6236c49707e30799172ce51ccb57a397ddf46c
Sha256: b1ab6da5b982c96f6a5f8c2638eaaf71bd536c0afb40ccb067e05d84982b8428
                                        
                                            GET /wp-content/themes/blankslate/images/ITA_black.svg HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yourtaxadvice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.241.124.33
HTTP/2 200 OK
content-type: image/svg+xml
                                        
last-modified: Mon, 26 Apr 2021 14:07:18 GMT
accept-ranges: bytes
etag: "0ef8577a53ad71:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Fri, 16 Sep 2022 03:54:36 GMT
content-length: 15182
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   15182
Md5:    f2f46d62a31d7d014bcafef84f000a16
Sha1:   d428f2e42a57f00f2e74498394fbde9f35a52d7a
Sha256: ed48cc497ba1448dc365b802fbf9a07d2deaa075dd61541cd1124206f5f0fb77
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 16 Sep 2022 03:54:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 16 Sep 2022 03:54:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /js/jquery-3.6.0.min.js HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Content-Encoding: gzip
Last-Modified: Tue, 20 Apr 2021 10:58:15 GMT
Accept-Ranges: bytes
ETag: "80fd1610d435d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:35 GMT
Content-Length: 39756


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   39756
Md5:    81ef4a9dd64405501bcdb22a91beace5
Sha1:   154a21a77f15c20470c4583adfcf25dd2e87694b
Sha256: 97452a3262637eb42d8d8f62ead4981b2eccccf4b095b029d81f08ee06d81a5f
                                        
                                            GET /wp-content/themes/blankslate/images/whatsapp.png HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Fri, 10 Sep 2021 18:12:41 GMT
Accept-Ranges: bytes
ETag: "8032b5716fa6d71:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:37 GMT
Content-Length: 12322


--- Additional Info ---
Magic:  PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Size:   12322
Md5:    b7cc15356bff9dc33b8b380754e0857c
Sha1:   d8023326137ac22f202316ffddf1d26585e81b09
Sha256: b64848da9399d916bcf0a7bf6b0a9152f1ffd793ef732e5bb8c38dd14fd72029
                                        
                                            GET /wp-content/uploads/menu_flag_bvi.png HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Thu, 21 Oct 2021 15:22:35 GMT
Accept-Ranges: bytes
ETag: "80ef64798fc6d71:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:37 GMT
Content-Length: 704


--- Additional Info ---
Magic:  PNG image data, 25 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size:   704
Md5:    d5f93448119e45fe5ebc8c4691ac72f9
Sha1:   b349f42023c93ca8c19c918a8bf993e75446279a
Sha256: 6b8ed559d758db3f6f38f5b483948d5b392a31b3e2934c90e35bde992b579ef0
                                        
                                            GET /wp-content/uploads/menu_flag_cayman.png HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Thu, 21 Oct 2021 22:37:09 GMT
Accept-Ranges: bytes
ETag: "8098b52eccc6d71:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:37 GMT
Content-Length: 823


--- Additional Info ---
Magic:  PNG image data, 25 x 17, 8-bit/color RGBA, non-interlaced\012- data
Size:   823
Md5:    c9b70aa4730ab5f4705f18b33d4edb5b
Sha1:   c99fc27059b0575595acb72ab5969acdfcc5d385
Sha256: 54c8d85125a0b45b0df6c565415aed8148191faadd924d446ca95903d63e1086
                                        
                                            GET /wp-content/uploads/go_up.png HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Mon, 11 Oct 2021 19:51:04 GMT
Accept-Ranges: bytes
ETag: "0c4f952d9bed71:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:37 GMT
Content-Length: 11522


--- Additional Info ---
Magic:  PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size:   11522
Md5:    23592b87fc6863365e7885408bd22e80
Sha1:   b420007cd63732924463a2cda12d418475c94c82
Sha256: 5414b98c4a59b38f02af4e388e55b8aea188d5e6bfbaaf1721d6b5f2505b6ad2
                                        
                                            GET /wp-content/themes/blankslate/fonts/notosansbold.woff2 HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/wp-content/themes/blankslate/css/bootstrap.css
Cookie: _gcl_au=1.1.1440544397.1663300460; _ga_XTT744TYGK=GS1.1.1663300460.1.0.1663300460.60.0.0; _ga=GA1.1.191993670.1663300460

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: application/font-woff2
                                        
Last-Modified: Mon, 13 Sep 2021 12:42:20 GMT
Accept-Ranges: bytes
ETag: "0deb5ca9ca8d71:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:37 GMT
Content-Length: 26260


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 26260, version 1.2621\012- data
Size:   26260
Md5:    eb7b85ef1d50c70b9397db5f79082460
Sha1:   524d7f7253d191f2003645ea00d987a9fd276ed2
Sha256: e32b410877c74a34f8621ed1eefd6beb4594562a42d75eac53cb8ca5e4d2a9b5
                                        
                                            GET /wp-content/uploads/background_green_black.svg HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/wp-content/themes/blankslate/style.css?ver=1663078725
Cookie: _gcl_au=1.1.1440544397.1663300460; _ga_XTT744TYGK=GS1.1.1663300460.1.0.1663300460.60.0.0; _ga=GA1.1.191993670.1663300460

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Last-Modified: Mon, 13 Sep 2021 13:49:37 GMT
Accept-Ranges: bytes
ETag: "802ef330a6a8d71:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:37 GMT
Content-Length: 608


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   608
Md5:    146960865f952dfc8b9faa0c78315209
Sha1:   38b469187ddc020fb5121eb55053ee570f5c48d6
Sha256: 585811d61cbfa3165cef56a121fda30b927c5d1b470646e9b5871f168b76f8b6
                                        
                                            GET /wp-content/themes/blankslate/images/ITA_white.svg HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: image/svg+xml
                                        
Last-Modified: Mon, 26 Apr 2021 14:07:37 GMT
Accept-Ranges: bytes
ETag: "801ad982a53ad71:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:37 GMT
Content-Length: 15319


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size:   15319
Md5:    f1feb1bf6e28ed6d202de9a11859d873
Sha1:   8490e1c009afd737ace9bc5d6c0a5ba1b6423571
Sha256: 4e2c75bd7e8d8778642234004595b04a1c75b644a90d8757aef7e35dcb06aa42
                                        
                                            GET /wp-content/themes/blankslate/images/viber.png HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Fri, 10 Sep 2021 18:12:56 GMT
Accept-Ranges: bytes
ETag: "04a67a6fa6d71:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:37 GMT
Content-Length: 15123


--- Additional Info ---
Magic:  PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Size:   15123
Md5:    53295fbaec2e47b76d82e568f94384a2
Sha1:   9780a03a5be4fcfab65dbffeaee95db2cf341f64
Sha256: 0c7073df7f079d9aa01d2b0c003fbdc87d2bebdb22ff37aac89ab5d52d80d7e9
                                        
                                            GET /wp-content/themes/blankslate/images/headphones.png HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Fri, 10 Sep 2021 18:12:31 GMT
Accept-Ranges: bytes
ETag: "8051bf6b6fa6d71:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:37 GMT
Content-Length: 9660


--- Additional Info ---
Magic:  PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Size:   9660
Md5:    c5abe3549cab2905e99f1345135cd69d
Sha1:   3a7865a7b21f10886b70e4f55b965b7b9e4cd3d7
Sha256: 32587c3c9726c924237db386a6c588686ac7189f2892374c05ed6299b1f260ca
                                        
                                            GET /wp-content/themes/blankslate/images/telegram.png HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Fri, 10 Sep 2021 18:13:18 GMT
Accept-Ranges: bytes
ETag: "0f3c2876fa6d71:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:37 GMT
Content-Length: 7845


--- Additional Info ---
Magic:  PNG image data, 512 x 512, 8-bit colormap, non-interlaced\012- data
Size:   7845
Md5:    98a9c858fb708129a0258de0721ed11e
Sha1:   25af3a040f2a922a00f1ec37bd453d2784082fb7
Sha256: 533ab4cb1a34e36315b3de94ca506a1721f3f7b838ce4c0ac1f1386cad85c34e
                                        
                                            GET /wp-content/plugins/elfsight-form-builder-cc/assets/elfsight-form-builder.js?ver=1.5.0 HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Transfer-Encoding: chunked
Content-Encoding: gzip
Last-Modified: Wed, 23 Mar 2022 11:55:10 GMT
Accept-Ranges: bytes
ETag: "063ccd8ac3ed81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:36 GMT


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (456)
Size:   133168
Md5:    3c978e9eb38bf40cb70e6b1a59c724fd
Sha1:   71324bbbdbf1fe64f1a169f138812f52d08c2653
Sha256: 779f84e6fcdbb62f7234a6fe2c4eca9b3cea58311f403cff2431e4589da0f214
                                        
                                            GET /wp-content/uploads/menu_flag_cyprus.png HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Thu, 21 Oct 2021 15:22:00 GMT
Accept-Ranges: bytes
ETag: "05c88648fc6d71:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:37 GMT
Content-Length: 449


--- Additional Info ---
Magic:  PNG image data, 23 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size:   449
Md5:    22c65821969faccd002f6c7627570b5d
Sha1:   b9bf6fafc8053150abfcbd1a9729d5abc7138e04
Sha256: a0496af7a78ff419242c9090eac9f7290fa271c37f8a9a95abb3c0a32392b3b0
                                        
                                            GET /wp-content/uploads/menu_flag_romania.png HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Thu, 21 Oct 2021 15:23:33 GMT
Accept-Ranges: bytes
ETag: "808f79b8fc6d71:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:37 GMT
Content-Length: 181


--- Additional Info ---
Magic:  PNG image data, 25 x 14, 8-bit/color RGBA, non-interlaced\012- data
Size:   181
Md5:    561b5ae64352d45f6a3c666676c3207e
Sha1:   b6d0728aeaad6df34b25da42cc7846f8d48592d6
Sha256: 1813afc7256e08bad1415075787dccb0906c9cdf6b2202fc05a3562353ae287c
                                        
                                            GET /wp-content/uploads/menu_flag_singapore.png HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Thu, 21 Oct 2021 22:33:52 GMT
Accept-Ranges: bytes
ETag: "0c849b9cbc6d71:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:37 GMT
Content-Length: 393


--- Additional Info ---
Magic:  PNG image data, 25 x 17, 8-bit colormap, non-interlaced\012- data
Size:   393
Md5:    17c1514d1380ae160858b797382f201b
Sha1:   e51c423b69741a93d7c85b26e42322a854f3de01
Sha256: 891f391d6dd1786c055a1757bef829087453fa659e62318567f48f61cb22463b
                                        
                                            GET /wp-content/uploads/menu_flag_uk.png HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Thu, 21 Oct 2021 15:22:20 GMT
Accept-Ranges: bytes
ETag: "01e74708fc6d71:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:37 GMT
Content-Length: 1043


--- Additional Info ---
Magic:  PNG image data, 23 x 13, 8-bit/color RGBA, non-interlaced\012- data
Size:   1043
Md5:    a95c4db828d7ab7276cde45d1af2d936
Sha1:   aaee95fc5dec770838c2f5513a478a2968c8717d
Sha256: 649098fc5303d157d0e0562305aeeef2958d236b8e8902c433e9f52817a7fcd3
                                        
                                            GET /wp-content/uploads/menu_flag_uae.png HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Thu, 21 Oct 2021 15:21:44 GMT
Accept-Ranges: bytes
ETag: "0f4fe5a8fc6d71:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:37 GMT
Content-Length: 171


--- Additional Info ---
Magic:  PNG image data, 23 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size:   171
Md5:    c7c116987693fae4bd08670971cb20dc
Sha1:   0de1b01bc92b252cf76158775e811d77d15de891
Sha256: 230479f3846fcdc9a51daf710134668f2fd132d866ccb0331b0b3d723697edfe
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 16 Sep 2022 03:54:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /recaptcha/api.js?onload=EappsFormBuilderRecaptchaReady&render=explicit HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yourtaxadvice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
expires: Fri, 16 Sep 2022 03:54:38 GMT
date: Fri, 16 Sep 2022 03:54:38 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 591
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (925), with no line terminators
Size:   591
Md5:    5e9104187c94c624b6cd90ab765e2ff2
Sha1:   2f3584022daab79f48497e16f6d2fbf1e12326b7
Sha256: 2728d7b1008c88f03c4bd7077c86940a8185c233caa56d28d1799ecbbef04242
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 16 Sep 2022 03:54:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/uploads/menu_flag_seychelles.png HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Thu, 21 Oct 2021 15:23:04 GMT
Accept-Ranges: bytes
ETag: "0fcad8a8fc6d71:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:37 GMT
Content-Length: 702


--- Additional Info ---
Magic:  PNG image data, 25 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size:   702
Md5:    af977fb7307ba548ee3817fb0faf3c3f
Sha1:   77e1cd3f5e0b8c34b0583e36f25e999c5ec51a29
Sha256: aa9f7b121528db35144e84780aea5314515f91085fb46e3038cdc17eb8dadd89
                                        
                                            GET /wp-content/uploads/menu_flag_hk.png HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Thu, 21 Oct 2021 15:23:54 GMT
Accept-Ranges: bytes
ETag: "0617ba88fc6d71:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:37 GMT
Content-Length: 357


--- Additional Info ---
Magic:  PNG image data, 25 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size:   357
Md5:    fcdc357650902db9f0cfac198f386344
Sha1:   74bbdafc29826f75655501492c1e6684065aa201
Sha256: 875031c6001eb228192738a645120d9b12eaca809912381da29b2a6a7ab85b78
                                        
                                            GET /wp-content/uploads/menu_flag_hungary.png HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Last-Modified: Thu, 21 Oct 2021 15:23:17 GMT
Accept-Ranges: bytes
ETag: "80a06d928fc6d71:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:37 GMT
Content-Length: 162


--- Additional Info ---
Magic:  PNG image data, 25 x 14, 8-bit/color RGBA, non-interlaced\012- data
Size:   162
Md5:    2227cdaf324fb548d81abb03cde6d53c
Sha1:   a9b98a7b345bdb98b1453c2cfacf7cdb5d006118
Sha256: 1f321491bc2b9bb7e3e7d4e413210a3ba5f48252c51fea2798d59db7b64b8af3
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yourtaxadvice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Fri, 16 Sep 2022 02:41:12 GMT
expires: Fri, 16 Sep 2022 04:41:12 GMT
cache-control: public, max-age=7200
age: 4406
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20006
Md5:    56f5d7f608e25d64207135f045f988cb
Sha1:   901eb59372ae330ae85e1384da93479b21ae1082
Sha256: 1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 16 Sep 2022 03:54:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 16 Sep 2022 03:54:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XTT744TYGK&cid=191993670.1663300460&gtm=2oe9e0&aip=1&z=2092165334 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yourtaxadvice.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 03:54:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /recaptcha/releases/zmiYzsHi8INTJBWt2QZC9aM5/recaptcha__en.js HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://yourtaxadvice.com
Connection: keep-alive
Referer: http://yourtaxadvice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 157726
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 05:37:29 GMT
expires: Thu, 14 Sep 2023 05:37:29 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 14 Sep 2022 00:24:01 GMT
age: 166629
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (581)
Size:   157726
Md5:    6519c7c04cf32a57b1c5ee45a73c233e
Sha1:   4939bb921988e9eb13780cc2244f3099776e9bfb
Sha256: 8352dd4e3e0fe82562cdc280c020fc31d2c6d054f7ead441a3b18de8ef04401b
                                        
                                            GET /wp-content/themes/blankslate/fonts/notosans.woff2 HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/
Cookie: _gcl_au=1.1.1440544397.1663300460; _ga_XTT744TYGK=GS1.1.1663300460.1.0.1663300460.60.0.0; _ga=GA1.1.191993670.1663300460

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: application/font-woff2
                                        
Last-Modified: Mon, 13 Sep 2021 12:42:20 GMT
Accept-Ranges: bytes
ETag: "0deb5ca9ca8d71:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:37 GMT
Content-Length: 27016


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 27016, version 1.2621\012- data
Size:   27016
Md5:    0962fa669a3424cb430c1ee3326bb9d4
Sha1:   3ed911a85e4a8304422cd9364e9ed7efe19397e9
Sha256: 6e3619ec59d4cb905dc354f6a2e21e20e9c508d7b3859f6fcc203f6d2245a62c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 16 Sep 2022 03:54:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 16 Sep 2022 03:54:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/
Cookie: _gcl_au=1.1.1440544397.1663300460; _ga_XTT744TYGK=GS1.1.1663300460.1.0.1663300460.60.0.0; _ga=GA1.1.191993670.1663300460

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Last-Modified: Fri, 10 Sep 2021 17:03:15 GMT
Accept-Ranges: bytes
ETag: "80b94be65a6d71:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:38 GMT
Content-Length: 1150


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Size:   1150
Md5:    975f28afe9781d28c3a219047fc36a2c
Sha1:   bda1c4a1c00dc743d130518a7755c8afda9a43cd
Sha256: 5859c79ac7a26bf734e16156b69ed6eabefee39133eb4010e07a4ff4d0511ef8
                                        
                                            GET /pagead/viewthroughconversion/732572232/?random=1663300462757&cv=9&fst=1663300462757&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg9e0&sendb=1&ig=0&frm=0&url=http%3A%2F%2Fyourtaxadvice.com%2Foffers%2Foffshore-company-formation-in-the-emirate-of-dubai%2F&tiba=Dubai%20Offshore%20Company%20Formation%20-%20Offshore%20Company%20Setup%20in%20the%20Emirate%20of%20Dubai%20-%20ITA%20Business%20Consultants&auid=1440544397.1663300460&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://yourtaxadvice.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.2
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 03:54:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1103
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 16-Sep-2022 04:09:38 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2540), with no line terminators
Size:   1103
Md5:    b6737eb1944bf687d675e116d7728b58
Sha1:   3414472675bd1b4184be8ab39fe69e26e1037e50
Sha256: a84c7ee349d3eb081eefb18bc812ca5143d497519e84a2be1d95727ce9532cad
                                        
                                            GET /wp-content/uploads/Offer1.jpg HTTP/1.1 
Host: yourtaxadvice.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://yourtaxadvice.com/offers/offshore-company-formation-in-the-emirate-of-dubai/

                                         
                                         185.241.124.33
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Last-Modified: Mon, 13 Sep 2021 13:48:15 GMT
Accept-Ranges: bytes
ETag: "80f9120a6a8d71:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 16 Sep 2022 03:54:37 GMT
Content-Length: 83115


--- Additional Info ---
Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1366x253, components 3\012- data
Size:   83115
Md5:    5a6304c4b934a18bc1f72982033523f2
Sha1:   9098c1c7ee956e05684e05b57541ad74031c6810
Sha256: 6b8749d8d7be643ece2aca168d6947f0d3ae51616ac1facd36d95ded2c4553c7