Report - claimyourcovidtaxrebate.com/

Report Overview

Submitted URL
claimyourcovidtaxrebate.com/
IP
3.33.152.147
ASN
#16509 AMAZON-02
Submitted
2023-03-29 11:23:21
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
3
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
malsup.github.io	46665	2013-04-11T13:15:03Z	2023-03-27T23:14:06Z	391 B	13 kB	185.199.110.153
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T18:12:03Z	5.4 kB	14 kB	23.36.77.32
code.jquery.com	634	2012-05-21T19:28:02Z	2023-03-29T18:12:45Z	1.2 kB	94 kB	69.16.175.10
ajax.googleapis.com	12905	2013-08-16T11:51:31Z	2023-03-29T23:40:59Z	399 B	6.4 kB	216.58.207.234
api.taxrebatespecialists.com	unknown	2022-07-20T06:23:04Z	2023-03-19T03:25:18Z	1.5 kB	1.4 kB	159.203.118.151
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T18:24:36Z	413 B	5.9 kB	34.160.144.191
cdnjs.cloudflare.com	235	2015-04-17T22:46:33Z	2023-03-29T22:30:57Z	418 B	18 kB	104.17.25.14
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-29T23:11:09Z	500 B	35 kB	216.58.207.227
apiv2.taxrebatespecialists.com	unknown	2022-08-08T23:29:29Z	2023-02-06T03:03:10Z	2.3 kB	2.0 kB	159.203.118.151
claimyourcovidtaxrebate.com	unknown	2023-03-22T12:02:56Z	2023-03-28T11:12:48Z	359 B	399 B	3.33.152.147
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T18:13:46Z	333 B	391 B	34.117.237.239
taxrebatespecialists.com	unknown	2022-06-23T20:42:01Z	2023-03-22T12:03:01Z	5.7 kB	602 kB	159.203.118.151
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T22:30:19Z	3.2 kB	58 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T18:14:38Z	782 B	2.4 kB	35.241.9.150
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T18:37:20Z	606 B	238 B	34.117.65.55
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-29T18:12:02Z	3.1 kB	6.3 kB	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-29 11:23:32	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M1
2023-03-29 11:23:32	medium	Client IP	Internal IP	ET HUNTING Suspicious Domain Request for Possible COVID-19 Domain M1
2023-03-29 11:23:32	medium	Client IP	3.33.152.147	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M1

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (13)

	URL	Size	First Seen	Last Seen
	taxrebatespecialists.com/q7xclgti/ercapp	409 B	2023-03-29	2023-03-29
Pretty URL taxrebatespecialists.com/q7xclgti/ercapp IP 159.203.118.151 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:49:09 Last Seen2023-03-29 23:49:09 Times Seen1 Hash 815818b46f754282cb84f9c845f6ac96 8c8028a1185d5ae3c13478783ca1425c87baee6e 5e31fc87e4f95cf297328aa48c01849e1215f025aa0915c35356e5225b4798dc Loading...

	malsup.github.io/jquery.form.js?_=1680089014103	44 kB	2023-03-07	2024-04-17
Pretty URL malsup.github.io/jquery.form.js?_=1680089014103 IP 185.199.110.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:42 Last Seen2024-04-17 17:40:46 Times Seen573 Hash 08a24670beb2eae7ef79a6d5ac23874b eca8a1978457941622833130e92b9b274e2b3a36 3a16fd80d67008f1c947cf93ebb20e2af2ed1a6317e194d35ed15046076c4211 Loading...

	taxrebatespecialists.com/q7xclgti/ercapp	442 B	2023-03-29	2023-03-29
Pretty URL taxrebatespecialists.com/q7xclgti/ercapp IP 159.203.118.151 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:49:09 Last Seen2023-03-29 23:49:09 Times Seen1 Hash 60086e1bae9804c6906da9d8782b2256 2db95379fc4502b6ddb7d3411a91d6bfd93c4605 ebb03ba4163aa3239b1bb400fdf291f224e9b980a492a56ac486b3c8a6e6019e Loading...

	taxrebatespecialists.com/q7xclgti/ercapp	2.0 kB	2023-03-29	2023-08-07
Pretty URL taxrebatespecialists.com/q7xclgti/ercapp IP 159.203.118.151 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:49:09 Last Seen2023-08-07 18:04:40 Times Seen2 Hash 82ee28d625a5a648883f673af1506ed8 3725ca07932ee3316458582d0460011dea3c40ac 8dfcbe8d8e25ecaa1cb171e6c6ffe46fa2781863c0cf681f143c5377193c7203 Loading...

	taxrebatespecialists.com/js/client.js	593 B	2023-03-29	2023-03-29
Pretty URL taxrebatespecialists.com/js/client.js IP 159.203.118.151 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:49:09 Last Seen2023-03-29 23:49:09 Times Seen1 Hash 68b8e4752d63653d0045cf157c4be2e3 55837afbccf59dca82387306d3b8092ba775fff4 677742e7ef7d5cbd792b7284b860e1e5e237b808a6ca26a0ed5efa86c4f61f92 Loading...

	taxrebatespecialists.com/js/jquery.uploadfile.min.js	28 kB	2023-03-29	2023-03-29
Pretty URL taxrebatespecialists.com/js/jquery.uploadfile.min.js IP 159.203.118.151 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:49:09 Last Seen2023-03-29 23:49:09 Times Seen1 Hash e0282b1a3121cf02fd0528ae1acf1f57 65903379de3ca63f1eb217c3e297ed95fe7701bd b31a15aefac6ad605c307a3cc87f287807821ddcd31df3c83a60cc7ee0abe0b8 Loading...

	taxrebatespecialists.com/q7xclgti/ercapp	120 B	2023-03-29	2023-03-29
Pretty URL taxrebatespecialists.com/q7xclgti/ercapp IP 159.203.118.151 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:49:09 Last Seen2023-03-29 23:49:09 Times Seen1 Hash 3ce4c9f02fccbec192955977e5e2727e 8ba85ed4e7177dddac40585c515e76833103d569 08f043efa6c369b8ced944de7d52b0c6f2109132f9f173af903f221e2457957d Loading...

	taxrebatespecialists.com/q7xclgti/ercapp	294 B	2023-03-09	2024-01-14
Pretty URL taxrebatespecialists.com/q7xclgti/ercapp IP 159.203.118.151 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 02:55:30 Last Seen2024-01-14 22:56:22 Times Seen17 Hash d6662dd096d04b3e74cf5135ad974966 1c18264bebda318c740e6d47904f5606b509c1a3 f0bf885e018809719d566099c6cb04f59e8f553a0720fa82f925b97007789c4e Loading...

	taxrebatespecialists.com/assets/index.db0e370f.js	1.8 MB	2023-03-29	2023-03-29
Pretty URL taxrebatespecialists.com/assets/index.db0e370f.js IP 159.203.118.151 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:49:09 Last Seen2023-03-29 23:49:09 Times Seen1 Hash f7d53d89ef170dbad7e5c42311a6a75a e7e4b58393a52db482797333f9a5bc06d5bd54ed 9ab3d15804cfa7fa5b9db338a00dd4c88c9c402dc4170efdb44829fbaf24ae65 Loading...

	unknown	0 B	2023-03-07	2024-04-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-20 03:32:35 Times Seen36969335 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js	13 kB	2023-03-07	2024-04-19
Pretty URL ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js IP 216.58.207.234 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:17 Last Seen2024-04-19 19:08:39 Times Seen22315 Hash 7c96a5f11d9741541d5e3c42ff6380d7 d3fa2564c021cf730e58ffddb138cf6b57ed126e 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Loading...

	taxrebatespecialists.com/q7xclgti/ercapp	123 B	2023-03-29	2023-03-29
Pretty URL taxrebatespecialists.com/q7xclgti/ercapp IP 159.203.118.151 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:49:09 Last Seen2023-03-29 23:49:09 Times Seen1 Hash 1931c84d79d9f4e72846f6e2b4ea2ac0 e4bbe8710c65da5c9193df0d3a8c6496e0528a2f 2650884f9cf42a0b56e8e5a6b496b968add1dc486839573b67f77b0ce1587070 Loading...

		Size	First Seen	Last Seen
	#1 Write - ef4484cf5bc3b75d89f6a0639b5ac224	80 B	2023-03-29	2023-03-29
Pretty Observations First Seen2023-03-29 23:49:09 Last Seen2023-03-29 23:49:09 Times Seen1 Hash ef4484cf5bc3b75d89f6a0639b5ac224 7224776a413670e433339bfcc667649bb8ae9862 047f469717e5e7b039821e71eb24f398b7ab197ed365dfa51209c04587c343f2 Loading...

HTTP Transactions (65)

URL IP Response Size

claimyourcovidtaxrebate.com/

3.33.152.147

301 Moved Permanently

83 B

URL HTTP/1.1
claimyourcovidtaxrebate.com/
IP
3.33.152.147:0
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text
Size
83 B (83 bytes)
Hash
4287abcd43a8b15cfa746890c860a78e
d986193887ee833099ddbd006b3c7e7a0ca1d733
0b63993cbc0e12618bf5b32b26c633ebaebd68f068263c291b698c8532a3c997

Detections

NIDS	Severity	Alert
suricata	medium	ET HUNTING Suspicious GET Request with Possible COVID-19 Domain M1

HTTP Headers

GET / HTTP/1.1
Host: claimyourcovidtaxrebate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Wed, 29 Mar 2023 11:23:10 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 83
Connection: keep-alive
Location: https://taxrebatespecialists.com/q7xclgti/ercapp
Server: ip-100-74-3-20.eu-west-2.compute.internal
X-Request-Id: ec2750fb-0f47-4962-baed-3921018cee73

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7273
Expires: Wed, 29 Mar 2023 13:24:23 GMT
Date: Wed, 29 Mar 2023 11:23:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c83d39f350161ed2f5d20dcd68e47c92
2695a888e652cb314f8094cc6073c3364336d272
62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2976
Expires: Wed, 29 Mar 2023 12:12:46 GMT
Date: Wed, 29 Mar 2023 11:23:10 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
7f03faaba3392caae6dae54467bfdf6d
57ea1f14e8bfbcca8190c706d708c9fda12442c1
02ac551ba61fcbc6b04f244df065948b181a8a258db5c2e197aae66fdfcea8ee

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Length, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 29 Mar 2023 10:28:09 GMT
content-type: application/json
age: 3301
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5ad3eec59bebbf969f175627757507c1
b176af3a70db378c9e1f219bab24d9d446070d6f
704fa284035b4c9aa487331b516f5f11c324e204756ae2503bad2606ed34f25e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "704FA284035B4C9AA487331B516F5F11C324E204756AE2503BAD2606ED34F25E"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2858
Expires: Wed, 29 Mar 2023 12:10:48 GMT
Date: Wed, 29 Mar 2023 11:23:10 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: p1C2gR/LO0wavNS8icmZ5EXJuOPOCfDt2SnZzo35IpbhGyrDyv7q6CCrkls3lNc5HApKIIJyrN4iRoXjtrNyFA==
x-amz-request-id: H7Y3TMT9VTYK04K6
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 29 Mar 2023 11:02:28 GMT
age: 1242
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 11:23:10 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a740252e7b24892a3e34f6dfed6e3bde
d44d21abb95edd1ccc775632254f11ee94fb585e
e289995a2b4b340364dd7dfa32c79c7722ece6cc4b893b38fc68bbce680d2f94

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E289995A2B4B340364DD7DFA32C79C7722ECE6CC4B893B38FC68BBCE680D2F94"
Last-Modified: Mon, 27 Mar 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12995
Expires: Wed, 29 Mar 2023 14:59:45 GMT
Date: Wed, 29 Mar 2023 11:23:10 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4744c449aaa7c8882cc3caf056b3afcc
e699706783c170da43e788a7ff93d1cc3675ba66
37f1a26b4446e6676d6f4e441ed4453ef63d3ed898d4500f028190856694a9f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "37F1A26B4446E6676D6F4E441ED4453EF63D3ED898D4500F028190856694A9F9"
Last-Modified: Mon, 27 Mar 2023 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21574
Expires: Wed, 29 Mar 2023 17:22:44 GMT
Date: Wed, 29 Mar 2023 11:23:10 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Pragma, Last-Modified, Retry-After, Expires, Cache-Control, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 29 Mar 2023 11:17:26 GMT
age: 344
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.117.65.55

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.117.65.55:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JT5ZAN6ARx1M07J9CBNj7Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IT777tlvVBQDEW+VAvrjhGs2tag=
Date: Wed, 29 Mar 2023 11:23:10 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

taxrebatespecialists.com/q7xclgti/ercapp

159.203.118.151

200 OK

7.0 kB

URL HTTP/1.1
taxrebatespecialists.com/q7xclgti/ercapp
IP
159.203.118.151:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
7.0 kB (6955 bytes)
Hash
d00a70fc75634bc3b55306805b6fb90a
42ae5c5eb361dfa2b5de6518a097af36ac3d178d
5824835a9f1d4877c06de76628006818d208928ceed6a825a5014559099dcd99

HTTP Headers

GET /q7xclgti/ercapp HTTP/1.1
Host: taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:10 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 14 Mar 2023 16:19:41 GMT
ETag: "91c7-5f6de9845c4ab-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Content-Length: 6955
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

code.jquery.com/ui/1.13.2/themes/base/jquery-ui.css

69.16.175.10

200 OK

8.4 kB

URL HTTP/2
code.jquery.com/ui/1.13.2/themes/base/jquery-ui.css
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text, with very long lines (2363)
Size
8.4 kB (8356 bytes)
Hash
b0be9c684e7f2e9f5a7d13bb686fd5b3
d19c38a845691a804999059627fcc95b65469453
eaf5b79416cb6424a589dfcffdf9cac1c0ea065b77b477186a408165a9ff6dbf

HTTP Headers

GET /ui/1.13.2/themes/base/jquery-ui.css HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 29 Mar 2023 11:23:11 GMT
content-encoding: gzip
content-length: 8356
content-type: text/css
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
accept-ranges: bytes
server: nginx
etag: W/"28feccc0-8d03"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1680088991.dop218.sk1.t,1680088991.cds262.sk1.hn,1680088991.cds225.sk1.c
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css

104.17.25.14

200 OK

17 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.2/css/all.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65317)
Size
17 kB (17188 bytes)
Hash
9148604f45c79d0647780dcde7080ed2
cee3c969d936e06019ab44a9eebd549b9e25c0af
332fb8271e3e531a2064f4638d531a1b6c7aab5c4496d62edb753dac0fcb2c4c

HTTP Headers

GET /ajax/libs/font-awesome/6.1.2/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://taxrebatespecialists.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 29 Mar 2023 11:23:11 GMT
content-type: text/css; charset=utf-8
content-length: 17188
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "62deef96-4324"
last-modified: Mon, 25 Jul 2022 19:31:34 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 18802234
expires: Mon, 18 Mar 2024 11:23:11 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UI2SNESPWR3p8ZED8nMZGwjw1HbN%2BWWkB2c0sDYD6QFDBdCUjsGXTRD%2Ba%2FrT6QnQXZPdYqqSGuYCLZgERYJfngjkKYTkIERyNFRe9A5rEP3vmOCMvVaANhusCQeds69y%2BOfcWGi%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7af7bd424a9bb521-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.6.0.js

69.16.175.10

200 OK

85 kB

URL HTTP/2
code.jquery.com/jquery-3.6.0.js
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type
ASCII text
Size
85 kB (84714 bytes)
Hash
416559bad4fc1149eba631e644a23a6e
20f8f18f94c74dbc1bde934719cbfa87d51828cf
37508a443be057a2fab1c4eee8d03632f406eaed15d09a26ac8dabe7877616e2

HTTP Headers

GET /jquery-3.6.0.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 29 Mar 2023 11:23:11 GMT
content-encoding: gzip
content-length: 84714
content-type: application/javascript; charset=utf-8
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-46744"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1680088991.dop218.sk1.t,1680088991.cds262.sk1.hn,1680088991.cds214.sk1.c
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bfa3fc96de14a80af0187a7c3ee285d4
e60c9b3124ec2a611286af0b777319cf10230c1b
ccdfe9029ede4a2535fb88ed1d74b419cf65a63b204e7d28f215722c6fdd160b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 11:23:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bfa3fc96de14a80af0187a7c3ee285d4
e60c9b3124ec2a611286af0b777319cf10230c1b
ccdfe9029ede4a2535fb88ed1d74b419cf65a63b204e7d28f215722c6fdd160b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 11:23:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

taxrebatespecialists.com/js/client.js

159.203.118.151

200 OK

368 B

URL HTTP/1.1
taxrebatespecialists.com/js/client.js
IP
159.203.118.151:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text
Size
368 B (368 bytes)
Hash
2e37e405fc54622540d4e02ce314ffef
1c46cc31eefe86f3861358fa20ee674277a42145
494208bd1ae432717dd19ecc1aa30aac834878d29475bb5decdc367b2c2d79a8

HTTP Headers

GET /js/client.js HTTP/1.1
Host: taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:11 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 14 Mar 2023 16:19:41 GMT
ETag: "251-5f6de9845c4ab-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Content-Length: 368
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

216.58.207.234

200 OK

5.4 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
IP
216.58.207.234:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2134)
Size
5.4 kB (5437 bytes)
Hash
30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b

HTTP Headers

GET /ajax/libs/webfont/1.6.26/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 19:08:57 GMT
expires: Sat, 23 Mar 2024 19:08:57 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 404054
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bfa3fc96de14a80af0187a7c3ee285d4
e60c9b3124ec2a611286af0b777319cf10230c1b
ccdfe9029ede4a2535fb88ed1d74b419cf65a63b204e7d28f215722c6fdd160b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 11:23:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bfa3fc96de14a80af0187a7c3ee285d4
e60c9b3124ec2a611286af0b777319cf10230c1b
ccdfe9029ede4a2535fb88ed1d74b419cf65a63b204e7d28f215722c6fdd160b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 11:23:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

taxrebatespecialists.com/css/uploadfile.css

159.203.118.151

200 OK

1.2 kB

URL HTTP/1.1
taxrebatespecialists.com/css/uploadfile.css
IP
159.203.118.151:0
ASN
#14061 DIGITALOCEAN-ASN

File type
assembler source, ASCII text
Size
1.2 kB (1183 bytes)
Hash
8a23dd0b8c0b01d33619767524fca4be
03fd56a1a990a012912514b63f7af2c154978f58
f18c4f9c810018ac403eefcf012024c4bca00f206a4540963671e986db2069b1

HTTP Headers

GET /css/uploadfile.css HTTP/1.1
Host: taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:11 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 14 Mar 2023 16:19:41 GMT
ETag: "11b7-5f6de984566ea-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Content-Length: 1183
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

taxrebatespecialists.com/js/jquery.uploadfile.min.js

159.203.118.151

200 OK

6.1 kB

URL HTTP/1.1
taxrebatespecialists.com/js/jquery.uploadfile.min.js
IP
159.203.118.151:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text
Size
6.1 kB (6080 bytes)
Hash
771296b03049754d422dcb7f45cc8c75
0e67387fadd4f48cf494d39a764cbf3059e48f88
73dfe039437ff0d5cde566b0de95b44cd46ea22a92dffbbb9aed6b2f6c9b47a8

HTTP Headers

GET /js/jquery.uploadfile.min.js HTTP/1.1
Host: taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:11 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 14 Mar 2023 16:19:41 GMT
ETag: "6cd8-5f6de9845c4ab-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Content-Length: 6080
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

taxrebatespecialists.com/css/normalize.css

159.203.118.151

200 OK

2.7 kB

URL HTTP/1.1
taxrebatespecialists.com/css/normalize.css
IP
159.203.118.151:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text
Size
2.7 kB (2664 bytes)
Hash
9333bec2f7e3e283ab0e4a6f0f71445b
5e8d8f7283bdc12af3d35af7cba44e81b1e7be4d
f9c6ed14b3b081702ae90d64a5f50a99b7c84bd9bb0534c5bff15ba07a837783

HTTP Headers

GET /css/normalize.css HTTP/1.1
Host: taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:11 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 14 Mar 2023 16:19:41 GMT
ETag: "1e5c-5f6de984566ea-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Content-Length: 2664
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

malsup.github.io/jquery.form.js?_=1680089014103

185.199.110.153

200 OK

12 kB

URL HTTP/2
malsup.github.io/jquery.form.js?_=1680089014103
IP
185.199.110.153:0
ASN
#54113 FASTLY

File type
ASCII text
Size
12 kB (12365 bytes)
Hash
66e988165ab37a3b60f0928f40bd67da
8eaadb4a1f891ab5c6249c474340ca8024abc300
ba3122f330907b024e53d381793013aae1a98fe82bf758610450eae958c52995

HTTP Headers

GET /jquery.form.js?_=1680089014103 HTTP/1.1
Host: malsup.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Sun, 03 May 2015 16:16:14 GMT
access-control-allow-origin: *
etag: W/"554649ce-ab74"
expires: Mon, 13 Mar 2023 22:38:25 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: HIT
x-github-request-id: 2144:6CDA:2064770:21B6A48:640FA948
accept-ranges: bytes
date: Wed, 29 Mar 2023 11:23:11 GMT
via: 1.1 varnish
age: 162
x-served-by: cache-bma1654-BMA
x-cache: HIT
x-cache-hits: 4
x-timer: S1680088991.459984,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 7b77ed62aced2d47e28079a55c4461231e48b3a3
content-length: 12365
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e74baca1ac97b7e56ede5d3c6275b0b6
42d00f7402dff5c40a733d0b13d0bf97f779d072
d270ad25df7752707d30a41ddd2aef306c10d0396baccaa25ffd98fb148acaf8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 11:23:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e74baca1ac97b7e56ede5d3c6275b0b6
42d00f7402dff5c40a733d0b13d0bf97f779d072
d270ad25df7752707d30a41ddd2aef306c10d0396baccaa25ffd98fb148acaf8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 11:23:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e74baca1ac97b7e56ede5d3c6275b0b6
42d00f7402dff5c40a733d0b13d0bf97f779d072
d270ad25df7752707d30a41ddd2aef306c10d0396baccaa25ffd98fb148acaf8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 11:23:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e74baca1ac97b7e56ede5d3c6275b0b6
42d00f7402dff5c40a733d0b13d0bf97f779d072
d270ad25df7752707d30a41ddd2aef306c10d0396baccaa25ffd98fb148acaf8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 11:23:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

taxrebatespecialists.com/assets/index.31360fc2.css

159.203.118.151

200 OK

2.1 kB

URL HTTP/1.1
taxrebatespecialists.com/assets/index.31360fc2.css
IP
159.203.118.151:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with very long lines (8670)
Size
2.1 kB (2079 bytes)
Hash
2b061d3dab0bd28d9fddf6c3fef7124b
2be35548be35144e679edd42113bd5be84ab5e13
5e8c7deb2df769d1198ed50a9cc6f2fccd2e34f1328897d9625dea89db81bc4b

HTTP Headers

GET /assets/index.31360fc2.css HTTP/1.1
Host: taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:11 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 14 Mar 2023 16:19:41 GMT
ETag: "21df-5f6de9845574a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Content-Length: 2079
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

fonts.gstatic.com/s/rubik/v26/iJWKBXyIfDnIV7nBrXw.woff2

216.58.207.227

200 OK

34 kB

URL HTTP/2
fonts.gstatic.com/s/rubik/v26/iJWKBXyIfDnIV7nBrXw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 33868, version 1.0\012- data
Size
34 kB (33868 bytes)
Hash
a55fefd02b25a2cb141efe2d17776d60
ba132269410be55bbd81032011d5904ceb33bc64
e5b4655e2fac9e5887dfc63e54a5ea312f8779ad2a4316765a690c5177ef1acc

HTTP Headers

GET /s/rubik/v26/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://taxrebatespecialists.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33868
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:46 GMT
expires: Sat, 23 Mar 2024 10:26:46 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 08 Mar 2023 21:37:56 GMT
content-type: font/woff2
age: 435385
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

taxrebatespecialists.com/css/trs-style.css

159.203.118.151

200 OK

19 kB

URL HTTP/1.1
taxrebatespecialists.com/css/trs-style.css
IP
159.203.118.151:0
ASN
#14061 DIGITALOCEAN-ASN

File type
Unicode text, UTF-8 text, with very long lines (2567)
Size
19 kB (19192 bytes)
Hash
3bf139a02509744ba4e9f48d7e1fcebf
258601323bcfbf169f9ecbe929bb7806134ae7be
480794091f54b20bb32fd0fd4d47e8e773daa8ed2bd63b32c49b44cb2e3bf9e5

HTTP Headers

GET /css/trs-style.css HTTP/1.1
Host: taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:11 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 14 Mar 2023 16:19:41 GMT
ETag: "1ee56-5f6de984566ea-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Content-Length: 19192
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
e74baca1ac97b7e56ede5d3c6275b0b6
42d00f7402dff5c40a733d0b13d0bf97f779d072
d270ad25df7752707d30a41ddd2aef306c10d0396baccaa25ffd98fb148acaf8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 11:23:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

taxrebatespecialists.com/css/affiliates.css

159.203.118.151

200 OK

1.5 kB

URL HTTP/1.1
taxrebatespecialists.com/css/affiliates.css
IP
159.203.118.151:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text
Size
1.5 kB (1537 bytes)
Hash
bc0df6c3747dcb37cd2b980fecb1aeb7
efba17e6ef2a38d897efe49503d38d19f67c344e
a39766d42501650cf910b9b89464a05c292373f6ef159beb1307e04075902f8e

HTTP Headers

GET /css/affiliates.css HTTP/1.1
Host: taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:11 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 14 Mar 2023 16:19:41 GMT
ETag: "1284-5f6de984566ea-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Content-Length: 1537
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

taxrebatespecialists.com/css/style.min.css

159.203.118.151

200 OK

12 kB

URL HTTP/1.1
taxrebatespecialists.com/css/style.min.css
IP
159.203.118.151:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with very long lines (43771)
Size
12 kB (11682 bytes)
Hash
83cd92e15912583b5fa6ba2598e4872e
a1d189aafcbbfbafc97521f406d1981ce32bae11
ef4c4f345f7a1650d1b9b04d78742eb0bf5099e4039b5e766fac3cc322300ce4

HTTP Headers

GET /css/style.min.css HTTP/1.1
Host: taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:11 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 14 Mar 2023 16:19:41 GMT
ETag: "15b2d-5f6de984566ea-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Content-Length: 11682
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2327
Expires: Wed, 29 Mar 2023 12:01:59 GMT
Date: Wed, 29 Mar 2023 11:23:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2327
Expires: Wed, 29 Mar 2023 12:01:59 GMT
Date: Wed, 29 Mar 2023 11:23:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2327
Expires: Wed, 29 Mar 2023 12:01:59 GMT
Date: Wed, 29 Mar 2023 11:23:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2327
Expires: Wed, 29 Mar 2023 12:01:59 GMT
Date: Wed, 29 Mar 2023 11:23:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2327
Expires: Wed, 29 Mar 2023 12:01:59 GMT
Date: Wed, 29 Mar 2023 11:23:12 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf3e4f0a-faba-451d-ad59-1fb691753e14.jpeg

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf3e4f0a-faba-451d-ad59-1fb691753e14.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9781 bytes)
Hash
b6bd3d6c290e2be5effe451fddc92288
456c678dd0b64d84021c41383a534afeaa4d7af0
3d645c8b903b9f5593d068feb00b1c04cf8444ed78a292458e69d5c553cb1691

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf3e4f0a-faba-451d-ad59-1fb691753e14.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9781
x-amzn-requestid: 9a919196-e536-4ef7-a2b2-9637aa75abff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Ceq6FGAJIAMF7Zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64228b73-769c33f459c985ab427ed47b;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 06:38:43 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: EFPuF3xknmH1frUX8bIJXNMjLoHEk_0V9Jd5sNxj16MR5cun53Xe1A==
via: 1.1 1cbc126937aab64e42a05f9bf2f8daee.cloudfront.net (CloudFront), 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 22:30:02 GMT
age: 46390
etag: "456c678dd0b64d84021c41383a534afeaa4d7af0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (6049 bytes)
Hash
253f48aa7cbf667d52cb37fda10cdb1f
e29478b866f90402b48d2b516d01d60a863c9cf9
b4a73ab71250b9e4a3f95e28dbf50dd000e1f338c7c3ac9f3351c1f6d6d3bfff

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6049
x-amzn-requestid: 2d1a2a66-8b63-44f0-83ec-10628a5fcac6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CgvBFFMGIAMFhCg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235ed3-2a90bf0365925acb3b348489;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:40:35 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: bXiCIy2ZqOyLvougeQikdsmaIJ9BfMPpOO4oU-3nEGY33FQGCm0ZoQ==
via: 1.1 c28e01aa413e9ea602538ccda1511062.cloudfront.net (CloudFront), 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:44:35 GMT
age: 49117
etag: "e29478b866f90402b48d2b516d01d60a863c9cf9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8745 bytes)
Hash
ef54a1ed997cc09495edb102ccdf6803
f5637efb37b5eecff77e60e6bcf5f599991f334f
fa76d7a82dc15baf02b207cea874d1332c20a0ebe1eea99929a6f2746608412c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8745
x-amzn-requestid: e1d8dab6-4c15-4752-b528-21854c93a11c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguJ5Hy5oAMFyAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235d72-4bd62c8472f7257a155b2a80;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:42 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: LAAUFZcFBIpdMUkaDQXGW1sdwLK9c_uhQQHLiJHGF7dEvfJ0KX7MaA==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:37:00 GMT
age: 49572
etag: "f5637efb37b5eecff77e60e6bcf5f599991f334f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7605 bytes)
Hash
fd1bc71c7e9eed7c086d752ea8b4b992
02a74cf88501d65b3dfcceb5adc79fd93ce785ed
a9a423d347533322d4d3ba90ee5fca5ca32f8d540f744ea2621deeda46df89f3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7605
x-amzn-requestid: b7628073-4eb3-4ef6-b7d0-0224e0a75601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguY8GFPoAMFebQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235dd2-445041c74356c54053f772a1;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:18 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: npXnMYBUM1bcf7FQIJEHng73EkILWwM0Jvey0QDUvmln0kAJUG_Rpw==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:43:57 GMT
age: 49155
etag: "02a74cf88501d65b3dfcceb5adc79fd93ce785ed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9859 bytes)
Hash
da174e6ccc9451c5071ba10eeb97f6f6
c38827a9ac1218768839877263e1f2984fbdc454
76da406c8ae8cd6ca8471928f3aec3876aed2c21bc10edc0fbdaef5c100c1030

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff94a70cc-7556-4fae-8603-14d3b253f74c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9859
x-amzn-requestid: 7571f483-0d57-4f3f-9d86-2f18175cc0b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CRP5DG2BoAMFrdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641d2d06-400180d700df598366b8b16f;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 04:54:30 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 8LzPrLvhUnXntYPNCg_QN2LFUvQ-4FL4SMyYBxPOwlGd1sgL3j-Znw==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 23:09:21 GMT
age: 44031
etag: "c38827a9ac1218768839877263e1f2984fbdc454"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8819ddc-015a-4da7-bf88-9a5f6fac4462.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9886 bytes)
Hash
9ab378a6531b886829e1762f72866500
9509f3e388d0f2627468b5ff8afd408eb19297a4
9535702379130bbc5e3439b2c226d3d8c51c6ee07690e64cbccf71e49085615c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff8819ddc-015a-4da7-bf88-9a5f6fac4462.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9886
x-amzn-requestid: efa3e368-7941-467c-a4d7-f303b50a32a6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CK848FbOoAMFnXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641aa838-5357cad3565e7b230505442f;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 07:03:20 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: UjD8avDwm-zEFik18U34bWU06SOeb-fBjelZcoGyzcie0Z1CAj6JUQ==
via: 1.1 b6cdb2111444305bd4957a473b711ad6.cloudfront.net (CloudFront), 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 18:08:57 GMT
age: 62055
etag: "9509f3e388d0f2627468b5ff8afd408eb19297a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

taxrebatespecialists.com/assets/index.db0e370f.js

159.203.118.151

200 OK

495 kB

URL HTTP/1.1
taxrebatespecialists.com/assets/index.db0e370f.js
IP
159.203.118.151:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with very long lines (40327)
Size
495 kB (494909 bytes)
Hash
ee0cea4d0939e7e0cef0135d1a201810
239b1e9edfa12cc556fb05f8aec19176d49381a1
00e8a24840e51f1a74bfdb859f86eb8f0146d56d28448a4c88e0a95268383725

HTTP Headers

GET /assets/index.db0e370f.js HTTP/1.1
Host: taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:11 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 14 Mar 2023 16:19:41 GMT
ETag: "1bf425-5f6de9845574a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

taxrebatespecialists.com/images/favicon.png

159.203.118.151

200 OK

1.8 kB

URL HTTP/1.1
taxrebatespecialists.com/images/favicon.png
IP
159.203.118.151:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1769 bytes)
Hash
4462beb3ed28278477196560ebedcb06
5dbbb24229356dc3ddf976ac9f1ee0eb5b47d09f
32bf44c10c8eba684c56dd6a53da12132b97b1b738188e8d2c0642ca96ab005e

HTTP Headers

GET /images/favicon.png HTTP/1.1
Host: taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:13 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 14 Mar 2023 16:19:41 GMT
ETag: "6e9-5f6de9845862a"
Accept-Ranges: bytes
Content-Length: 1769
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

taxrebatespecialists.com/images/webclip.png

159.203.118.151

200 OK

16 kB

URL HTTP/1.1
taxrebatespecialists.com/images/webclip.png
IP
159.203.118.151:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size
16 kB (15816 bytes)
Hash
04efb847d19b12d1994c3ab57763a2d9
8fd515afaef6de054a847772c3ca1d20231749c5
82f3caf2ab203c54b1ed838c7c2c60e2bfa6c43c19e1a7d2d8fef0c15c101fb9

HTTP Headers

GET /images/webclip.png HTTP/1.1
Host: taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:13 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 14 Mar 2023 16:19:41 GMT
ETag: "3dc8-5f6de9845c4ab"
Accept-Ranges: bytes
Content-Length: 15816
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c5647319f227feadab31954abce5a72a
aae914e77b3d7a0425df6cfe3cb36bc1677bfaff
c085064d49062f8c45173291ebcb6d22642d8575efb60487884a8227fe8e2e0e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085064D49062F8C45173291EBCB6D22642D8575EFB60487884A8227FE8E2E0E"
Last-Modified: Mon, 27 Mar 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21570
Expires: Wed, 29 Mar 2023 17:22:44 GMT
Date: Wed, 29 Mar 2023 11:23:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c5647319f227feadab31954abce5a72a
aae914e77b3d7a0425df6cfe3cb36bc1677bfaff
c085064d49062f8c45173291ebcb6d22642d8575efb60487884a8227fe8e2e0e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085064D49062F8C45173291EBCB6D22642D8575EFB60487884A8227FE8E2E0E"
Last-Modified: Mon, 27 Mar 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Wed, 29 Mar 2023 17:23:14 GMT
Date: Wed, 29 Mar 2023 11:23:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c5647319f227feadab31954abce5a72a
aae914e77b3d7a0425df6cfe3cb36bc1677bfaff
c085064d49062f8c45173291ebcb6d22642d8575efb60487884a8227fe8e2e0e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085064D49062F8C45173291EBCB6D22642D8575EFB60487884A8227FE8E2E0E"
Last-Modified: Mon, 27 Mar 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21576
Expires: Wed, 29 Mar 2023 17:22:50 GMT
Date: Wed, 29 Mar 2023 11:23:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8116afdb349fdc7a97bb3ba2eddc07e1
aef4fe946d942e86a79337f4a74a7a8675417648
417a26537989029794c00a3419cb1382a72e920fff419c0c26a3eb55baa5dcdb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "417A26537989029794C00A3419CB1382A72E920FFF419C0C26A3EB55BAA5DCDB"
Last-Modified: Mon, 27 Mar 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21564
Expires: Wed, 29 Mar 2023 17:22:38 GMT
Date: Wed, 29 Mar 2023 11:23:14 GMT
Connection: keep-alive

apiv2.taxrebatespecialists.com/applications/affiliatevalidator

159.203.118.151

204 No Content

0 B

URL HTTP/1.1
apiv2.taxrebatespecialists.com/applications/affiliatevalidator
IP
159.203.118.151:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /applications/affiliatevalidator HTTP/1.1
Host: apiv2.taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type
Referer: https://taxrebatespecialists.com/
Origin: https://taxrebatespecialists.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/1.1 204 No Content
Date: Wed, 29 Mar 2023 11:23:14 GMT
Server: Apache/2.4.41 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Vary: Access-Control-Request-Headers
Access-Control-Allow-Headers: authorization,content-type
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

apiv2.taxrebatespecialists.com/customizer/1

159.203.118.151

204 No Content

0 B

URL HTTP/1.1
apiv2.taxrebatespecialists.com/customizer/1
IP
159.203.118.151:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /customizer/1 HTTP/1.1
Host: apiv2.taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Referer: https://taxrebatespecialists.com/
Origin: https://taxrebatespecialists.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/1.1 204 No Content
Date: Wed, 29 Mar 2023 11:23:14 GMT
Server: Apache/2.4.41 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Vary: Access-Control-Request-Headers
Access-Control-Allow-Headers: authorization
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6832c9d3acf00d1b8b0c0fbdc39e653d
b70716cf3b7ec049f1032036c518577abe21b4be
bb95d272fb10f75c78ed1b8eb63fadbac5c81909c00116a4638054c9869cca91

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB95D272FB10F75C78ED1B8EB63FADBAC5C81909C00116A4638054C9869CCA91"
Last-Modified: Wed, 29 Mar 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21537
Expires: Wed, 29 Mar 2023 17:22:11 GMT
Date: Wed, 29 Mar 2023 11:23:14 GMT
Connection: keep-alive

apiv2.taxrebatespecialists.com/customizer/1

159.203.118.151

200 OK

128 B

URL HTTP/1.1
apiv2.taxrebatespecialists.com/customizer/1
IP
159.203.118.151:0
ASN
#14061 DIGITALOCEAN-ASN

File type
JSON data\012- , ASCII text, with no line terminators
Size
128 B (128 bytes)
Hash
4acba228bae90b6a2c68d821286f89ad
856d3aba2fa674986f523c692fc740b595b89e21
0e0e016774b305215aded8dba23263f95386e492caa4eae72d54f66bbb6ac6e7

HTTP Headers

GET /customizer/1 HTTP/1.1
Host: apiv2.taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.e30.sa1ZMaEWAHUoTTT8fCB7ciTFViC9koZqc10TlwzRxpk
Origin: https://taxrebatespecialists.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:14 GMT
Server: Apache/2.4.41 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Content-Type: application/json; charset=utf-8
Content-Length: 128
ETag: W/"80-hW06ui+mdJhvUjxpL8dAtZW4niE"
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

apiv2.taxrebatespecialists.com/applications/affiliatevalidator

159.203.118.151

200 OK

51 B

URL HTTP/1.1
apiv2.taxrebatespecialists.com/applications/affiliatevalidator
IP
159.203.118.151:0
ASN
#14061 DIGITALOCEAN-ASN

File type
JSON data\012- , ASCII text, with no line terminators
Size
51 B (51 bytes)
Hash
86629378786e9971e9292fef17d23d4f
a5c53909c3d17239efaab68dd863fa9fb7825572
21e16128eceecbbaa0f518dd374988977f362998d92d565b9f60ade4dddfe51a

HTTP Headers

POST /applications/affiliatevalidator HTTP/1.1
Host: apiv2.taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Content-Type: application/json
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.e30.sa1ZMaEWAHUoTTT8fCB7ciTFViC9koZqc10TlwzRxpk
Content-Length: 24
Origin: https://taxrebatespecialists.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:14 GMT
Server: Apache/2.4.41 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Content-Type: application/json; charset=utf-8
Content-Length: 51
ETag: W/"33-pcU5CcPRcjnvqraN2GP6n7eCVXI"
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive

api.taxrebatespecialists.com/activity.php

159.203.118.151

200 OK

0 B

URL HTTP/1.1
api.taxrebatespecialists.com/activity.php
IP
159.203.118.151:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /activity.php HTTP/1.1
Host: api.taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://taxrebatespecialists.com/
Origin: https://taxrebatespecialists.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6832c9d3acf00d1b8b0c0fbdc39e653d
b70716cf3b7ec049f1032036c518577abe21b4be
bb95d272fb10f75c78ed1b8eb63fadbac5c81909c00116a4638054c9869cca91

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BB95D272FB10F75C78ED1B8EB63FADBAC5C81909C00116A4638054C9869CCA91"
Last-Modified: Wed, 29 Mar 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21546
Expires: Wed, 29 Mar 2023 17:22:20 GMT
Date: Wed, 29 Mar 2023 11:23:14 GMT
Connection: keep-alive

api.taxrebatespecialists.com/activity.php

159.203.118.151

200 OK

0 B

URL HTTP/1.1
api.taxrebatespecialists.com/activity.php
IP
159.203.118.151:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /activity.php HTTP/1.1
Host: api.taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Content-Type: application/json
Content-Length: 63
Origin: https://taxrebatespecialists.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

api.taxrebatespecialists.com/retrieveprequal.php?affiliate=q7xclgti

159.203.118.151

200 OK

0 B

URL HTTP/1.1
api.taxrebatespecialists.com/retrieveprequal.php?affiliate=q7xclgti
IP
159.203.118.151:0
ASN
#14061 DIGITALOCEAN-ASN

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /retrieveprequal.php?affiliate=q7xclgti HTTP/1.1
Host: api.taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Origin: https://taxrebatespecialists.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

taxrebatespecialists.com/images/TRS-Logo-White-Horizontal.svg

159.203.118.151

200 OK

16 kB

URL HTTP/1.1
taxrebatespecialists.com/images/TRS-Logo-White-Horizontal.svg
IP
159.203.118.151:0
ASN
#14061 DIGITALOCEAN-ASN

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
16 kB (16097 bytes)
Hash
7268912ac892560ddd0ca60287387870
4c3bdd86ddd16a9f6ce3d4e601afb1caf56fcfce
9e295bddc8df7e5945e15483cc4fe86fa65d4ca5dc98b9e5bf0524b0ecc35b11

HTTP Headers

GET /images/TRS-Logo-White-Horizontal.svg HTTP/1.1
Host: taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Tue, 14 Mar 2023 16:19:41 GMT
ETag: "3ee1-5f6de9845768a"
Accept-Ranges: bytes
Content-Length: 16097
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml

taxrebatespecialists.com/images/trs-logo-color.svg

159.203.118.151

200 OK

15 kB

URL HTTP/1.1
taxrebatespecialists.com/images/trs-logo-color.svg
IP
159.203.118.151:0
ASN
#14061 DIGITALOCEAN-ASN

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
15 kB (15244 bytes)
Hash
6b9dc6294834f7f3cb98a6384bd588ed
9d9c3de4fc40d96f5ad012581144661c381c25d1
370de1af96c412f446d18d8ac1c6480990313c9d49997af8ccc9a701dad1bb3a

HTTP Headers

GET /images/trs-logo-color.svg HTTP/1.1
Host: taxrebatespecialists.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Wed, 29 Mar 2023 11:23:14 GMT
Server: Apache/2.4.41 (Ubuntu)
Last-Modified: Thu, 29 Dec 2022 01:00:08 GMT
ETag: "3b8c-5f0ed01a24575"
Accept-Ranges: bytes
Content-Length: 15244
X-Content-Type-Options: nosniff
X-Frame-Options: deny
Referrer-Policy: origin
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml

code.jquery.com/ui/1.13.2/jquery-ui.js

69.16.175.10

200 OK

0 B

URL HTTP/2
code.jquery.com/ui/1.13.2/jquery-ui.js
IP
69.16.175.10:0
ASN
#20446 STACKPATH-CDN

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ui/1.13.2/jquery-ui.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://taxrebatespecialists.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 29 Mar 2023 11:23:11 GMT
content-encoding: gzip
content-length: 126267
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
accept-ranges: bytes
server: nginx
etag: W/"28feccc0-81307"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1680088991.dop218.sk1.t,1680088991.cds262.sk1.hn,1680088991.cds214.sk1.c
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML