Overview

URLserviceclub.solutions/rd/c8369XRBrH24IpAP3977Rsn464FQns369
IP 40.115.44.9 (Netherlands)
ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-11-09 07:20:52 UTC
StatusLoading report..
IDS alerts0
Blocklist alert2
urlquery alerts No alerts detected
Tags None

Domain Summary (19)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
nationaltaxhelpline.co.uk (31) 0 2021-01-08 14:16:31 UTC 2022-11-06 13:02:46 UTC 109.203.126.150 Unknown ranking
img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-11-09 05:04:23 UTC 142.250.74.174
www.facebook.com (1) 99 2012-05-21 00:23:41 UTC 2021-06-08 06:38:51 UTC 31.13.72.36
ocsp.digicert.com (5) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-09 05:05:32 UTC 34.117.237.239
owenfeel.com (1) 0 2022-04-05 12:21:46 UTC 2022-11-07 09:34:44 UTC 34.78.223.0 Unknown ranking
ocsp2.globalsign.com (1) 1544 2012-05-23 18:10:04 UTC 2020-03-15 21:19:16 UTC 104.18.20.226
www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-11-09 05:04:25 UTC 142.250.74.168
googleads.g.doubleclick.net (1) 42 2021-02-20 15:43:32 UTC 2022-11-09 06:30:58 UTC 142.250.74.130
www.google.com (1) 7 2016-03-22 03:56:07 UTC 2022-11-09 00:21:08 UTC 142.250.74.164
serviceclub.solutions (2) 0 2022-07-22 16:09:31 UTC 2022-11-09 07:18:18 UTC 40.115.44.9 Unknown ranking
r3.o.lencr.org (6) 344 No data No data 23.36.77.32
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 35.163.147.190
ocsp.pki.goog (8) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.35
bat.bing.com (3) 387 2014-04-08 09:23:16 UTC 2020-04-20 20:17:24 UTC 204.79.197.200
connect.facebook.net (1) 139 2012-05-22 02:51:28 UTC 2020-02-17 13:26:09 UTC 31.13.72.12
www.google.no (1) 25607 2016-04-05 19:50:59 UTC 2022-11-09 00:59:49 UTC 142.250.74.35

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-09 2 serviceclub.solutions/rd/c8369XRBrH24IpAP3977Rsn464FQns369 Phishing
2022-11-09 2 serviceclub.solutions/track/c8369XRBrH24IpAP3977Rsn464FQns369 Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 40.115.44.9
Date UQ / IDS / BL URL IP
2022-11-16 00:57:56 +0000 0 - 0 - 2 serviceclub.solutions/rd/u9192moYCe2160976Hhv (...) 40.115.44.9
2022-11-15 06:34:59 +0000 0 - 0 - 2 serviceclub.solutions/rd/u9164jWsdX857310bKfP (...) 40.115.44.9
2022-11-12 06:41:19 +0000 0 - 0 - 2 serviceclub.solutions/rd/c8965pgHNm1363446vzK (...) 40.115.44.9
2022-11-11 21:22:27 +0000 0 - 0 - 3 gopromos.today/rd/c8806bxDqq434028zlyq980LCn3 (...) 40.115.44.9
2022-11-09 11:24:17 +0000 0 - 0 - 2 serviceclub.solutions/rd/c8394upKXN22Glkj2900 (...) 40.115.44.9


Last 5 reports on ASN: MICROSOFT-CORP-MSN-AS-BLOCK
Date UQ / IDS / BL URL IP
2023-02-06 02:52:35 +0000 0 - 7 - 0 gamingfun.me/generator.php?id=5QJ311.rar 52.173.151.229
2023-02-06 02:40:47 +0000 3 - 5 - 1 packagesupportforusps.ddns.mobi/0e3b3742842d1 (...) 20.245.77.166
2023-02-06 02:27:42 +0000 0 - 0 - 1 6089317.com/ 13.75.94.98
2023-02-06 02:09:12 +0000 0 - 4 - 0 mail.grup-whatsapp-tante-viral18.duckdns.org/ (...) 20.97.8.25
2023-02-06 01:00:40 +0000 0 - 0 - 3 www.attacctinfo.com/elJ2MjVwK1hKMEpEUllwYmpBPT0/ 20.51.235.207


Last 5 reports on domain: serviceclub.solutions
Date UQ / IDS / BL URL IP
2023-02-05 14:49:57 +0000 0 - 0 - 2 serviceclub.solutions/rd/c22160xPPFi287jURH11 (...) 20.13.26.77
2023-02-03 13:53:18 +0000 0 - 0 - 2 serviceclub.solutions/rd/u21933FYvDb2539494el (...) 20.13.26.77
2023-01-12 07:47:32 +0000 0 - 0 - 1 serviceclub.solutions/track/o17101TZBYj16dUOD (...) 20.13.26.77
2023-01-11 07:50:05 +0000 0 - 0 - 2 serviceclub.solutions/rd/c16925YADJD3088185Rg (...) 20.13.26.77
2022-12-02 13:06:59 +0000 0 - 0 - 2 serviceclub.solutions/rd/c10393KFHvW3088185PU (...) 20.13.26.77


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-11-28 11:01:37 +0000 0 - 0 - 2 serviceclub.solutions/rd/c10785nUDQq718679Rum (...) 20.13.26.77
2022-11-28 08:13:25 +0000 0 - 0 - 2 serviceclub.solutions/rd/c8946mXLMV16Idyw2626 (...) 20.13.26.77
2022-11-27 03:31:11 +0000 0 - 0 - 2 serviceclub.solutions/rd/c10393NIXYO3288675yX (...) 20.13.26.77
2022-11-26 10:51:12 +0000 0 - 0 - 2 serviceclub.solutions/rd/c10471aqvlS3088185BI (...) 20.13.26.77
2022-11-26 07:41:06 +0000 0 - 0 - 2 serviceclub.solutions/rd/c10471CdHVH3088122Fc (...) 20.13.26.77

JavaScript

Executed Scripts (32)

Executed Evals (1)
#1 JavaScript::Eval (size: 14) - SHA256: 4fff201ce921e92b6204236706058575303bfbbdbb536dcc801202e74cb832bf
objinput_5_288

Executed Writes (0)


HTTP Transactions (73)


Request Response
                                        
                                            GET /rd/c8369XRBrH24IpAP3977Rsn464FQns369 HTTP/1.1 
Host: serviceclub.solutions
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         40.115.44.9
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Wed, 09 Nov 2022 07:20:41 GMT
Content-Length: 243


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   243
Md5:    45e3305389edc4d26f20f3ed270de653
Sha1:   7adeb5558d16808f2b60fee7258382fb86cd2d79
Sha256: ced6411122f104b7f8adbbe3cdf5f3d8cba7649a9576e292e77379214d51dd4b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4925
Expires: Wed, 09 Nov 2022 08:42:46 GMT
Date: Wed, 09 Nov 2022 07:20:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4686
Cache-Control: max-age=102516
Date: Wed, 09 Nov 2022 07:20:41 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 11:49:17 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3472
Cache-Control: max-age=101302
Date: Wed, 09 Nov 2022 07:20:41 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 11:29:03 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "17894427C471F7FA02CA274795DC55DF1BFC99D7BD83F9EE36249394035110FD"
Last-Modified: Wed, 09 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12812
Expires: Wed, 09 Nov 2022 10:54:13 GMT
Date: Wed, 09 Nov 2022 07:20:41 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: bWUv4uFYLmOVpj8D0krIAsRXPa/G7oW3qGumGChw4URX1tYXZXHq6QjvkW44T7JYUew5A9zUGx2zh1CBHwuDVw==
x-amz-request-id: 8WZVYQ1PM760QTMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 09 Nov 2022 06:48:52 GMT
age: 1909
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Wed, 09 Nov 2022 07:20:41 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /track/c8369XRBrH24IpAP3977Rsn464FQns369 HTTP/1.1 
Host: serviceclub.solutions
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://serviceclub.solutions/rd/c8369XRBrH24IpAP3977Rsn464FQns369
Upgrade-Insecure-Requests: 1

search
                                         40.115.44.9
HTTP/1.1 302 Found
Content-Type: text/html; charset=utf-8
                                        
Location: https://owenfeel.com/?a=4762&oc=15503&c=42836&m=3&s1=14&s2=369-8369&s3=24-3977-464
Date: Wed, 09 Nov 2022 07:20:41 GMT
Content-Length: 129


--- Additional Info ---
Magic:  HTML document, ASCII text
Size:   129
Md5:    eecf8f41d4fd897ca910db0c4057d447
Sha1:   f84258b4526db2676089082214be427f1bfb7223
Sha256: ff65c334d0165bb7eef7171aee3d9f3fd60255e1acfbb2d07ac86f3cac066336

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2949
Cache-Control: max-age=95713
Date: Wed, 09 Nov 2022 07:20:42 GMT
Etag: "636a1c26-1d7"
Expires: Thu, 10 Nov 2022 09:55:55 GMT
Last-Modified: Tue, 08 Nov 2022 09:06:46 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gsalphasha2g2 HTTP/1.1 
Host: ocsp2.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 09 Nov 2022 07:20:42 GMT
Content-Length: 1423
Connection: keep-alive
Expires: Sun, 13 Nov 2022 07:20:41 GMT
ETag: "e933146e889402e15039180b42d2ef472a32a56e"
Last-Modified: Wed, 09 Nov 2022 07:20:42 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: EXPIRED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7674c98d1ee2fab4-OSL


--- Additional Info ---
Magic:  data
Size:   1423
Md5:    e59727a7528905faf18ab54c090c6bb1
Sha1:   e933146e889402e15039180b42d2ef472a32a56e
Sha256: e3600ff594293c8fcc14134e9d73251a8380c505cb08d1323030c1a10c4659d4
                                        
                                            GET /?a=4762&oc=15503&c=42836&m=3&s1=14&s2=369-8369&s3=24-3977-464 HTTP/1.1 
Host: owenfeel.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://serviceclub.solutions/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         34.78.223.0
HTTP/1.1 302 Found
content-type: text/html; charset=utf-8
                                        
date: Wed, 09 Nov 2022 07:20:42 GMT
content-length: 224
cache-control: private
location: https://nationaltaxhelpline.co.uk/claim-now-af1?src=lola&utm_affid=15451-276161076&utm_clickid=4762
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
set-cookie: sl=rkGopWU9u0wFiWD0Iib9o4BxufALmkPAIMlhX73nhOcABaW3dxJTeg==; domain=.owenfeel.com; path=/; HttpOnly tym=JkUcU+RxzcYFiWD0Iib9o4BxufALmkPAIMlhX73nhOcABaW3dxJTeg==; domain=.owenfeel.com; expires=Sat, 09-Nov-2024 07:20:42 GMT; path=/; HttpOnly c15451=rkGopWU9u0zIZZvELWa8cAbKnOh8nZ+LgvMACD1JOjBmlAatq512KA==; domain=.owenfeel.com; expires=Fri, 09-Dec-2022 07:20:42 GMT; path=/; HttpOnly


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   224
Md5:    61d2c9c6f3f11ba5c03b1016c23a4940
Sha1:   15b5c8b39fa17e1e4f06329a7ba143237e03e0ca
Sha256: e7c0ac7df8c4a264a8925f121734a7bc0636f0cfd91c3a30fe4a2b3c8c15ae20
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: V6F35oXV0fnGCy1hp/t5FQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.163.147.190
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: r4//8DuSlwsiHzxlia+2/ouKKyw=

                                        
                                            GET /claim-now-af1?src=lola&utm_affid=15451-276161076&utm_clickid=4762 HTTP/1.1 
Host: nationaltaxhelpline.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://serviceclub.solutions/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         109.203.126.150
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 09 Nov 2022 07:20:42 GMT
Server: Apache
X-Redirect-By: WordPress
Location: https://nationaltaxhelpline.co.uk/claim-now-af1/?src=lola&utm_affid=15451-276161076&utm_clickid=4762
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

                                        
                                            GET /claim-now-af1/?src=lola&utm_affid=15451-276161076&utm_clickid=4762 HTTP/1.1 
Host: nationaltaxhelpline.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://serviceclub.solutions/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         109.203.126.150
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Date: Wed, 09 Nov 2022 07:20:42 GMT
Server: Apache
Link: <https://nationaltaxhelpline.co.uk/wp-json/>; rel="https://api.w.org/", <https://nationaltaxhelpline.co.uk/wp-json/wp/v2/pages/290>; rel="alternate"; type="application/json", <https://nationaltaxhelpline.co.uk/?p=290>; rel=shortlink
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11342), with CRLF, LF line terminators
Size:   162463
Md5:    a97200c2f3b41574bf2d7878769e0ff8
Sha1:   7d34bb30af11efa17af0747dfd847bfc90a86e76
Sha256: 74822d1dc2e6d4b879e8f4d5341675f0d4a97f6786e04b0eafe1e931ca6e0a07
                                        
                                            GET /wp-content/uploads/oxygen/css/universal.css?cache=1627488822&ver=5.5.11 HTTP/1.1 
Host: nationaltaxhelpline.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/claim-now-af1/?src=lola&utm_affid=15451-276161076&utm_clickid=4762
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         109.203.126.150
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 09 Nov 2022 07:20:43 GMT
Server: Apache
Last-Modified: Wed, 28 Jul 2021 16:13:42 GMT
Accept-Ranges: bytes
Content-Length: 71926
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (671), with CRLF, LF line terminators
Size:   71926
Md5:    2957a6a99202f2cd74f7e0d49f0060c1
Sha1:   09a5a92c65c022b49fe90ccfbb05371b94bee08c
Sha256: 3b1b0a1e4b93a6fb8e0c70be5895f9618a00fa82d3ac159f02288435cdd5659f
                                        
                                            GET /wp-content/uploads/oxygen/css/claim-now-af1-290.css?cache=1622037247&ver=5.5.11 HTTP/1.1 
Host: nationaltaxhelpline.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/claim-now-af1/?src=lola&utm_affid=15451-276161076&utm_clickid=4762
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         109.203.126.150
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 09 Nov 2022 07:20:43 GMT
Server: Apache
Last-Modified: Wed, 26 May 2021 13:54:07 GMT
Accept-Ranges: bytes
Content-Length: 362
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (362), with no line terminators
Size:   362
Md5:    fa9828bacea059f715da8fe9e09b486c
Sha1:   716f6e8eea57a07ed9e47475a2267c0e1e740a52
Sha256: 536c90c03282044ffe87950971e4dc352cfd70fd65d77f9620476aea29c97ad7
                                        
                                            GET /wp-content/plugins/oxygen/component-framework/oxygen.css?ver=3.5 HTTP/1.1 
Host: nationaltaxhelpline.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/claim-now-af1/?src=lola&utm_affid=15451-276161076&utm_clickid=4762
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         109.203.126.150
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 09 Nov 2022 07:20:43 GMT
Server: Apache
Last-Modified: Mon, 07 Dec 2020 16:41:58 GMT
Accept-Ranges: bytes
Content-Length: 18827
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text
Size:   18827
Md5:    c2f4377d09eb261c6e8090a56df140b7
Sha1:   4a916b0dd1e5a209af36610f88ddf8a7c9adadb4
Sha256: 9124a6fd00e218d97037cdcbc7ea4c40c73d95bd19da2a6a477789f1daa0bf7f
                                        
                                            GET /wp-content/plugins/oxygen/component-framework/vendor/aos/aos.css?ver=5.5.11 HTTP/1.1 
Host: nationaltaxhelpline.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/claim-now-af1/?src=lola&utm_affid=15451-276161076&utm_clickid=4762
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         109.203.126.150
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 09 Nov 2022 07:20:43 GMT
Server: Apache
Last-Modified: Mon, 07 Dec 2020 16:41:58 GMT
Accept-Ranges: bytes
Content-Length: 26053
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (26053), with no line terminators
Size:   26053
Md5:    847da8fca8060ca1a70f976aab1210b9
Sha1:   0557d37454b67f42f2cb101e57e5070fb1193570
Sha256: 1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
                                        
                                            GET /wp-content/uploads/oxygen/css/main-new-44.css?cache=1622037249&ver=5.5.11 HTTP/1.1 
Host: nationaltaxhelpline.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/claim-now-af1/?src=lola&utm_affid=15451-276161076&utm_clickid=4762
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         109.203.126.150
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 09 Nov 2022 07:20:43 GMT
Server: Apache
Last-Modified: Wed, 26 May 2021 13:54:09 GMT
Accept-Ranges: bytes
Content-Length: 19741
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (19741), with no line terminators
Size:   19741
Md5:    bf0082b4e95b0693851b6b1c502e2a90
Sha1:   66b2ecfe941eb54dc828d005706d32a5aba7c6c1
Sha256: 4decac796c9dd538d4e9638142a57841de924e814ad9419eaef5dfce57041284
                                        
                                            GET /wp-content/plugins/gravityforms/css/formreset.min.css?ver=2.4.17.11 HTTP/1.1 
Host: nationaltaxhelpline.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/claim-now-af1/?src=lola&utm_affid=15451-276161076&utm_clickid=4762
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         109.203.126.150
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 09 Nov 2022 07:20:43 GMT
Server: Apache
Last-Modified: Sun, 30 May 2021 21:31:26 GMT
Accept-Ranges: bytes
Content-Length: 4171
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  CSV text\012- , ASCII text, with CRLF line terminators
Size:   4171
Md5:    a5fd638404fd893572c60b190c469441
Sha1:   85d4b11a9459d9fb4fa9c38892181034284346a0
Sha256: 47bd43923be371a64d001da8e797a3ad92d730aa0b17b05de12ffe9d2976696a
                                        
                                            GET /wp-includes/css/dist/block-library/style.min.css?ver=5.5.11 HTTP/1.1 
Host: nationaltaxhelpline.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/claim-now-af1/?src=lola&utm_affid=15451-276161076&utm_clickid=4762
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         109.203.126.150
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 09 Nov 2022 07:20:43 GMT
Server: Apache
Last-Modified: Mon, 02 Nov 2020 08:30:24 GMT
Accept-Ranges: bytes
Content-Length: 53907
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (27100)
Size:   53907
Md5:    2e7e1d1c1d4d446a1b6b63295757d859
Sha1:   27a1d9dcbdc4aff486016b5c9f3ece6ad0c028c1
Sha256: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
                                        
                                            GET /wp-content/plugins/gravityforms/css/datepicker.min.css?ver=2.4.17.11 HTTP/1.1 
Host: nationaltaxhelpline.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/claim-now-af1/?src=lola&utm_affid=15451-276161076&utm_clickid=4762
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         109.203.126.150
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 09 Nov 2022 07:20:43 GMT
Server: Apache
Last-Modified: Fri, 02 Apr 2021 22:27:14 GMT
Accept-Ranges: bytes
Content-Length: 5328
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (5328), with no line terminators
Size:   5328
Md5:    9ef2fba4234dabbb37d442db6e1d747e
Sha1:   22095a22be67b7af907a8e11227a6ffd2f8b3fba
Sha256: e17a8838efc819e3009ce6af76552440d1a1ceb279dced3eeefec0b14922d10e
                                        
                                            GET /wp-includes/js/jquery/jquery.js?ver=1.12.4-wp HTTP/1.1 
Host: nationaltaxhelpline.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/claim-now-af1/?src=lola&utm_affid=15451-276161076&utm_clickid=4762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         109.203.126.150
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 09 Nov 2022 07:20:43 GMT
Server: Apache
Last-Modified: Tue, 30 Aug 2022 19:42:25 GMT
Accept-Ranges: bytes
Content-Length: 96873
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (31997)
Size:   96873
Md5:    49edccea2e7ba985cadc9ba0531cbed1
Sha1:   f8747f8ee704d9af31d0950015e01d3f9635b070
Sha256: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
                                        
                                            GET /wp-content/plugins/gravityforms/css/formsmain.min.css?ver=2.4.17.11 HTTP/1.1 
Host: nationaltaxhelpline.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/claim-now-af1/?src=lola&utm_affid=15451-276161076&utm_clickid=4762
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         109.203.126.150
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 09 Nov 2022 07:20:43 GMT
Server: Apache
Last-Modified: Sun, 30 May 2021 21:26:47 GMT
Accept-Ranges: bytes
Content-Length: 89527
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (1210), with CRLF line terminators
Size:   89527
Md5:    c23a736bdca9fe310bfaeaaaddf6042c
Sha1:   8cf255da80439e466c631b05d7bb0445cc47c2bb
Sha256: 2a8451f7a44eb61c7253efd65625d35e34f2f4f51f445943689eb948066df00f
                                        
                                            GET /wp-content/plugins/gravityforms/css/readyclass.min.css?ver=2.4.17.11 HTTP/1.1 
Host: nationaltaxhelpline.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/claim-now-af1/?src=lola&utm_affid=15451-276161076&utm_clickid=4762
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         109.203.126.150
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 09 Nov 2022 07:20:43 GMT
Server: Apache
Last-Modified: Fri, 02 Apr 2021 22:27:14 GMT
Accept-Ranges: bytes
Content-Length: 30241
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (30241), with no line terminators
Size:   30241
Md5:    4e4b29a8633fb24370dd9961f1bb809c
Sha1:   7b87aa4a403781c59d8b87564d7f00735e7ec923
Sha256: f34635c25f3a1027d5ce9f0216c63202a704536e656c1eeb94dccf488b2cc364
                                        
                                            GET /wp-content/plugins/gravityforms/css/browsers.min.css?ver=2.4.17.11 HTTP/1.1 
Host: nationaltaxhelpline.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/claim-now-af1/?src=lola&utm_affid=15451-276161076&utm_clickid=4762
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         109.203.126.150
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 09 Nov 2022 07:20:43 GMT
Server: Apache
Last-Modified: Fri, 02 Apr 2021 22:27:14 GMT
Accept-Ranges: bytes
Content-Length: 7288
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (7288), with no line terminators
Size:   7288
Md5:    dd1ab0f6fc9aadb5b9b5394cf2bc9c14
Sha1:   fc18b9587b7b2d0628613139354caeb2d75d4b73
Sha256: 2e84eb055418b1d5b659bbc2e6022fe0ae37548287e6717e80cc13a2251e5abf
                                        
                                            GET /wp-content/plugins/gravityforms-groupfields/asset/css/public.css?ver=1.0.2 HTTP/1.1 
Host: nationaltaxhelpline.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/claim-now-af1/?src=lola&utm_affid=15451-276161076&utm_clickid=4762
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         109.203.126.150
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Wed, 09 Nov 2022 07:20:43 GMT
Server: Apache
Last-Modified: Wed, 11 Mar 2020 21:53:40 GMT
Accept-Ranges: bytes
Content-Length: 2926
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   2926
Md5:    d46e8c27a79d1382649f6b123e574cd8
Sha1:   9e15176cc0f0a7ca37ed8ba11c78fdf5995c3248
Sha256: 56bb595dc7adf16eb5fe9ef5599ae4a8061df4d433c5ab4aeb22f8f90328e380
                                        
                                            GET /wp-content/plugins/oxygen/component-framework/vendor/aos/aos.js?ver=1 HTTP/1.1 
Host: nationaltaxhelpline.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/claim-now-af1/?src=lola&utm_affid=15451-276161076&utm_clickid=4762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         109.203.126.150
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 09 Nov 2022 07:20:43 GMT
Server: Apache
Last-Modified: Sun, 30 May 2021 21:22:22 GMT
Accept-Ranges: bytes
Content-Length: 27319
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (1630), with CRLF line terminators
Size:   27319
Md5:    d8d4f11c1e4db865b68974ab43b5bb41
Sha1:   82dc257951a3f78a2c48a34443dd69c29a160119
Sha256: 16b0350bed2d61f482f73ea8ead1251011bae4334cb1eebaf1badc818a94a6fa
                                        
                                            GET /wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.4.17.11 HTTP/1.1 
Host: nationaltaxhelpline.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/claim-now-af1/?src=lola&utm_affid=15451-276161076&utm_clickid=4762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         109.203.126.150
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 09 Nov 2022 07:20:43 GMT
Server: Apache
Last-Modified: Fri, 02 Apr 2021 22:27:13 GMT
Accept-Ranges: bytes
Content-Length: 1848
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (1848), with no line terminators
Size:   1848
Md5:    827fde8d0de0ba40ab12406eb78b4908
Sha1:   6705762130b2eb5f505ff924b8203ce4f8fd585d
Sha256: 172314ff74044b918766ed4763279b5e8798622087c0a2930f59c9d44662213d
                                        
                                            GET /wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.4.17.11 HTTP/1.1 
Host: nationaltaxhelpline.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/claim-now-af1/?src=lola&utm_affid=15451-276161076&utm_clickid=4762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         109.203.126.150
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 09 Nov 2022 07:20:43 GMT
Server: Apache
Last-Modified: Fri, 02 Apr 2021 22:27:13 GMT
Accept-Ranges: bytes
Content-Length: 35010
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (35010), with no line terminators
Size:   35010
Md5:    62f94f94c1aa96e1b318f6766bd16647
Sha1:   cc256954eb74303e7939de762cd7674e0358111a
Sha256: 3097d0444becd9d089b52b7074072f19201525de874d0775012572fb375b7838
                                        
                                            GET /wp-content/plugins/gravityforms/js/datepicker.min.js?ver=2.4.17.11 HTTP/1.1 
Host: nationaltaxhelpline.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/claim-now-af1/?src=lola&utm_affid=15451-276161076&utm_clickid=4762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         109.203.126.150
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 09 Nov 2022 07:20:43 GMT
Server: Apache
Last-Modified: Fri, 02 Apr 2021 22:27:13 GMT
Accept-Ranges: bytes
Content-Length: 1125
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (1125), with no line terminators
Size:   1125
Md5:    7158a5798e811bec7c2a36437117ef97
Sha1:   81276ec99fb929b1e7fdeed98de83a50b4309a58
Sha256: 575a3e8fbb4b34e37c6d23363d66c1a2cdcec52e9e60abb360d1b1736808a568
                                        
                                            GET /wp-includes/js/jquery/ui/datepicker.min.js?ver=1.11.4 HTTP/1.1 
Host: nationaltaxhelpline.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/claim-now-af1/?src=lola&utm_affid=15451-276161076&utm_clickid=4762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         109.203.126.150
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 09 Nov 2022 07:20:43 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 03:40:43 GMT
Accept-Ranges: bytes
Content-Length: 36172
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (35947)
Size:   36172
Md5:    a236bd4097fcbfb009f64238dc4443a1
Sha1:   ddbeeaa10749e4a74fe624ced0531b9243235dd2
Sha256: 2c3f3b95a692312d9b75815ecb949a40c2a701ff148fe865fde55556c810a22c
                                        
                                            GET /wp-content/plugins/gravityforms/js/conditional_logic.min.js?ver=2.4.17.11 HTTP/1.1 
Host: nationaltaxhelpline.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/claim-now-af1/?src=lola&utm_affid=15451-276161076&utm_clickid=4762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         109.203.126.150
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 09 Nov 2022 07:20:43 GMT
Server: Apache
Last-Modified: Fri, 02 Apr 2021 22:27:13 GMT
Accept-Ranges: bytes
Content-Length: 7605
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (7605), with no line terminators
Size:   7605
Md5:    0e09bafc55f674b5ab0883be71e1869c
Sha1:   69de6946eb912aef9442d7a02e12ff0958270c58
Sha256: f75166e3f70100b65a6ce1d4128bc15286e92b19a546fa7709f739e9bcfe52c6
                                        
                                            GET /wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 HTTP/1.1 
Host: nationaltaxhelpline.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/claim-now-af1/?src=lola&utm_affid=15451-276161076&utm_clickid=4762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         109.203.126.150
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 09 Nov 2022 07:20:43 GMT
Server: Apache
Last-Modified: Thu, 15 Apr 2021 03:40:43 GMT
Accept-Ranges: bytes
Content-Length: 3929
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (3704)
Size:   3929
Md5:    e6784d91bf2c668bc4093063c5b15113
Sha1:   687e1d2e957a821280dbd205ae66182f16dfdc30
Sha256: 194ebae85ff853319e8668f23a4c5bf371a7d9f5d550a40980ab53026ddaaa17
                                        
                                            GET /wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.4.17.11 HTTP/1.1 
Host: nationaltaxhelpline.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/claim-now-af1/?src=lola&utm_affid=15451-276161076&utm_clickid=4762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         109.203.126.150
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 09 Nov 2022 07:20:43 GMT
Server: Apache
Last-Modified: Fri, 02 Apr 2021 22:27:13 GMT
Accept-Ranges: bytes
Content-Length: 4639
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (4610)
Size:   4639
Md5:    a39e45502bab7e9e26723e6ab243e8f8
Sha1:   ac62aacd5ee3e7b64ce6a92b5d8e3fb523e34d16
Sha256: d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060
                                        
                                            GET /wp-content/plugins/gravityforms-groupfields/asset/js/public.js?ver=1.0.2 HTTP/1.1 
Host: nationaltaxhelpline.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/claim-now-af1/?src=lola&utm_affid=15451-276161076&utm_clickid=4762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         109.203.126.150
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 09 Nov 2022 07:20:43 GMT
Server: Apache
Last-Modified: Wed, 11 Mar 2020 21:53:40 GMT
Accept-Ranges: bytes
Content-Length: 1943
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1943
Md5:    a1bbdaf4740b7cf0f5ba04542685462d
Sha1:   62ecd970d0e58b90e0e1b01ae245448505c4d0ae
Sha256: f0d12486bd4c5c543c76c41768ce4c909a4a416a9962ffc12547724d939c1ff9
                                        
                                            GET /wp-content/plugins/gravityformssignature/includes/super_signature/ss.js?ver=3.9 HTTP/1.1 
Host: nationaltaxhelpline.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/claim-now-af1/?src=lola&utm_affid=15451-276161076&utm_clickid=4762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         109.203.126.150
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 09 Nov 2022 07:20:43 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 16:37:08 GMT
Accept-Ranges: bytes
Content-Length: 29629
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 (with BOM) text, with very long lines (6082), with CRLF line terminators
Size:   29629
Md5:    a52cd101e523152e84cd9a413330e36c
Sha1:   d4d9d43330ba8cc25ff94102b01379204233e0c8
Sha256: 9cadb4c0922ce51f3b4e701c95c4b426db7109f15ef6ae69091b02fd8a219df9
                                        
                                            GET /wp-content/plugins/gravityformssignature/includes/super_signature/base64.js?ver=3.9 HTTP/1.1 
Host: nationaltaxhelpline.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/claim-now-af1/?src=lola&utm_affid=15451-276161076&utm_clickid=4762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         109.203.126.150
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 09 Nov 2022 07:20:43 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 16:37:08 GMT
Accept-Ranges: bytes
Content-Length: 3065
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   3065
Md5:    d0ac5dbed8e418cc0f38faa86c995c78
Sha1:   5c349aabe3a2838295f7a98d3098ba5be0c013ab
Sha256: 2c2948dc74d82f929f0b0c2d923d661515e5c68916a0dd97987bbefaf5231ecb
                                        
                                            GET /wp-content/plugins/gravityformssignature/js/frontend.min.js?ver=3.9 HTTP/1.1 
Host: nationaltaxhelpline.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/claim-now-af1/?src=lola&utm_affid=15451-276161076&utm_clickid=4762
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         109.203.126.150
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Wed, 09 Nov 2022 07:20:43 GMT
Server: Apache
Last-Modified: Mon, 18 May 2020 16:37:26 GMT
Accept-Ranges: bytes
Content-Length: 1998
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (1998), with no line terminators
Size:   1998
Md5:    e8bd49bd8cf5a6987c950f14fa1927ff
Sha1:   4d49f8e5be0d40454c5ca871e8f6d79c62f438b4
Sha256: 4c0a66436975adfcb7c9a6bc1404ebf5ea33dc286d8c739c5f4bd6c74e2885cb
                                        
                                            GET /wp-content/uploads/2021/01/Logo.jpg HTTP/1.1 
Host: nationaltaxhelpline.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/claim-now-af1/?src=lola&utm_affid=15451-276161076&utm_clickid=4762
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         109.203.126.150
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Wed, 09 Nov 2022 07:20:43 GMT
Server: Apache
Last-Modified: Wed, 13 Jan 2021 10:21:53 GMT
Accept-Ranges: bytes
Content-Length: 17939
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, baseline, precision 8, 317x112, components 3\012- data
Size:   17939
Md5:    9d77218f07c7126a7cf0779d1673b9f1
Sha1:   74b84e83a2dcf2986512c8d90390cf2fee5528f7
Sha256: 0a11dfd7e8fc39002b4a79379d85dcd0705491fdc575ba83fe28a1920878727b
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 09 Nov 2022 07:20:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /gtm.js?id=GTM-P93XGSL HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 09 Nov 2022 07:20:43 GMT
expires: Wed, 09 Nov 2022 07:20:43 GMT
cache-control: private, max-age=900
last-modified: Wed, 09 Nov 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 77058
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4149)
Size:   77058
Md5:    cb6c203689260fc31fe297935b035431
Sha1:   74cec70e83a71b9d16fca38f94b3f13bda2ed99b
Sha256: 5e765895ce74de93d52c8b459226c08f58c709bfb75e6afaf9271fa6a54a555c
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 09 Nov 2022 07:20:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /wp-content/uploads/2021/05/cropped-Untitled-design-11-32x32.png HTTP/1.1 
Host: nationaltaxhelpline.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/claim-now-af1/?src=lola&utm_affid=15451-276161076&utm_clickid=4762
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         109.203.126.150
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 09 Nov 2022 07:20:43 GMT
Server: Apache
Last-Modified: Fri, 18 Jun 2021 14:30:34 GMT
Accept-Ranges: bytes
Content-Length: 1302
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size:   1302
Md5:    11c9f4633586c27c0020ec6d168ddbb4
Sha1:   01a5768ecea3240049b100b04371adc8ed69d4ce
Sha256: 3628d443d28e3ea23fea28cfe7e69ad75e2d460f78be32b2034c293fb497a03e
                                        
                                            GET /wp-content/plugins/gravityformssignature/includes/super_signature/refresh.png HTTP/1.1 
Host: nationaltaxhelpline.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/claim-now-af1/?src=lola&utm_affid=15451-276161076&utm_clickid=4762
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         109.203.126.150
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 09 Nov 2022 07:20:43 GMT
Server: Apache
Last-Modified: Wed, 19 Aug 2020 00:42:51 GMT
Accept-Ranges: bytes
Content-Length: 1091
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 150 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size:   1091
Md5:    b9a90290e6150235b1094b65d9471bb1
Sha1:   16cad9f0d77f29b60bdb2f5f00b47520478bb509
Sha256: b7b55fad63c2148f3f8f6559923bf00317a1b7668e8ce15f94f04b495e8c567c
                                        
                                            GET /wp-content/uploads/2021/05/cropped-Untitled-design-11-192x192.png HTTP/1.1 
Host: nationaltaxhelpline.co.uk
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/claim-now-af1/?src=lola&utm_affid=15451-276161076&utm_clickid=4762
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         109.203.126.150
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Wed, 09 Nov 2022 07:20:43 GMT
Server: Apache
Last-Modified: Fri, 18 Jun 2021 14:30:34 GMT
Accept-Ranges: bytes
Content-Length: 10073
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   10073
Md5:    993cc691fec5b940d462d4d8064dc44d
Sha1:   4a7d23ccb6ceb4e6c575499829c0eea9b80d8e56
Sha256: fc9e075458825a50cc00658a9541a9546e09da207a181fed6e42ca86113d04cf
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4211
Expires: Wed, 09 Nov 2022 08:30:54 GMT
Date: Wed, 09 Nov 2022 07:20:43 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4211
Expires: Wed, 09 Nov 2022 08:30:54 GMT
Date: Wed, 09 Nov 2022 07:20:43 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4211
Expires: Wed, 09 Nov 2022 08:30:54 GMT
Date: Wed, 09 Nov 2022 07:20:43 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "89CC50A881FF8FAE94B7BFA2732D133DF59BAE06680F6D2147281EE7BF8AB00B"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4211
Expires: Wed, 09 Nov 2022 08:30:54 GMT
Date: Wed, 09 Nov 2022 07:20:43 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa0adf10c-d2d8-4768-a99e-671dd205fa5f.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9741
x-amzn-requestid: 19706043-9952-4148-bf73-815d2b80f88a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bKom8FixIAMFjzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63675492-26d889196e698552262b0ef6;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 06:30:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: uPmbLJ6IBuTrkBSsDauIJ7Fhley63BN_Nrwv_AhX7KPHZdUWXIuy3w==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 16:46:40 GMT
age: 52443
etag: "dd74707d8871dd800aa29bda2edc6105bd00adf6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9741
Md5:    10699bfbe3966b42cce253bfd3c09d0d
Sha1:   dd74707d8871dd800aa29bda2edc6105bd00adf6
Sha256: 26b571dbe9c885db2a2a6ae4e4a432b843a2815fb34ec976db7a3e6148a4dc8e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0cb56270-7d8d-4ba2-bc30-de736a42e1dd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12796
x-amzn-requestid: 31108e5a-3c69-4b62-99ea-1816df71a2aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bKuDcEzooAMF1iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63675d49-708c32857b683c5a39046202;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 07:07:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hRbYl8z9BgnFvtV-7f14N5JoCSebFBrKB7-seyEJAFPN628ccXDjLw==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 07:50:50 GMT
age: 84593
etag: "c0d68e81500af89bb4a3ac2c9bf010d941f7b5ee"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12796
Md5:    bb3fe96fee7d9da0905d9d565b44fc32
Sha1:   c0d68e81500af89bb4a3ac2c9bf010d941f7b5ee
Sha256: 2b602aa92c61c060a0cfa9b13a7bbbcb65388b91559702c4d509bf199cf30bed
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff66bafec-6420-4aea-8b22-96b8fe0d292b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8154
x-amzn-requestid: 1d9d6e13-69a4-473d-af4b-ef3d4382f3ca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTU2EyZoAMF94w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc1e-0dec203434f42df01d9a1182;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: GWFybdPyZxzujAi9urpfQ_1HZCiJpmxpzg6j7a2gwdZ5E89xfc1MXg==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:54:55 GMT
age: 33948
etag: "8cafda5659f5b36c855a2bbcaeb03aa715ddeebd"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8154
Md5:    c69b19d2273c3ade32fd0797921c0459
Sha1:   8cafda5659f5b36c855a2bbcaeb03aa715ddeebd
Sha256: d78b92e1175207b1179c85f9490f937e1647aeae3fe95cf8b3dc336db232945e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1b197dc2-1415-4c19-8d36-1fa334168ba5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9313
x-amzn-requestid: be3f6b0f-cf61-4bec-ad1a-87abdbc45d73
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTTwF5AoAMFZAw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc17-5ca45b5b1065a4ea492f2ac6;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:27 GMT
x-amz-cf-pop: SEA19-C3, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9lVY7YgQQ0FAP3ItgCSWePY0Msd4RIyBz4eNPc-K51BtnWUjOObv6g==
via: 1.1 31dfa94142c6eaf975b0e5454c00340a.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:43 GMT
etag: "9265cae98aa663a5498925b70079abdd8e7031fd"
age: 34620
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9313
Md5:    29429581f8dc762c69c5916009f70080
Sha1:   9265cae98aa663a5498925b70079abdd8e7031fd
Sha256: c3deee74c80905a1e92b84868b9987cb30ad7a210dca066b97c325cc2c83872e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F609c6c88-4535-488a-8bf4-de0e93b9ae31.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10822
x-amzn-requestid: 1b1e2dfc-4096-45cf-adb3-58f0b1d614bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bEAXHFhroAMF_Zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364adc6-7b94977b4143970a48bc1857;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 06:14:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: vzUPLMO4CDywKUQvQ9gbltVLYlNher7ZTXYC9A00LfwycdEmG7m9wg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 04:21:46 GMT
age: 10737
etag: "e26769d82108f89057b05096061f1276d34e223a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10822
Md5:    86ec3f22045de1a100eccf27d91593ae
Sha1:   e26769d82108f89057b05096061f1276d34e223a
Sha256: b863d19ab12945922b4d014c517f5ffe349cefe2bbe1c2f16661371f22378cbd
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10462
x-amzn-requestid: 6dc7dc5c-88e9-4550-abf0-f16965ab7cd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bF_38GKXoAMFwSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636579cc-28ea4125437c31cc34683fb7;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 20:45:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Q0yZmbExDP4tH0n1n2qj_NR2Mv_y_dsO0LJ1RKZoS6Me-NLbhpUWqw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 09:08:56 GMT
age: 79907
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10462
Md5:    4e2853cc6ec6223160471401e6871f4b
Sha1:   f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
Sha256: bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6493
Cache-Control: max-age=116154
Date: Wed, 09 Nov 2022 07:20:43 GMT
Etag: "636a5e28-1d7"
Expires: Thu, 10 Nov 2022 15:36:37 GMT
Last-Modified: Tue, 08 Nov 2022 13:48:24 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 09 Nov 2022 06:41:09 GMT
expires: Wed, 09 Nov 2022 08:41:09 GMT
cache-control: public, max-age=7200
age: 2374
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 09 Nov 2022 07:20:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /bat.js HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         204.79.197.200
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: private,max-age=1800
content-length: 11367
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ranges: bytes
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
set-cookie: MUID=165AC355EF2D61681BE5D102EED860F1; domain=.bing.com; expires=Mon, 04-Dec-2023 07:20:43 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 263CF52521E04639BC26314020BB0634 Ref B: OSL30EDGE0210 Ref C: 2022-11-09T07:20:43Z
date: Wed, 09 Nov 2022 07:20:43 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (38826), with no line terminators
Size:   11367
Md5:    293ae3e0fc8b0d5c143fdf9d8490228d
Sha1:   3976c659b908e70818a3a1ac71860b497fe2d1a9
Sha256: 04a840d967ae836e14179bde574cabf14a1fc871182ca0f8193e7a0b06c727ab
                                        
                                            GET /en_US/fbevents.js HTTP/1.1 
Host: connect.facebook.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.12
HTTP/2 200 OK
content-type: application/x-javascript; charset=utf-8
                                        
vary: Accept-Encoding
content-encoding: gzip
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: KzW/gux0XFjohQan21/9fes0YcNsV5GMaAtwenZI9DeCc3bbbrvIC5NLhM1AmItNjXre5IEu0UcsRWgirIYx7g==
content-length: 27337
x-fb-trip-id: 1904183273
date: Wed, 09 Nov 2022 07:20:43 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (64348)
Size:   27337
Md5:    0ac10debd3a9ea8147a26d045bb93e6e
Sha1:   ff45f3442508e8695f2303701682ebdb6e016464
Sha256: 5dee7b453b2c72c07ff1d62432493a044507835a8031ea62edf2fa7cc26219b9
                                        
                                            GET /pagead/viewthroughconversion/376354161/?random=1667978440535&cv=11&fst=1667978440535&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fnationaltaxhelpline.co.uk%2Fclaim-now-af1%2F%3Fsrc%3Dlola%26utm_affid%3D15451-276161076%26utm_clickid%3D4762&ref=http%3A%2F%2Fserviceclub.solutions%2F&tiba=Claim%20Now%20-%20National%20Tax%20Helpline&auid=1026774672.1667978441&rfmt=3&fmt=4 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.130
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 07:20:43 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 949
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 09-Nov-2022 07:35:43 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2099), with no line terminators
Size:   949
Md5:    d2af067554bebddcd51186beb4d0cdde
Sha1:   a4f554be1b46f773218fe30a95e957e585281405
Sha256: 61f12c688cef1be96da0a434c57c87573f4c1aafa4909f2a92941a57e65ade20
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3751
Cache-Control: max-age=113412
Date: Wed, 09 Nov 2022 07:20:43 GMT
Etag: "636a5e28-1d7"
Expires: Thu, 10 Nov 2022 14:50:55 GMT
Last-Modified: Tue, 08 Nov 2022 13:48:24 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 09 Nov 2022 07:20:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 09 Nov 2022 07:20:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /action/0?ti=56362249&tm=gtm002&Ver=2&mid=2372f62b-53d4-4a49-85e4-868adac84c63&sid=0403b0a05fff11ed98f791029b60383b&vid=0403d4505fff11eda285df31e8a07763&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Claim%20Now%20-%20National%20Tax%20Helpline&p=https%3A%2F%2Fnationaltaxhelpline.co.uk%2Fclaim-now-af1%2F%3Fsrc%3Dlola%26utm_affid%3D15451-276161076%26utm_clickid%3D4762&r=http%3A%2F%2Fserviceclub.solutions%2F&lt=2356&evt=pageLoad&sv=1&rn=35864 HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         204.79.197.200
HTTP/2 204 No Content
                                        
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=3EC326256716660D0993347266E3672E; domain=.bing.com; expires=Mon, 04-Dec-2023 07:20:43 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A889641E2C7144E39320388A6368AE5B Ref B: OSL30EDGE0210 Ref C: 2022-11-09T07:20:43Z
date: Wed, 09 Nov 2022 07:20:43 GMT
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 09 Nov 2022 07:20:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pagead/1p-user-list/376354161/?random=1667978440535&cv=11&fst=1667977200000&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fnationaltaxhelpline.co.uk%2Fclaim-now-af1%2F%3Fsrc%3Dlola%26utm_affid%3D15451-276161076%26utm_clickid%3D4762&ref=http%3A%2F%2Fserviceclub.solutions%2F&tiba=Claim%20Now%20-%20National%20Tax%20Helpline&fmt=3&is_vtc=1&random=1809736776&rmt_tld=0&ipr=y HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.164
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 07:20:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /pagead/1p-user-list/376354161/?random=1667978440535&cv=11&fst=1667977200000&bg=ffffff&guid=ON&async=1&gtm=2wgb70&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fnationaltaxhelpline.co.uk%2Fclaim-now-af1%2F%3Fsrc%3Dlola%26utm_affid%3D15451-276161076%26utm_clickid%3D4762&ref=http%3A%2F%2Fserviceclub.solutions%2F&tiba=Claim%20Now%20-%20National%20Tax%20Helpline&fmt=3&is_vtc=1&random=1809736776&rmt_tld=1&ipr=y HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.35
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 09 Nov 2022 07:20:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 09 Nov 2022 07:20:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.35
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Wed, 09 Nov 2022 07:20:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /p/action/56362249.js HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         204.79.197.200
HTTP/2 204 No Content
                                        
cache-control: private,max-age=1800
set-cookie: MUID=24AAE24552DF6D422E0EF012532A6CA1; domain=.bing.com; expires=Mon, 04-Dec-2023 07:20:43 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 37C370A6466F4469AABCD5D140E10CF1 Ref B: OSL30EDGE0210 Ref C: 2022-11-09T07:20:43Z
date: Wed, 09 Nov 2022 07:20:43 GMT
X-Firefox-Spdy: h2

                                        
                                            GET /tr/?id=251107796760460&ev=PageView&dl=https%3A%2F%2Fnationaltaxhelpline.co.uk%2Fclaim-now-af1%2F%3Fsrc%3Dlola%26utm_affid%3D15451-276161076%26utm_clickid%3D4762&rl=http%3A%2F%2Fserviceclub.solutions%2F&if=false&ts=1667978440886&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.2.1667978440886.1904113935&it=1667978440689&coo=false&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://nationaltaxhelpline.co.uk/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         31.13.72.36
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Wed, 09 Nov 2022 07:20:44 GMT
X-Firefox-Spdy: h2