claimyourcovidtaxrebate.com/
3.33.152.147301 Moved Permanently 83 B URL HTTP/1.1 claimyourcovidtaxrebate.com/
IP 3.33.152.147:0
File type HTML document, ASCII text
Hash 4287abcd43a8b15cfa746890c860a78e
d986193887ee833099ddbd006b3c7e7a0ca1d733
0b63993cbc0e12618bf5b32b26c633ebaebd68f068263c291b698c8532a3c997
NIDS Severity Alert suricata medium ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M1
GET / HTTP/1.1
Host: claimyourcovidtaxrebate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 29 Mar 2023 11:23:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 83
Connection: keep-alive
Location: https://taxrebatespecialists.com/q7xclgti/ercapp
Server: ip-100-74-3-20.eu-west-2.compute.internal
X-Request-Id: ec2750fb-0f47-4962-baed-3921018cee73
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7273
Expires: Wed, 29 Mar 2023 13:24:23 GMT
Date: Wed, 29 Mar 2023 11:23:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c83d39f350161ed2f5d20dcd68e47c92
2695a888e652cb314f8094cc6073c3364336d272
62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2976
Expires: Wed, 29 Mar 2023 12:12:46 GMT
Date: Wed, 29 Mar 2023 11:23:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 29 Mar 2023 10:28:09 GMT
content-type: application/json
age: 3301
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5ad3eec59bebbf969f175627757507c1
b176af3a70db378c9e1f219bab24d9d446070d6f
704fa284035b4c9aa487331b516f5f11c324e204756ae2503bad2606ed34f25e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "704FA284035B4C9AA487331B516F5F11C324E204756AE2503BAD2606ED34F25E"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2858
Expires: Wed, 29 Mar 2023 12:10:48 GMT
Date: Wed, 29 Mar 2023 11:23:10 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: p1C2gR/LO0wavNS8icmZ5EXJuOPOCfDt2SnZzo35IpbhGyrDyv7q6CCrkls3lNc5HApKIIJyrN4iRoXjtrNyFA==
x-amz-request-id: H7Y3TMT9VTYK04K6
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 29 Mar 2023 11:02:28 GMT
age: 1242
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 11:23:10 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a740252e7b24892a3e34f6dfed6e3bde
d44d21abb95edd1ccc775632254f11ee94fb585e
e289995a2b4b340364dd7dfa32c79c7722ece6cc4b893b38fc68bbce680d2f94
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E289995A2B4B340364DD7DFA32C79C7722ECE6CC4B893B38FC68BBCE680D2F94"
Last-Modified: Mon, 27 Mar 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12995
Expires: Wed, 29 Mar 2023 14:59:45 GMT
Date: Wed, 29 Mar 2023 11:23:10 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4744c449aaa7c8882cc3caf056b3afcc
e699706783c170da43e788a7ff93d1cc3675ba66
37f1a26b4446e6676d6f4e441ed4453ef63d3ed898d4500f028190856694a9f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "37F1A26B4446E6676D6F4E441ED4453EF63D3ED898D4500F028190856694A9F9"
Last-Modified: Mon, 27 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21574
Expires: Wed, 29 Mar 2023 17:22:44 GMT
Date: Wed, 29 Mar 2023 11:23:10 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Pragma, Last-Modified, Retry-After, Expires, Cache-Control, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 29 Mar 2023 11:17:26 GMT
age: 344
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.117.65.55101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.117.65.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JT5ZAN6ARx1M07J9CBNj7Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IT777tlvVBQDEW+VAvrjhGs2tag=
Date: Wed, 29 Mar 2023 11:23:10 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
taxrebatespecialists.com/q7xclgti/ercapp
159.203.118.151200 OK 7.0 kB URL HTTP/1.1 taxrebatespecialists.com/q7xclgti/ercapp
IP 159.203.118.151:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash d00a70fc75634bc3b55306805b6fb90a
42ae5c5eb361dfa2b5de6518a097af36ac3d178d
5824835a9f1d4877c06de76628006818d208928ceed6a825a5014559099dcd99
GET /q7xclgti/ercapp HTTP/1.1
Host: taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:10 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 14 Mar 2023 16:19:41 GMT
ETag: "91c7-5f6de9845c4ab-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Content-Length: 6955
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
code.jquery.com/ui/1.13.2/themes/base/jquery-ui.css
69.16.175.10200 OK 8.4 kB URL HTTP/2 code.jquery.com/ui/1.13.2/themes/base/jquery-ui.css
IP 69.16.175.10:0
File type ASCII text, with very long lines (2363)
Hash b0be9c684e7f2e9f5a7d13bb686fd5b3
d19c38a845691a804999059627fcc95b65469453
eaf5b79416cb6424a589dfcffdf9cac1c0ea065b77b477186a408165a9ff6dbf
GET /ui/1.13.2/themes/base/jquery-ui.css HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 11:23:11 GMT
content-encoding: gzip
content-length: 8356
content-type: text/css
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
accept-ranges: bytes
server: nginx
etag: W/"28feccc0-8d03"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1680088991.dop218.sk1.t,1680088991.cds262.sk1.hn,1680088991.cds225.sk1.c
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css
104.17.25.14200 OK 17 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (65317)
Hash 9148604f45c79d0647780dcde7080ed2
cee3c969d936e06019ab44a9eebd549b9e25c0af
332fb8271e3e531a2064f4638d531a1b6c7aab5c4496d62edb753dac0fcb2c4c
GET /ajax/libs/font-awesome/6.1.2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://taxrebatespecialists.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 11:23:11 GMT
content-type: text/css; charset=utf-8
content-length: 17188
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62deef96-4324"
last-modified: Mon, 25 Jul 2022 19:31:34 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 18802234
expires: Mon, 18 Mar 2024 11:23:11 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UI2SNESPWR3p8ZED8nMZGwjw1HbN%2BWWkB2c0sDYD6QFDBdCUjsGXTRD%2Ba%2FrT6QnQXZPdYqqSGuYCLZgERYJfngjkKYTkIERyNFRe9A5rEP3vmOCMvVaANhusCQeds69y%2BOfcWGi%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7af7bd424a9bb521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.6.0.js
69.16.175.10200 OK 85 kB URL HTTP/2 code.jquery.com/jquery-3.6.0.js
IP 69.16.175.10:0
Hash 416559bad4fc1149eba631e644a23a6e
20f8f18f94c74dbc1bde934719cbfa87d51828cf
37508a443be057a2fab1c4eee8d03632f406eaed15d09a26ac8dabe7877616e2
GET /jquery-3.6.0.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 11:23:11 GMT
content-encoding: gzip
content-length: 84714
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-46744"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1680088991.dop218.sk1.t,1680088991.cds262.sk1.hn,1680088991.cds214.sk1.c
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bfa3fc96de14a80af0187a7c3ee285d4
e60c9b3124ec2a611286af0b777319cf10230c1b
ccdfe9029ede4a2535fb88ed1d74b419cf65a63b204e7d28f215722c6fdd160b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 11:23:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bfa3fc96de14a80af0187a7c3ee285d4
e60c9b3124ec2a611286af0b777319cf10230c1b
ccdfe9029ede4a2535fb88ed1d74b419cf65a63b204e7d28f215722c6fdd160b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 11:23:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
taxrebatespecialists.com/js/client.js
159.203.118.151200 OK 368 B URL HTTP/1.1 taxrebatespecialists.com/js/client.js
IP 159.203.118.151:0
ASN #14061 DIGITALOCEAN-ASN
Hash 2e37e405fc54622540d4e02ce314ffef
1c46cc31eefe86f3861358fa20ee674277a42145
494208bd1ae432717dd19ecc1aa30aac834878d29475bb5decdc367b2c2d79a8
GET /js/client.js HTTP/1.1
Host: taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:11 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 14 Mar 2023 16:19:41 GMT
ETag: "251-5f6de9845c4ab-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Content-Length: 368
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
216.58.207.234200 OK 5.4 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
IP 216.58.207.234:0
File type ASCII text, with very long lines (2134)
Hash 30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
GET /ajax/libs/webfont/1.6.26/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 19:08:57 GMT
expires: Sat, 23 Mar 2024 19:08:57 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 404054
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bfa3fc96de14a80af0187a7c3ee285d4
e60c9b3124ec2a611286af0b777319cf10230c1b
ccdfe9029ede4a2535fb88ed1d74b419cf65a63b204e7d28f215722c6fdd160b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 11:23:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash bfa3fc96de14a80af0187a7c3ee285d4
e60c9b3124ec2a611286af0b777319cf10230c1b
ccdfe9029ede4a2535fb88ed1d74b419cf65a63b204e7d28f215722c6fdd160b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 11:23:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
taxrebatespecialists.com/css/uploadfile.css
159.203.118.151200 OK 1.2 kB URL HTTP/1.1 taxrebatespecialists.com/css/uploadfile.css
IP 159.203.118.151:0
ASN #14061 DIGITALOCEAN-ASN
File type assembler source, ASCII text
Hash 8a23dd0b8c0b01d33619767524fca4be
03fd56a1a990a012912514b63f7af2c154978f58
f18c4f9c810018ac403eefcf012024c4bca00f206a4540963671e986db2069b1
GET /css/uploadfile.css HTTP/1.1
Host: taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:11 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 14 Mar 2023 16:19:41 GMT
ETag: "11b7-5f6de984566ea-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Content-Length: 1183
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
taxrebatespecialists.com/js/jquery.uploadfile.min.js
159.203.118.151200 OK 6.1 kB URL HTTP/1.1 taxrebatespecialists.com/js/jquery.uploadfile.min.js
IP 159.203.118.151:0
ASN #14061 DIGITALOCEAN-ASN
Hash 771296b03049754d422dcb7f45cc8c75
0e67387fadd4f48cf494d39a764cbf3059e48f88
73dfe039437ff0d5cde566b0de95b44cd46ea22a92dffbbb9aed6b2f6c9b47a8
GET /js/jquery.uploadfile.min.js HTTP/1.1
Host: taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:11 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 14 Mar 2023 16:19:41 GMT
ETag: "6cd8-5f6de9845c4ab-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Content-Length: 6080
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
taxrebatespecialists.com/css/normalize.css
159.203.118.151200 OK 2.7 kB URL HTTP/1.1 taxrebatespecialists.com/css/normalize.css
IP 159.203.118.151:0
ASN #14061 DIGITALOCEAN-ASN
Hash 9333bec2f7e3e283ab0e4a6f0f71445b
5e8d8f7283bdc12af3d35af7cba44e81b1e7be4d
f9c6ed14b3b081702ae90d64a5f50a99b7c84bd9bb0534c5bff15ba07a837783
GET /css/normalize.css HTTP/1.1
Host: taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:11 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 14 Mar 2023 16:19:41 GMT
ETag: "1e5c-5f6de984566ea-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Content-Length: 2664
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
malsup.github.io/jquery.form.js?_=1680089014103
185.199.110.153200 OK 12 kB URL HTTP/2 malsup.github.io/jquery.form.js?_=1680089014103
IP 185.199.110.153:0
Hash 66e988165ab37a3b60f0928f40bd67da
8eaadb4a1f891ab5c6249c474340ca8024abc300
ba3122f330907b024e53d381793013aae1a98fe82bf758610450eae958c52995
GET /jquery.form.js?_=1680089014103 HTTP/1.1
Host: malsup.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sun, 03 May 2015 16:16:14 GMT
access-control-allow-origin: *
etag: W/"554649ce-ab74"
expires: Mon, 13 Mar 2023 22:38:25 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: HIT
x-github-request-id: 2144:6CDA:2064770:21B6A48:640FA948
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:23:11 GMT
via: 1.1 varnish
age: 162
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 4
x-timer: S1680088991.459984,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 7b77ed62aced2d47e28079a55c4461231e48b3a3
content-length: 12365
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e74baca1ac97b7e56ede5d3c6275b0b6
42d00f7402dff5c40a733d0b13d0bf97f779d072
d270ad25df7752707d30a41ddd2aef306c10d0396baccaa25ffd98fb148acaf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 11:23:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e74baca1ac97b7e56ede5d3c6275b0b6
42d00f7402dff5c40a733d0b13d0bf97f779d072
d270ad25df7752707d30a41ddd2aef306c10d0396baccaa25ffd98fb148acaf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 11:23:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e74baca1ac97b7e56ede5d3c6275b0b6
42d00f7402dff5c40a733d0b13d0bf97f779d072
d270ad25df7752707d30a41ddd2aef306c10d0396baccaa25ffd98fb148acaf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 11:23:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e74baca1ac97b7e56ede5d3c6275b0b6
42d00f7402dff5c40a733d0b13d0bf97f779d072
d270ad25df7752707d30a41ddd2aef306c10d0396baccaa25ffd98fb148acaf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 11:23:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
taxrebatespecialists.com/assets/index.31360fc2.css
159.203.118.151200 OK 2.1 kB URL HTTP/1.1 taxrebatespecialists.com/assets/index.31360fc2.css
IP 159.203.118.151:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (8670)
Hash 2b061d3dab0bd28d9fddf6c3fef7124b
2be35548be35144e679edd42113bd5be84ab5e13
5e8c7deb2df769d1198ed50a9cc6f2fccd2e34f1328897d9625dea89db81bc4b
GET /assets/index.31360fc2.css HTTP/1.1
Host: taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:11 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 14 Mar 2023 16:19:41 GMT
ETag: "21df-5f6de9845574a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Content-Length: 2079
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
fonts.gstatic.com/s/rubik/v26/iJWKBXyIfDnIV7nBrXw.woff2
216.58.207.227200 OK 34 kB URL HTTP/2 fonts.gstatic.com/s/rubik/v26/iJWKBXyIfDnIV7nBrXw.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 33868, version 1.0\012- data
Hash a55fefd02b25a2cb141efe2d17776d60
ba132269410be55bbd81032011d5904ceb33bc64
e5b4655e2fac9e5887dfc63e54a5ea312f8779ad2a4316765a690c5177ef1acc
GET /s/rubik/v26/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://taxrebatespecialists.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33868
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:46 GMT
expires: Sat, 23 Mar 2024 10:26:46 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 08 Mar 2023 21:37:56 GMT
content-type: font/woff2
age: 435385
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
taxrebatespecialists.com/css/trs-style.css
159.203.118.151200 OK 19 kB URL HTTP/1.1 taxrebatespecialists.com/css/trs-style.css
IP 159.203.118.151:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (2567)
Hash 3bf139a02509744ba4e9f48d7e1fcebf
258601323bcfbf169f9ecbe929bb7806134ae7be
480794091f54b20bb32fd0fd4d47e8e773daa8ed2bd63b32c49b44cb2e3bf9e5
GET /css/trs-style.css HTTP/1.1
Host: taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:11 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 14 Mar 2023 16:19:41 GMT
ETag: "1ee56-5f6de984566ea-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Content-Length: 19192
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash e74baca1ac97b7e56ede5d3c6275b0b6
42d00f7402dff5c40a733d0b13d0bf97f779d072
d270ad25df7752707d30a41ddd2aef306c10d0396baccaa25ffd98fb148acaf8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 11:23:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
taxrebatespecialists.com/css/affiliates.css
159.203.118.151200 OK 1.5 kB URL HTTP/1.1 taxrebatespecialists.com/css/affiliates.css
IP 159.203.118.151:0
ASN #14061 DIGITALOCEAN-ASN
Hash bc0df6c3747dcb37cd2b980fecb1aeb7
efba17e6ef2a38d897efe49503d38d19f67c344e
a39766d42501650cf910b9b89464a05c292373f6ef159beb1307e04075902f8e
GET /css/affiliates.css HTTP/1.1
Host: taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:11 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 14 Mar 2023 16:19:41 GMT
ETag: "1284-5f6de984566ea-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Content-Length: 1537
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
taxrebatespecialists.com/css/style.min.css
159.203.118.151200 OK 12 kB URL HTTP/1.1 taxrebatespecialists.com/css/style.min.css
IP 159.203.118.151:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (43771)
Hash 83cd92e15912583b5fa6ba2598e4872e
a1d189aafcbbfbafc97521f406d1981ce32bae11
ef4c4f345f7a1650d1b9b04d78742eb0bf5099e4039b5e766fac3cc322300ce4
GET /css/style.min.css HTTP/1.1
Host: taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:11 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 14 Mar 2023 16:19:41 GMT
ETag: "15b2d-5f6de984566ea-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Content-Length: 11682
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2327
Expires: Wed, 29 Mar 2023 12:01:59 GMT
Date: Wed, 29 Mar 2023 11:23:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2327
Expires: Wed, 29 Mar 2023 12:01:59 GMT
Date: Wed, 29 Mar 2023 11:23:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2327
Expires: Wed, 29 Mar 2023 12:01:59 GMT
Date: Wed, 29 Mar 2023 11:23:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2327
Expires: Wed, 29 Mar 2023 12:01:59 GMT
Date: Wed, 29 Mar 2023 11:23:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2327
Expires: Wed, 29 Mar 2023 12:01:59 GMT
Date: Wed, 29 Mar 2023 11:23:12 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf3e4f0a-faba-451d-ad59-1fb691753e14.jpeg
34.120.237.76200 OK 9.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf3e4f0a-faba-451d-ad59-1fb691753e14.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b6bd3d6c290e2be5effe451fddc92288
456c678dd0b64d84021c41383a534afeaa4d7af0
3d645c8b903b9f5593d068feb00b1c04cf8444ed78a292458e69d5c553cb1691
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf3e4f0a-faba-451d-ad59-1fb691753e14.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9781
x-amzn-requestid: 9a919196-e536-4ef7-a2b2-9637aa75abff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ceq6FGAJIAMF7Zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64228b73-769c33f459c985ab427ed47b;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 06:38:43 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: EFPuF3xknmH1frUX8bIJXNMjLoHEk_0V9Jd5sNxj16MR5cun53Xe1A==
via: 1.1 1cbc126937aab64e42a05f9bf2f8daee.cloudfront.net (CloudFront), 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 22:30:02 GMT
age: 46390
etag: "456c678dd0b64d84021c41383a534afeaa4d7af0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 253f48aa7cbf667d52cb37fda10cdb1f
e29478b866f90402b48d2b516d01d60a863c9cf9
b4a73ab71250b9e4a3f95e28dbf50dd000e1f338c7c3ac9f3351c1f6d6d3bfff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6049
x-amzn-requestid: 2d1a2a66-8b63-44f0-83ec-10628a5fcac6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CgvBFFMGIAMFhCg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235ed3-2a90bf0365925acb3b348489;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:40:35 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: bXiCIy2ZqOyLvougeQikdsmaIJ9BfMPpOO4oU-3nEGY33FQGCm0ZoQ==
via: 1.1 c28e01aa413e9ea602538ccda1511062.cloudfront.net (CloudFront), 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:44:35 GMT
age: 49117
etag: "e29478b866f90402b48d2b516d01d60a863c9cf9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef54a1ed997cc09495edb102ccdf6803
f5637efb37b5eecff77e60e6bcf5f599991f334f
fa76d7a82dc15baf02b207cea874d1332c20a0ebe1eea99929a6f2746608412c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8745
x-amzn-requestid: e1d8dab6-4c15-4752-b528-21854c93a11c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguJ5Hy5oAMFyAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235d72-4bd62c8472f7257a155b2a80;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:42 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: LAAUFZcFBIpdMUkaDQXGW1sdwLK9c_uhQQHLiJHGF7dEvfJ0KX7MaA==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:37:00 GMT
age: 49572
etag: "f5637efb37b5eecff77e60e6bcf5f599991f334f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fd1bc71c7e9eed7c086d752ea8b4b992
02a74cf88501d65b3dfcceb5adc79fd93ce785ed
a9a423d347533322d4d3ba90ee5fca5ca32f8d540f744ea2621deeda46df89f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7605
x-amzn-requestid: b7628073-4eb3-4ef6-b7d0-0224e0a75601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguY8GFPoAMFebQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235dd2-445041c74356c54053f772a1;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:18 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: npXnMYBUM1bcf7FQIJEHng73EkILWwM0Jvey0QDUvmln0kAJUG_Rpw==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:43:57 GMT
age: 49155
etag: "02a74cf88501d65b3dfcceb5adc79fd93ce785ed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da174e6ccc9451c5071ba10eeb97f6f6
c38827a9ac1218768839877263e1f2984fbdc454
76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: 7571f483-0d57-4f3f-9d86-2f18175cc0b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CRP5DG2BoAMFrdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641d2d06-400180d700df598366b8b16f;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 04:54:30 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 8LzPrLvhUnXntYPNCg_QN2LFUvQ-4FL4SMyYBxPOwlGd1sgL3j-Znw==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 23:09:21 GMT
age: 44031
etag: "c38827a9ac1218768839877263e1f2984fbdc454"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8819ddc-015a-4da7-bf88-9a5f6fac4462.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8819ddc-015a-4da7-bf88-9a5f6fac4462.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ab378a6531b886829e1762f72866500
9509f3e388d0f2627468b5ff8afd408eb19297a4
9535702379130bbc5e3439b2c226d3d8c51c6ee07690e64cbccf71e49085615c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8819ddc-015a-4da7-bf88-9a5f6fac4462.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9886
x-amzn-requestid: efa3e368-7941-467c-a4d7-f303b50a32a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CK848FbOoAMFnXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641aa838-5357cad3565e7b230505442f;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 07:03:20 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: UjD8avDwm-zEFik18U34bWU06SOeb-fBjelZcoGyzcie0Z1CAj6JUQ==
via: 1.1 b6cdb2111444305bd4957a473b711ad6.cloudfront.net (CloudFront), 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 18:08:57 GMT
age: 62055
etag: "9509f3e388d0f2627468b5ff8afd408eb19297a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
taxrebatespecialists.com/assets/index.db0e370f.js
159.203.118.151200 OK 495 kB URL HTTP/1.1 taxrebatespecialists.com/assets/index.db0e370f.js
IP 159.203.118.151:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (40327)
Size 495 kB (494909 bytes)
Hash ee0cea4d0939e7e0cef0135d1a201810
239b1e9edfa12cc556fb05f8aec19176d49381a1
00e8a24840e51f1a74bfdb859f86eb8f0146d56d28448a4c88e0a95268383725
GET /assets/index.db0e370f.js HTTP/1.1
Host: taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:11 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 14 Mar 2023 16:19:41 GMT
ETag: "1bf425-5f6de9845574a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
taxrebatespecialists.com/images/favicon.png
159.203.118.151200 OK 1.8 kB URL HTTP/1.1 taxrebatespecialists.com/images/favicon.png
IP 159.203.118.151:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 4462beb3ed28278477196560ebedcb06
5dbbb24229356dc3ddf976ac9f1ee0eb5b47d09f
32bf44c10c8eba684c56dd6a53da12132b97b1b738188e8d2c0642ca96ab005e
GET /images/favicon.png HTTP/1.1
Host: taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:13 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 14 Mar 2023 16:19:41 GMT
ETag: "6e9-5f6de9845862a"
Accept-Ranges: bytes
Content-Length: 1769
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
taxrebatespecialists.com/images/webclip.png
159.203.118.151200 OK 16 kB URL HTTP/1.1 taxrebatespecialists.com/images/webclip.png
IP 159.203.118.151:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Hash 04efb847d19b12d1994c3ab57763a2d9
8fd515afaef6de054a847772c3ca1d20231749c5
82f3caf2ab203c54b1ed838c7c2c60e2bfa6c43c19e1a7d2d8fef0c15c101fb9
GET /images/webclip.png HTTP/1.1
Host: taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:13 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 14 Mar 2023 16:19:41 GMT
ETag: "3dc8-5f6de9845c4ab"
Accept-Ranges: bytes
Content-Length: 15816
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c5647319f227feadab31954abce5a72a
aae914e77b3d7a0425df6cfe3cb36bc1677bfaff
c085064d49062f8c45173291ebcb6d22642d8575efb60487884a8227fe8e2e0e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085064D49062F8C45173291EBCB6D22642D8575EFB60487884A8227FE8E2E0E"
Last-Modified: Mon, 27 Mar 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21570
Expires: Wed, 29 Mar 2023 17:22:44 GMT
Date: Wed, 29 Mar 2023 11:23:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c5647319f227feadab31954abce5a72a
aae914e77b3d7a0425df6cfe3cb36bc1677bfaff
c085064d49062f8c45173291ebcb6d22642d8575efb60487884a8227fe8e2e0e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085064D49062F8C45173291EBCB6D22642D8575EFB60487884A8227FE8E2E0E"
Last-Modified: Mon, 27 Mar 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 29 Mar 2023 17:23:14 GMT
Date: Wed, 29 Mar 2023 11:23:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c5647319f227feadab31954abce5a72a
aae914e77b3d7a0425df6cfe3cb36bc1677bfaff
c085064d49062f8c45173291ebcb6d22642d8575efb60487884a8227fe8e2e0e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085064D49062F8C45173291EBCB6D22642D8575EFB60487884A8227FE8E2E0E"
Last-Modified: Mon, 27 Mar 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21576
Expires: Wed, 29 Mar 2023 17:22:50 GMT
Date: Wed, 29 Mar 2023 11:23:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8116afdb349fdc7a97bb3ba2eddc07e1
aef4fe946d942e86a79337f4a74a7a8675417648
417a26537989029794c00a3419cb1382a72e920fff419c0c26a3eb55baa5dcdb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "417A26537989029794C00A3419CB1382A72E920FFF419C0C26A3EB55BAA5DCDB"
Last-Modified: Mon, 27 Mar 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21564
Expires: Wed, 29 Mar 2023 17:22:38 GMT
Date: Wed, 29 Mar 2023 11:23:14 GMT
Connection: keep-alive
apiv2.taxrebatespecialists.com/applications/affiliatevalidator
159.203.118.151204 No Content 0 B URL HTTP/1.1 apiv2.taxrebatespecialists.com/applications/affiliatevalidator
IP 159.203.118.151:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /applications/affiliatevalidator HTTP/1.1
Host: apiv2.taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://taxrebatespecialists.com/
Origin: https://taxrebatespecialists.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
Date: Wed, 29 Mar 2023 11:23:14 GMT
Server: Apache/2.4.41 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Vary: Access-Control-Request-Headers
Access-Control-Allow-Headers: authorization,content-type
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
apiv2.taxrebatespecialists.com/customizer/1
159.203.118.151204 No Content 0 B URL HTTP/1.1 apiv2.taxrebatespecialists.com/customizer/1
IP 159.203.118.151:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /customizer/1 HTTP/1.1
Host: apiv2.taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://taxrebatespecialists.com/
Origin: https://taxrebatespecialists.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 204 No Content
Date: Wed, 29 Mar 2023 11:23:14 GMT
Server: Apache/2.4.41 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Vary: Access-Control-Request-Headers
Access-Control-Allow-Headers: authorization
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6832c9d3acf00d1b8b0c0fbdc39e653d
b70716cf3b7ec049f1032036c518577abe21b4be
bb95d272fb10f75c78ed1b8eb63fadbac5c81909c00116a4638054c9869cca91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB95D272FB10F75C78ED1B8EB63FADBAC5C81909C00116A4638054C9869CCA91"
Last-Modified: Wed, 29 Mar 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21537
Expires: Wed, 29 Mar 2023 17:22:11 GMT
Date: Wed, 29 Mar 2023 11:23:14 GMT
Connection: keep-alive
apiv2.taxrebatespecialists.com/customizer/1
159.203.118.151200 OK 128 B URL HTTP/1.1 apiv2.taxrebatespecialists.com/customizer/1
IP 159.203.118.151:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with no line terminators
Hash 4acba228bae90b6a2c68d821286f89ad
856d3aba2fa674986f523c692fc740b595b89e21
0e0e016774b305215aded8dba23263f95386e492caa4eae72d54f66bbb6ac6e7
GET /customizer/1 HTTP/1.1
Host: apiv2.taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.e30.sa1ZMaEWAHUoTTT8fCB7ciTFViC9koZqc10TlwzRxpk
Origin: https://taxrebatespecialists.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:14 GMT
Server: Apache/2.4.41 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Content-Type: application/json; charset=utf-8
Content-Length: 128
ETag: W/"80-hW06ui+mdJhvUjxpL8dAtZW4niE"
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
apiv2.taxrebatespecialists.com/applications/affiliatevalidator
159.203.118.151200 OK 51 B URL HTTP/1.1 apiv2.taxrebatespecialists.com/applications/affiliatevalidator
IP 159.203.118.151:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with no line terminators
Hash 86629378786e9971e9292fef17d23d4f
a5c53909c3d17239efaab68dd863fa9fb7825572
21e16128eceecbbaa0f518dd374988977f362998d92d565b9f60ade4dddfe51a
POST /applications/affiliatevalidator HTTP/1.1
Host: apiv2.taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Content-Type: application/json
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.e30.sa1ZMaEWAHUoTTT8fCB7ciTFViC9koZqc10TlwzRxpk
Content-Length: 24
Origin: https://taxrebatespecialists.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:14 GMT
Server: Apache/2.4.41 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Content-Type: application/json; charset=utf-8
Content-Length: 51
ETag: W/"33-pcU5CcPRcjnvqraN2GP6n7eCVXI"
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
api.taxrebatespecialists.com/activity.php
159.203.118.151200 OK 0 B URL HTTP/1.1 api.taxrebatespecialists.com/activity.php
IP 159.203.118.151:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /activity.php HTTP/1.1
Host: api.taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://taxrebatespecialists.com/
Origin: https://taxrebatespecialists.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6832c9d3acf00d1b8b0c0fbdc39e653d
b70716cf3b7ec049f1032036c518577abe21b4be
bb95d272fb10f75c78ed1b8eb63fadbac5c81909c00116a4638054c9869cca91
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB95D272FB10F75C78ED1B8EB63FADBAC5C81909C00116A4638054C9869CCA91"
Last-Modified: Wed, 29 Mar 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21546
Expires: Wed, 29 Mar 2023 17:22:20 GMT
Date: Wed, 29 Mar 2023 11:23:14 GMT
Connection: keep-alive
api.taxrebatespecialists.com/activity.php
159.203.118.151200 OK 0 B URL HTTP/1.1 api.taxrebatespecialists.com/activity.php
IP 159.203.118.151:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /activity.php HTTP/1.1
Host: api.taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Content-Type: application/json
Content-Length: 63
Origin: https://taxrebatespecialists.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
api.taxrebatespecialists.com/retrieveprequal.php?affiliate=q7xclgti
159.203.118.151200 OK 0 B URL HTTP/1.1 api.taxrebatespecialists.com/retrieveprequal.php?affiliate=q7xclgti
IP 159.203.118.151:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /retrieveprequal.php?affiliate=q7xclgti HTTP/1.1
Host: api.taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Origin: https://taxrebatespecialists.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
taxrebatespecialists.com/images/TRS-Logo-White-Horizontal.svg
159.203.118.151200 OK 16 kB URL HTTP/1.1 taxrebatespecialists.com/images/TRS-Logo-White-Horizontal.svg
IP 159.203.118.151:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 7268912ac892560ddd0ca60287387870
4c3bdd86ddd16a9f6ce3d4e601afb1caf56fcfce
9e295bddc8df7e5945e15483cc4fe86fa65d4ca5dc98b9e5bf0524b0ecc35b11
GET /images/TRS-Logo-White-Horizontal.svg HTTP/1.1
Host: taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 14 Mar 2023 16:19:41 GMT
ETag: "3ee1-5f6de9845768a"
Accept-Ranges: bytes
Content-Length: 16097
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
taxrebatespecialists.com/images/trs-logo-color.svg
159.203.118.151200 OK 15 kB URL HTTP/1.1 taxrebatespecialists.com/images/trs-logo-color.svg
IP 159.203.118.151:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6b9dc6294834f7f3cb98a6384bd588ed
9d9c3de4fc40d96f5ad012581144661c381c25d1
370de1af96c412f446d18d8ac1c6480990313c9d49997af8ccc9a701dad1bb3a
GET /images/trs-logo-color.svg HTTP/1.1
Host: taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 29 Dec 2022 01:00:08 GMT
ETag: "3b8c-5f0ed01a24575"
Accept-Ranges: bytes
Content-Length: 15244
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
code.jquery.com/ui/1.13.2/jquery-ui.js
69.16.175.10200 OK 0 B URL HTTP/2 code.jquery.com/ui/1.13.2/jquery-ui.js
IP 69.16.175.10:0
GET /ui/1.13.2/jquery-ui.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 29 Mar 2023 11:23:11 GMT
content-encoding: gzip
content-length: 126267
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
accept-ranges: bytes
server: nginx
etag: W/"28feccc0-81307"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1680088991.dop218.sk1.t,1680088991.cds262.sk1.hn,1680088991.cds214.sk1.c
X-Firefox-Spdy: h2