urlquery - report: www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	Sent bytes	Received bytes	IP
ocsp.digicert.com (4)	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1364	3150	93.184.220.29
content-signature-2.cdn.mozilla.net (1)	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413	5843	34.160.144.191
firefox.settings.services.mozilla.com (2)	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782	2374	34.102.187.140
www.americantaxcredit.co (70)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	45270	740465	107.161.23.11
contile.services.mozilla.com (1)	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333	229	34.117.237.239
www.wellsfargo.com (2)	10586	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	863	1809	23.36.79.33
push.services.mozilla.com (1)	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606	127	34.208.31.97
img-getpocket.cdn.mozilla.net (6)	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3246	55751	34.120.237.76
r3.o.lencr.org (5)	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1690	4430	23.36.77.32

Scan Date	Severity	Indicator	Comment
2022-11-28	medium	www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p (...)	Phishing
2022-11-28	medium	www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p (...)	Phishing
2022-11-28	medium	www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p (...)	Phishing
2022-11-28	medium	www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p (...)	Phishing
2022-11-28	medium	www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p (...)	Phishing

Date	UQ / IDS / BL	URL	IP
2023-05-18 08:37:41 UTC	0 - 0 - 3	curl.dog/	107.161.23.11
2023-04-04 13:18:14 UTC	0 - 0 - 2	mail.godelivery.my.id/~medscrip/bjauosflfa.dz (...)	107.161.23.11
2023-03-29 13:25:16 UTC	0 - 0 - 2	inafastener-exhibition.net/~medscrip/bjauosfl (...)	107.161.23.11
2023-03-01 18:02:48 UTC	0 - 0 - 3	washathome.co/poral/	107.161.23.11
2023-02-07 00:55:56 UTC	0 - 0 - 6	tqgrn0dlmyg3u.nhg3pjzy482m.qg1z9f707614m6a1k. (...)	107.161.23.11

Date	UQ / IDS / BL	URL	IP
2023-06-06 14:29:45 UTC	0 - 1 - 0	www.hootech.com/NetMeter/NetMeterSetup.exe	107.191.125.184
2023-06-06 13:26:04 UTC	0 - 0 - 124	restaurant-lavie.de/uta/?0750931	107.161.23.61
2023-06-06 05:25:21 UTC	0 - 0 - 2	168.235.89.132/	168.235.89.132
2023-06-05 08:57:59 UTC	0 - 1 - 0	givemeyarn.com/n/13555692/%D8%A7%D9%86%D8%AA+ (...)	107.161.23.204
2023-06-04 06:31:56 UTC	0 - 1 - 0	givemeyarn.com/n/15701534/L2-Alive.rar.exe	107.161.23.204

Date	UQ / IDS / BL	URL	IP
2022-11-29 04:38:12 UTC	0 - 0 - 15	www.americantaxcredit.co/~medscrip/bjauosflfa (...)	107.161.23.11
2022-11-29 04:37:52 UTC	0 - 0 - 15	www.americantaxcredit.co/~medscrip/bjauosflfa (...)	107.161.23.11
2022-11-29 04:37:33 UTC	0 - 0 - 15	www.americantaxcredit.co/~medscrip/bjauosflfa (...)	107.161.23.11
2022-11-29 01:51:40 UTC	0 - 0 - 15	www.americantaxcredit.co/~medscrip/bjauosflfa (...)	107.161.23.11
2022-11-29 01:51:13 UTC	0 - 0 - 15	www.americantaxcredit.co/~medscrip/bjauosflfa (...)	107.161.23.11

Date	UQ / IDS / BL	URL	IP
2022-11-28 17:58:02 UTC	61 - 0 - 4	www.americantaxcredit.co/~medscrip/bjauosflfa (...)	107.161.23.11

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E" Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3974 Expires: Mon, 28 Nov 2022 19:04:06 GMT Date: Mon, 28 Nov 2022 17:57:52 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 150792cfc458af013998f4ef6bdf5f74 Sha1: d5179b2dcb11d06f82606bf6eb6648319998d63e Sha256: 72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	107.161.23.11 HTTP/1.1 301 Moved Permanently content-type: text/html Connection: Keep-Alive Keep-Alive: timeout=5, max=100 content-length: 707 date: Mon, 28 Nov 2022 17:57:52 GMT server: LiteSpeed location: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/ --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators Size: 707 Md5: 1304294c0823ca486542ba408ed761e3 Sha1: b2a70fb2d810ca13985882e6981f33998823e83e Sha256: 3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982 urlquery: - Phishing - Wells Fargo Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786" Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6174 Expires: Mon, 28 Nov 2022 19:40:46 GMT Date: Mon, 28 Nov 2022 17:57:52 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 71f9c681a82440fd55e76c780a20e55d Sha1: 3147768cfbcdd06e0c6e69684292e68e99917a80 Sha256: 5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4295 Cache-Control: max-age=150304 Date: Mon, 28 Nov 2022 17:57:52 GMT Etag: "63848df9-1d7" Expires: Wed, 30 Nov 2022 11:42:56 GMT Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT Server: ECS (ska/F705) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 9408cc0694fcbea57966c3a3ba906092 Sha1: fddcee1fdcf3209298e41a4b1b5560357fa165f0 Sha256: 6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: 4mVS3SN/SpYV8yH2lSqsWoTLaE1PkTEsQ8B6rmsVD0bbwdcZWBZHQUyiIEXVe7Acpoy1C3t0oq8= x-amz-request-id: Q2Y27GVVTWG28KFH content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Mon, 28 Nov 2022 17:45:07 GMT age: 765 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Mon, 28 Nov 2022 17:17:48 GMT cache-control: public,max-age=3600 age: 2404 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 30db107dcf4380cef05efea409c2e6a3 Sha1: 96e6a306fbc07299aba64e5c14e2bfca35872fa9 Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/ HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	107.161.23.11 HTTP/1.1 200 OK content-type: text/html; charset=UTF-8 Connection: Keep-Alive Keep-Alive: timeout=5, max=100 content-length: 12553 content-encoding: gzip vary: Accept-Encoding date: Mon, 28 Nov 2022 17:57:52 GMT server: LiteSpeed --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (745) Size: 12553 Md5: 551bfbeb03aff04c4348bb0eb5db6509 Sha1: ac7bb78f6b228e8bbfe4035d8da23f591f84ae69 Sha256: 3bf0dafbd2ab54a0be3e0ced290a0eddc946d12dbdfea54ce5b15d0270fa3d94 Blocklists: - fortinet: Phishing
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Mon, 28 Nov 2022 17:57:52 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: text/css Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:15 GMT accept-ranges: bytes content-encoding: gzip vary: Accept-Encoding content-length: 12348 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: ASCII text Size: 12348 Md5: eb0fd640862a811714f839da807b42c8 Sha1: 58ed0dbc073f51b4cc5ea6ff13dc63f5fc285613 Sha256: 49da2a504647faed72b2d37df938858513f3adb7bd1c8d1725483d617f2422c8
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/js/jquery.js HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: application/javascript Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:32 GMT accept-ranges: bytes content-encoding: gzip vary: Accept-Encoding content-length: 48954 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: ASCII text Size: 48954 Md5: 14d63370852be37636ba7d23b97f816f Sha1: c7f48b93520f79b70abfd75c8468ed57181034ee Sha256: 81d27b25147b3b8ae9e0a3b066ff5eb1d493f4f4f5cce7dec344c10f6da805d9 Blocklists: - fortinet: Phishing
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wf-logo.gif HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/gif Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:29 GMT accept-ranges: bytes content-length: 3718 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: GIF image data, version 89a, 62 x 62\012- data Size: 3718 Md5: d69ff1deb41d9c7593fcfdc0a6b395e2 Sha1: 4ea1efb99d83f3e9fc66d5f8141c4a9aab8a730f Sha256: edc5ee3b590dae17b0eb19063c34680c15ee144d13583d006e6a7976b69cd2db urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/js/home.js HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: application/javascript Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:31 GMT accept-ranges: bytes content-encoding: gzip vary: Accept-Encoding content-length: 32057 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: ASCII text, with very long lines (325) Size: 32057 Md5: 453bf39287925688149f2c9c07fd5c35 Sha1: 524d3667509486d4ce95440fbaa944591c45a0e3 Sha256: 45709f53d6b4b063b299772316698c7b938215f7973bc01b4c431a1df35375a2 Blocklists: - fortinet: Phishing
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-lock-sm.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:24 GMT accept-ranges: bytes content-length: 1339 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 13 x 14, 8-bit colormap, non-interlaced\012- data Size: 1339 Md5: 4f627420d188bbad8a77d9e50b01bb0f Sha1: 42524d238a9e6b5c77bdc2e821d12540d4b8f8f5 Sha256: a3c8f8c02df75338ec87757a65950f9152c56c4e34eb5f494f7e0c14cedfee95 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/hp_signon_bg.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:23 GMT accept-ranges: bytes content-length: 2794 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 226 x 169, 8-bit/color RGBA, non-interlaced\012- data Size: 2794 Md5: ebae38552c16033c7783d5ac3c5eae00 Sha1: 3b5fd156bf8e89ffdc34456635e15913868ad919 Sha256: 15f93d64144d386c80082dd9f918e1f57878e15298954c250a463bb2e29a524b urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/btn-icon-search.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:20 GMT accept-ranges: bytes content-length: 1295 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data Size: 1295 Md5: 9c4a13d12ae2cc124ac6600269afc485 Sha1: 5756dd6b6165af1bcfca526fccbaf6d980976bfd Sha256: da38fd7d6d2e1425dc8fecba13e64cd220d4f34d7c7d3ae76f9916d3b489b5d2 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/hp_lock_icon2.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:22 GMT accept-ranges: bytes content-length: 301 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 10 x 15, 8-bit/color RGBA, non-interlaced\012- data Size: 301 Md5: 21eb546bd68969ea11086646e669d2b8 Sha1: d553d8898af232bd0f23d21dc28b0849a67981b7 Sha256: 6f7fce83ca635384c825bc342dbfff2d929a0db91173dbff9e808397a2f2a787 urlquery: - Phishing - Wells Fargo
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Mon, 28 Nov 2022 17:08:55 GMT cache-control: public,max-age=3600 age: 2938 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/bg-c63-ribbon-shadow.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:19 GMT accept-ranges: bytes content-length: 238 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 3 x 36, 8-bit/color RGBA, non-interlaced\012- data Size: 238 Md5: 80f06d6fe9d94714808a03acab734938 Sha1: 6d373046e99dc04e8d6405db20ee0f9290e0657e Sha256: 3d4985981327dd5410104feb4cf4fb91538f0fa406a676e44a78210b5dc9ce8b urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/bg-c63-ribbon.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:19 GMT accept-ranges: bytes content-length: 3002 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 164 x 60, 8-bit/color RGBA, non-interlaced\012- data Size: 3002 Md5: 0064dc0e3cfb1d505b699825648bdbe5 Sha1: cf53dc992d5d136bdddd7ed48fc13b1af5f03feb Sha256: 461203b0b61c506410e8648871d59620da6f36d914a081577a1a6d01b7328baa urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/bg-footer.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:20 GMT accept-ranges: bytes content-length: 1411 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 9x60, components 3\012- data Size: 1411 Md5: de2b416f3f351aae7b9750fe5c0bafba Sha1: c168aa6e6b3232fb54658e8f03698a136c204f9f Sha256: 1ed889a15705bc76729d29d715c64f3d7f35de2ea519e1d2704924cf40d9e30d urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/hp_af_bg.gif HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css	107.161.23.11 HTTP/1.1 200 OK content-type: image/gif Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:22 GMT accept-ranges: bytes content-length: 1213 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: GIF image data, version 89a, 1 x 58\012- data Size: 1213 Md5: 7b822f00c50f16fb36e926d9da1af789 Sha1: 18857d045970500cfe342e4deb1062b780e1a02c Sha256: df8002dd64de942cafd7f03bb00d3989f945e0a14a25231ff048654b66076584 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/arrow-right-gray.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:19 GMT accept-ranges: bytes content-length: 1036 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 8 x 7, 8-bit/color RGBA, non-interlaced\012- data Size: 1036 Md5: be505af34d87e1972b34b80aa1514877 Sha1: a3ddb49f2bb237cdbdb0aa99811bc74029b1ad29 Sha256: df500743bbedcef7623fdf2ef0c05ca411437c6216674271f4cc8b32f910f96d urlquery: - Phishing - Wells Fargo
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4651 Cache-Control: max-age=140220 Date: Mon, 28 Nov 2022 17:57:53 GMT Etag: "63846532-1d7" Expires: Wed, 30 Nov 2022 08:54:53 GMT Last-Modified: Mon, 28 Nov 2022 07:37:22 GMT Server: ECS (ska/F717) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 931f6450c1bae373cd94f76ab4534ccd Sha1: ed46d8889d96a636a7faef169149fe8a1047932f Sha256: 9f7aa1dec84d72db2f39c368336d6181146c73e5e2fb4c6be18eee98c9c58525
GET /assets/images/global/chevron-large-left-grey.png HTTP/1.1 Host: www.wellsfargo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www.americantaxcredit.co/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	23.36.79.33 HTTP/1.1 200 OK Content-Type: image/png Content-Length: 249 Last-Modified: Fri, 24 May 2013 20:07:44 GMT ETag: "519fc890-f9" Expires: Sun, 09 Apr 2023 12:04:19 GMT Cache-Control: max-age=15552000 X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Accept-Ranges: bytes Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com Date: Mon, 28 Nov 2022 17:57:53 GMT Connection: keep-alive Strict-Transport-Security: max-age=31536000 ; includeSubDomains Set-Cookie: DCID=nq1te+3monO6oUykp+rrBQ%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure --- Additional Info --- Magic: PNG image data, 10 x 15, 8-bit/color RGBA, non-interlaced\012- data Size: 249 Md5: 19cbd1a0375fe73721c9457a62daeab5 Sha1: 219e75260a18cb504000a1150a4d786a9404f5a8 Sha256: b7b4da4a2d23cfed6cf949e002d1b0ae50131842ae8fe953be76bf75cd9ab792
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfia605_bn_b8172_0480_970x260.jpg HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/jpeg Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:29 GMT accept-ranges: bytes content-length: 52224 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 970x260, components 3\012- data Size: 52224 Md5: bdf3a9dc321722874c456e16ba7e0d07 Sha1: 1fa56defaff765c7e0308fa8791c569ff4fee681 Sha256: a1ded3e26ba27d15cc2bab60253e986e9f9158f295c63a5e324a73060ba48e6f urlquery: - Phishing - Wells Fargo
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3723 Cache-Control: 'max-age=158059' Date: Mon, 28 Nov 2022 17:57:53 GMT Etag: "63846532-1d7" Last-Modified: Mon, 28 Nov 2022 16:55:50 GMT Server: ECS (amb/6B80) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 931f6450c1bae373cd94f76ab4534ccd Sha1: ed46d8889d96a636a7faef169149fe8a1047932f Sha256: 9f7aa1dec84d72db2f39c368336d6181146c73e5e2fb4c6be18eee98c9c58525
GET /assets/images/global/chevron-large-right-grey.png HTTP/1.1 Host: www.wellsfargo.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://www.americantaxcredit.co/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	23.36.79.33 HTTP/1.1 200 OK Content-Type: image/png Content-Length: 259 Last-Modified: Fri, 24 May 2013 20:07:46 GMT ETag: "519fc892-103" Expires: Sun, 09 Apr 2023 08:03:40 GMT Cache-Control: max-age=15552000 X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Accept-Ranges: bytes Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com Date: Mon, 28 Nov 2022 17:57:53 GMT Connection: keep-alive Strict-Transport-Security: max-age=31536000 ; includeSubDomains Set-Cookie: DCID=X4mxlrXlFWYN0rWVmWPUbA%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure --- Additional Info --- Magic: PNG image data, 10 x 15, 8-bit/color RGBA, non-interlaced\012- data Size: 259 Md5: 081fae7218ce29edcb76158a0d0211f5 Sha1: 26eafbb627087e18e8f01a838f6d493b76cfa4e0 Sha256: 429a57520c174b1d7527c72849aa58157e4dd589e83ab55f93c91a63c528823d
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/chevron-right-blue.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:21 GMT accept-ranges: bytes content-length: 1020 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 6 x 9, 8-bit/color RGBA, non-interlaced\012- data Size: 1020 Md5: d84f6eb2426a66f21839e67f4bb18bb9 Sha1: c339e759dd99d63478a9e8f1d3f63976a001bd26 Sha256: 3554aa96a4221cb3bf2062ba10fdb9a83e81fe8e8d08b3ae5a92edf6a1b7b2f7 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/facebook_icon.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:21 GMT accept-ranges: bytes content-length: 313 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 30 x 30, 8-bit/color RGB, non-interlaced\012- data Size: 313 Md5: c517b7bb0978d5a3e38435ef5c844970 Sha1: 1c2134498faf941551df9dbb62814abb0f7b489f Sha256: 8ce209b2d7e5800555cc229e8534bff0c682bee3aa36f285837addd50b182621 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/google_icon.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:22 GMT accept-ranges: bytes content-length: 713 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 30 x 30, 8-bit/color RGB, non-interlaced\012- data Size: 713 Md5: e31cbd98ef74c574fccf7a8da6778cd8 Sha1: cc8757a4da495c8dde2319fe2052757e615b3012 Sha256: 694b6ead1b83a91de30230afb33e9c7b087ae17e3a418af266b1406077eab467 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/linkedin_icon.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:24 GMT accept-ranges: bytes content-length: 436 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 30 x 30, 8-bit/color RGB, non-interlaced\012- data Size: 436 Md5: f4250cff7ffd809440cc177021e58418 Sha1: adcbae9c924ebb7b3182fcfe2e53ea9cfe43625c Sha256: 336452f69ef3a98ac298f2686841c90dae7db1fca698a230c7bb627b7751208e urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/img/s.gif?log=1&pid=222-6531-64&pageUrl=http%3A%2F%2Fwww.americantaxcredit.co%2F~medscrip%2Fbjauosflfa.dz5e6ql1b6ip%2Fzx7zkuaxg97a6j1p.u1grkt8mkapj0tjks%2Fc6vrvuto4anvf4qx.i09u14uic8093krdzmg%2Frg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq%2F&cb=1669658272864&event=PageLoad&eventDescription=DisplayMarqueeCarouselItem&clist=242-6525-16~224-6277-32 HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate X-Requested-With: XMLHttpRequest Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 404 Not Found content-type: text/html Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: private, no-cache, no-store, must-revalidate, max-age=0 pragma: no-cache content-length: 1238 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators Size: 1238 Md5: 0bde7d4b3da67537eaf9188e6f8049cf Sha1: 64300fc482d01d38b40ab20e15960b6509665e5a Sha256: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 6372 Cache-Control: max-age=147314 Date: Mon, 28 Nov 2022 17:57:53 GMT Etag: "63847a2f-1d7" Expires: Wed, 30 Nov 2022 10:53:07 GMT Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT Server: ECS (ska/F717) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 7ab2ef968cb6a3078f4b9cb2dda813d4 Sha1: e669116047ca058a2c1b2999ff0ea8682719162c Sha256: 6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/img/s.gif?log=1&pid=222-6531-64&pageUrl=http%3A%2F%2Fwww.americantaxcredit.co%2F~medscrip%2Fbjauosflfa.dz5e6ql1b6ip%2Fzx7zkuaxg97a6j1p.u1grkt8mkapj0tjks%2Fc6vrvuto4anvf4qx.i09u14uic8093krdzmg%2Frg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq%2F&cb=1669658272895&event=PageLoad&eventDescription=DisplayRibbonCarouselItem&clist=182-6514-16~223-6251-32 HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate X-Requested-With: XMLHttpRequest Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 404 Not Found content-type: text/html Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: private, no-cache, no-store, must-revalidate, max-age=0 pragma: no-cache content-length: 1238 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators Size: 1238 Md5: 0bde7d4b3da67537eaf9188e6f8049cf Sha1: 64300fc482d01d38b40ab20e15960b6509665e5a Sha256: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/pinterest_icon.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:26 GMT accept-ranges: bytes content-length: 743 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 30 x 30, 8-bit/color RGB, non-interlaced\012- data Size: 743 Md5: 9a636673b3028308e0ec6bf64d8da3fe Sha1: a8ecbdd3374284333027c777fb452cde0369212c Sha256: 333d8baf4b77237c8c9f053f68239c072333883ebcde8eeb76ba09adfd3a4cd9 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/youtube_icon.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:30 GMT accept-ranges: bytes content-length: 445 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 30 x 30, 8-bit/color RGB, non-interlaced\012- data Size: 445 Md5: b4fd0176c79028fc55621c326d456d0f Sha1: 74088854f232db26851904e78b445f640d755172 Sha256: 6b2cd54a3f4fe48b36a87a4c0e4fa057436575aa76c0576c9294c616e49c51ce urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/twitter_icon.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:28 GMT accept-ranges: bytes content-length: 570 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 30 x 30, 8-bit/color RGB, non-interlaced\012- data Size: 570 Md5: c2cc026f8a40e4aa481e485a856c6ba1 Sha1: 03ef453c644c650bd97ac3463f5f60158acaf9a2 Sha256: c877e0eee1228b4710eff05be680dac647d81ce7a99379918c4f9bda1e4ec892 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfblog_icon.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:28 GMT accept-ranges: bytes content-length: 594 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 30 x 30, 8-bit/color RGB, non-interlaced\012- data Size: 594 Md5: 4a02e7da4ac21e067dd8542f456ef9f8 Sha1: 2dc14ae8aa840fe1f8f3b90ec04b80c7ea5a074a Sha256: 25c19d7dac2fbb3f86f92b21a6113cc378fe3edee8218d0f44707edb54a79a18 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/search_bar_gray_button_45x30.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:27 GMT accept-ranges: bytes content-length: 1136 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 45 x 30, 8-bit/color RGBA, non-interlaced\012- data Size: 1136 Md5: 9f433801d8e2a5c769a44ed1a921f067 Sha1: 8225c607085129f640a188e03c7469e0b5e2440a Sha256: e20b059c7051277dbb18d5ece18584c70670bc8afd3639cecf2587b391bd6bb5 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/carousel_dot_active.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:20 GMT accept-ranges: bytes content-length: 362 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 12 x 11, 8-bit/color RGBA, non-interlaced\012- data Size: 362 Md5: 76efb056b5fb48805f21888a41023803 Sha1: c0b85220d77b3bd7b6e89ea139b242b6aba729fd Sha256: 4d76553824f903c7edb364b622d8713ab2339834a973d77c7b51b9bdd6bd0037 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-compass.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:23 GMT accept-ranges: bytes content-length: 3999 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 55 x 40, 8-bit/color RGBA, non-interlaced\012- data Size: 3999 Md5: 98b2be6845f546309023dbef6c359710 Sha1: d929f7682a939c78a2eabf9961929ca9f3276201 Sha256: 8ccf08a81271d23c713b8b55043da958d73f320217a251f4add4d633a942d6f7 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/carousel_dot.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:20 GMT accept-ranges: bytes content-length: 254 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 12 x 11, 8-bit/color RGBA, non-interlaced\012- data Size: 254 Md5: b170ba6b4076625053ec18c669127981 Sha1: 0b2652123f854b7b39cb423dfa61fa9791630b52 Sha256: 786019624e9fc20ec043ec6d9ab95b3bdbe84c01e57e5365137560d4fef25a44 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/bg-c63-chevron.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:19 GMT accept-ranges: bytes content-length: 11345 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 193 x 102, 8-bit/color RGBA, non-interlaced\012- data Size: 11345 Md5: fbbfcdb97930520d667fe6436950b012 Sha1: 2c8cf141075458535125d9f48b2f3fd76f26eafd Sha256: 88810d243d0ecf167d4e6ca367ce5eeee835b8ebae595fe4b9eb7c080b564ae7 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-survey1.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:24 GMT accept-ranges: bytes content-length: 1843 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 65 x 40, 8-bit/color RGBA, non-interlaced\012- data Size: 1843 Md5: 4d8b724bc3b43e3172835f8c902832b8 Sha1: 51655f5da4101d56e11eaeca9c5c52a5b3280fda Sha256: 7b77d7268f3ce696dda85b2ed68bad9973245bdcae3febb8cb3eea91dae7ca5c urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-graph.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:23 GMT accept-ranges: bytes content-length: 410 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 45 x 40, 8-bit/color RGBA, non-interlaced\012- data Size: 410 Md5: e7150ba69c24066736736611680a7457 Sha1: 19df90a537b21b2669d5067299921f4fbcceb5a5 Sha256: a17e190393ba8fc6e241aadb6c0ada6cfe8f27a4575137f8f902d95b1b8ae764 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-key-old-fashioned.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:23 GMT accept-ranges: bytes content-length: 801 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 44 x 40, 8-bit/color RGBA, non-interlaced\012- data Size: 801 Md5: fec96c74b755eedcc7a6a3283a746f4d Sha1: 7977da3cb41bf7c3cfb6b1129faf4a4f863c9b48 Sha256: bd5ed6749993b69c53283b23e8bd67ad97fd32b95f62fa731aa87e588069985c urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-mortarboard.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:23 GMT accept-ranges: bytes content-length: 1206 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 64 x 40, 8-bit/color RGBA, non-interlaced\012- data Size: 1206 Md5: eb402a474a130ae7e9da78825319c138 Sha1: d434b38c411ecef29ab81df0b4461d3b6645c46d Sha256: a63872f091b6475feb1104466739105a8b949cb98efdb94c16091d1a46177554 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-lock.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:23 GMT accept-ranges: bytes content-length: 947 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 38 x 40, 8-bit/color RGBA, non-interlaced\012- data Size: 947 Md5: 7b71a3a1ec5abd91f495a5f285a368e0 Sha1: bbd30a1cd36647b9dc2f05c0aa30478428f46ef2 Sha256: a0151e148864598aa0a83538a18fb6807f8ef6611fb79e5fa6017301ba8c0f14 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfia792_ph_vcbp0032686_227x288.jpg HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/jpeg Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:29 GMT accept-ranges: bytes content-length: 28362 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=\302\251 Corbis. All Rights Reserved.], baseline, precision 8, 227x288, components 3\012- data Size: 28362 Md5: 8bd80a2cc048dbfe00af7c524652b8ab Sha1: 9f156ef428c9c86aa945804ded8c1efe0b15eba3 Sha256: 63247feabb1403069d67d3752329d693dd55ea89f868fe26c41dfa5eb685ab99 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-house.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:23 GMT accept-ranges: bytes content-length: 809 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 63 x 40, 8-bit/color RGBA, non-interlaced\012- data Size: 809 Md5: 51a4de861c404232bc894ac45f2795e6 Sha1: cd3384677e95a48480d1c80b73a9458c3bd3fea3 Sha256: 150cd3e453eaf9d45bab87fcb6a3d420b2f3893083cf6ddae3e63c9378e7c901 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/sav_openw2saccount_234x144.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:53 GMT last-modified: Mon, 28 Nov 2022 15:00:27 GMT accept-ranges: bytes content-length: 3966 date: Mon, 28 Nov 2022 17:57:53 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 234 x 144, 8-bit colormap, non-interlaced\012- data Size: 3966 Md5: 9c8396c6fb54c9e82d00dd43aff3a38a Sha1: 200dd96e99239338b113a0f9700855d0d726b866 Sha256: 6a32b9de78a5d369ca33aaafdd3f517e1af0573c5f297d0421567c10b6af9bae urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/mba_iabrown_234x144.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:54 GMT last-modified: Mon, 28 Nov 2022 15:00:25 GMT accept-ranges: bytes content-length: 3692 date: Mon, 28 Nov 2022 17:57:54 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 234 x 144, 8-bit colormap, non-interlaced\012- data Size: 3692 Md5: a444a797a76f8345711c90bb93ba7cac Sha1: 113f4593453dbee15de550e3869829bae527f398 Sha256: efb6eee3edd815df498ce06c8cfa99a54a82d70195372d4933ea31b1a1b18d71 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/mtg_2ndprequalfindout06dm_227x238.jpg HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/jpeg Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:54 GMT last-modified: Mon, 28 Nov 2022 15:00:25 GMT accept-ranges: bytes content-length: 28685 date: Mon, 28 Nov 2022 17:57:54 GMT server: LiteSpeed --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 227x238, components 3\012- data Size: 28685 Md5: 942108c0438cf456b39773abaa8f9010 Sha1: b8d93e1dfce358040b6040709c8d7325507ba055 Sha256: 1f0af862d9699a4339a94792976cab45ee2e649323ade02ea5866936e5920151 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/mba_txtchkbal_227x238.jpg HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/jpeg Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:54 GMT last-modified: Mon, 28 Nov 2022 15:00:25 GMT accept-ranges: bytes content-length: 21845 date: Mon, 28 Nov 2022 17:57:54 GMT server: LiteSpeed --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 227x238, components 3\012- data Size: 21845 Md5: 0210cce875ab1bef3ec6d2d6a18dd80e Sha1: 0a63f681efaa2c3085270893fb1c68cb811e8f57 Sha256: 2468f48257f01b79c5bc9b7bbdf31d07e39439187b46c475f7854971a1acbc23 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/stagecoach.jpg HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/jpeg Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:54 GMT last-modified: Mon, 28 Nov 2022 15:00:27 GMT accept-ranges: bytes content-length: 4890 date: Mon, 28 Nov 2022 17:57:54 GMT server: LiteSpeed --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 219x87, components 3\012- data Size: 4890 Md5: a7904a8bd73927bae00c902fb999b4ee Sha1: 1fcde8e5697bdd02105d291a08d553fe8c0ab137 Sha256: 1f55cd70e90f5dcc98ed0b5555f10259828e3084d36d0567b15b35e5bd523823 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-equal-housing.gif HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/gif Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:54 GMT last-modified: Mon, 28 Nov 2022 15:00:24 GMT accept-ranges: bytes content-length: 776 date: Mon, 28 Nov 2022 17:57:54 GMT server: LiteSpeed --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 14x10, components 3\012- data Size: 776 Md5: c1f4a5e719c90b47be1fa329d75b9d75 Sha1: 9438c4d9ffb750b70fd1f71640cd49234b645f36 Sha256: 397bf475ca4b12d3595efbfebb09b9dff2529df4c3a55e5a3bbe7fab0a5cefe7 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/woman_on-tablet_227x288.jpg HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/jpeg Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:54 GMT last-modified: Mon, 28 Nov 2022 15:00:30 GMT accept-ranges: bytes content-length: 13512 date: Mon, 28 Nov 2022 17:57:54 GMT server: LiteSpeed --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 227x288, components 3\012- data Size: 13512 Md5: 6341680b80d4204ea9ebd8ff70a773f0 Sha1: 7c1e721f6b6770eee4bd4c9507c7fd4ce4aab4dd Sha256: a471933037c90b4277436a6b2d5d1bc479586bba273713ba01de6e096befd16a urlquery: - Phishing - Wells Fargo
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 226XKl49c4p4aJ02RmnpAA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	34.208.31.97 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: eB1zjVSMvuBTOKJ4kmvmeRHHUi0= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfia432_ph_g132269213_227x240.gif HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/gif Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:54 GMT last-modified: Mon, 28 Nov 2022 15:00:28 GMT accept-ranges: bytes content-length: 26553 date: Mon, 28 Nov 2022 17:57:54 GMT server: LiteSpeed --- Additional Info --- Magic: GIF image data, version 89a, 227 x 240\012- data Size: 26553 Md5: 15b63e74526b4bde34562aed0b9826d4 Sha1: e3e11223a938ddd6f3a185fc4e92663b4c7428de Sha256: 50829a52b0a4383f442edf6d316d2e30932914ddc892024d639d2f198b00b36f urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/afg_usedcarapply_234x144.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:54 GMT last-modified: Mon, 28 Nov 2022 15:00:18 GMT accept-ranges: bytes content-length: 3769 date: Mon, 28 Nov 2022 17:57:54 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 234 x 144, 8-bit colormap, non-interlaced\012- data Size: 3769 Md5: 4d2979757f06f51ca43178d7e0479797 Sha1: 20ff96176514d8a4ccae374f1aafbe4c97ce82f9 Sha256: 8404eca0fa62587b3eabbe41a3f2bf6a7a1517137cb20ed4d261c87e2a4ccafe urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfi999_bn_d-nopaymentsnodiscv2_234x144.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:54 GMT last-modified: Mon, 28 Nov 2022 15:00:28 GMT accept-ranges: bytes content-length: 5787 date: Mon, 28 Nov 2022 17:57:54 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 234 x 144, 8-bit colormap, non-interlaced\012- data Size: 5787 Md5: b103a16e8883695d2122ad8d5cae4050 Sha1: bd599598eb2569c2b5dbd1fbefb33de33a6365df Sha256: 81279882b10ea977c6c29cefbd0da60c87c41506309324b54132f33fc095f21d urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/assets/images/global/chevron-large-left-grey.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:54 GMT last-modified: Mon, 28 Nov 2022 15:00:14 GMT accept-ranges: bytes content-length: 249 date: Mon, 28 Nov 2022 17:57:54 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 10 x 15, 8-bit/color RGBA, non-interlaced\012- data Size: 249 Md5: 19cbd1a0375fe73721c9457a62daeab5 Sha1: 219e75260a18cb504000a1150a4d786a9404f5a8 Sha256: b7b4da4a2d23cfed6cf949e002d1b0ae50131842ae8fe953be76bf75cd9ab792 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/assets/images/global/chevron-large-right-grey.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:54 GMT last-modified: Mon, 28 Nov 2022 15:00:15 GMT accept-ranges: bytes content-length: 259 date: Mon, 28 Nov 2022 17:57:54 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 10 x 15, 8-bit/color RGBA, non-interlaced\012- data Size: 259 Md5: 081fae7218ce29edcb76158a0d0211f5 Sha1: 26eafbb627087e18e8f01a838f6d493b76cfa4e0 Sha256: 429a57520c174b1d7527c72849aa58157e4dd589e83ab55f93c91a63c528823d urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfia581_ph_g78750409_970x260.jpg HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/jpeg Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:54 GMT last-modified: Mon, 28 Nov 2022 15:00:28 GMT accept-ranges: bytes content-length: 58008 date: Mon, 28 Nov 2022 17:57:54 GMT server: LiteSpeed --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 970x260, components 3\012- data Size: 58008 Md5: 1999238dcb57f22e1573dd325e26e995 Sha1: 27d4054dd68e2580222e0bd2aa390274bb05389e Sha256: aea665d1dd1369add88b00765e48a4fea8e057c927ffed1c036a683714b88927 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/woman-farmers-market-227x288.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:54 GMT last-modified: Mon, 28 Nov 2022 15:00:30 GMT accept-ranges: bytes content-length: 40560 date: Mon, 28 Nov 2022 17:57:54 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 227 x 288, 8-bit colormap, non-interlaced\012- data Size: 40560 Md5: dcd148e28a4de0eca07b7a54752c24a4 Sha1: 0b4aa6cb589f0f693657fcd153dfbb2737617d96 Sha256: eebc9df9f8cf9bfab532c41cc0d1206cfe368001fb7b64ea3d1f37dd67bcd0d4 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfia999_tx_abcb2135_234x144.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:54 GMT last-modified: Mon, 28 Nov 2022 15:00:29 GMT accept-ranges: bytes content-length: 5587 date: Mon, 28 Nov 2022 17:57:54 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 234 x 144, 8-bit colormap, non-interlaced\012- data Size: 5587 Md5: c8ef81fe3462fb21d5f7e7f23bf6930a Sha1: 022ae407f424be15c4cbc3ca4bb371cb6c707251 Sha256: 344f68ddf6f08d721982a3492f60979d26a9eda7d7b6aa48481cf27872ad9c40 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/sav_savingssimpler_234x144.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:54 GMT last-modified: Mon, 28 Nov 2022 15:00:27 GMT accept-ranges: bytes content-length: 3851 date: Mon, 28 Nov 2022 17:57:54 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 234 x 144, 8-bit colormap, non-interlaced\012- data Size: 3851 Md5: 6cf3644db4a4c4a4b2b5e44e266eb8ed Sha1: 0c33c1194ec47ee517539ba91c9cee182e51a710 Sha256: 7794f82cb97333d92415b5117d5e496098302e023974bbcbd6b4aef2d5172532 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfib999_tx_d-autosavings_234x144.gif HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/gif Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:54 GMT last-modified: Mon, 28 Nov 2022 15:00:29 GMT accept-ranges: bytes content-length: 8921 date: Mon, 28 Nov 2022 17:57:54 GMT server: LiteSpeed --- Additional Info --- Magic: GIF image data, version 89a, 234 x 144\012- data Size: 8921 Md5: 033496b6ca7baf54574cbb553d546097 Sha1: eec7ebfdd50efbfaeaab95a8ee0bb4f2c5608570 Sha256: d06ee87c4b0bed9940a18d514d464c30308c669314db4838abe0b9487d52f155 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/mtg_buyingprequaldmiweghcpp_970x260.jpg HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/jpeg Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:54 GMT last-modified: Mon, 28 Nov 2022 15:00:26 GMT accept-ranges: bytes content-length: 60336 date: Mon, 28 Nov 2022 17:57:54 GMT server: LiteSpeed --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 970x260, components 3\012- data Size: 60336 Md5: dabdf4172d8be974436f5a03f5ef5aa5 Sha1: 1fa358339b49b306df1179429a908e6d28eeba9b Sha256: 560cc17a135f7d1bcf7447ae35759589206b9a8b2061911c77a36d4e9b7fffe0 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/ins_prudentialswitch1325_234x144.jpg HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/jpeg Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:54 GMT last-modified: Mon, 28 Nov 2022 15:00:24 GMT accept-ranges: bytes content-length: 8736 date: Mon, 28 Nov 2022 17:57:54 GMT server: LiteSpeed --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 234x144, components 3\012- data Size: 8736 Md5: ce48cf2abe027e6e1bdb8fb06bcfe025 Sha1: 96216a4c78d63a20452648bbc6ba29431ce2fe4c Sha256: af8dc28e0f4535397b636865b8b0bc331e796835e557f7d8ca2bbadda0a1cddc urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/college_students_smartphone_227x288.jpg HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/jpeg Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:54 GMT last-modified: Mon, 28 Nov 2022 15:00:21 GMT accept-ranges: bytes content-length: 35725 date: Mon, 28 Nov 2022 17:57:54 GMT server: LiteSpeed --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 227x288, components 3\012- data Size: 35725 Md5: a6775600889532d6786bbe25f845177e Sha1: aa6e18dae191be7753cc7fc54d8d19915df8600d Sha256: fc2a35d6d84b04811e4a6d17e67486ac2aea49b9101362e60395031fa460c546 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wifa999_tx_dabcbefs1561-2_234x144.gif HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/gif Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:54 GMT last-modified: Mon, 28 Nov 2022 15:00:30 GMT accept-ranges: bytes content-length: 8149 date: Mon, 28 Nov 2022 17:57:54 GMT server: LiteSpeed --- Additional Info --- Magic: GIF image data, version 89a, 234 x 144\012- data Size: 8149 Md5: defe0f1bb9eb29a814fb2a5746509919 Sha1: 496329613fcd04ffeb08bfdf848dadfbb1796bff Sha256: 87f1a19ba1e513760b638ce2143ec9109b1bd439bd86f786ff11775ee9b6458d urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/chk_studentcheckingcd3138_234x144.jpg HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/jpeg Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:54 GMT last-modified: Mon, 28 Nov 2022 15:00:21 GMT accept-ranges: bytes content-length: 7661 date: Mon, 28 Nov 2022 17:57:54 GMT server: LiteSpeed --- Additional Info --- Magic: JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 234x144, components 3\012- data Size: 7661 Md5: 80804c44d928a26d28b7168a20dcebc0 Sha1: 364b010c6b1ecb1527c4369ca01f884a8446f6d3 Sha256: 8e316f70fee31b2003edb2e3efa1ce3ae79b7ff9d2b7e926d5121c6aeec0b941 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/fraud-center-woman-on-phone_227x288.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:54 GMT last-modified: Mon, 28 Nov 2022 15:00:22 GMT accept-ranges: bytes content-length: 36793 date: Mon, 28 Nov 2022 17:57:54 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 227 x 288, 8-bit colormap, non-interlaced\012- data Size: 36793 Md5: 4e03f2782b3f0ceef3449410caa5962c Sha1: ad8f431f64754a3c4eac88753b00600e33d4cb8a Sha256: b576ee4f5da90d65c3e8a37cbbb38cb897567cd6d31a2093ef325d324ac0f610 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/oth_cyberthreats_234x144.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:54 GMT last-modified: Mon, 28 Nov 2022 15:00:26 GMT accept-ranges: bytes content-length: 2714 date: Mon, 28 Nov 2022 17:57:54 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 234 x 144, 8-bit colormap, non-interlaced\012- data Size: 2714 Md5: 6e7690f71e79d41c51a19f9448762db0 Sha1: 27b79779ccbca311e7e6950e022bc29fc2a4dd4f Sha256: 5ec58ca3e0a073320b85799204300f6e2bfc0996984bf59711617b2d8ac9c417 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfia999_bn_ddatabreach_234x144.gif HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/gif Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:54 GMT last-modified: Mon, 28 Nov 2022 15:00:29 GMT accept-ranges: bytes content-length: 8143 date: Mon, 28 Nov 2022 17:57:54 GMT server: LiteSpeed --- Additional Info --- Magic: GIF image data, version 89a, 234 x 144\012- data Size: 8143 Md5: cbcc050c759d0447061411c30f541bd9 Sha1: 8729cb9760505d0dba9276ddbb055f9ca6ad0c15 Sha256: 93ae03c539a699c75573b1b7bc106a817739e1db0b9648abc5d9afdf97e408fb urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/father-daughter_house-exterior_shoulders-airplane_227x288.jpg HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/jpeg Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:54 GMT last-modified: Mon, 28 Nov 2022 15:00:21 GMT accept-ranges: bytes content-length: 12993 date: Mon, 28 Nov 2022 17:57:54 GMT server: LiteSpeed --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 227x288, components 3\012- data Size: 12993 Md5: 4dbf3c384a10ece19cbad6102aade5f4 Sha1: d1bcdd119b025a82b902916361616573ddfdd12f Sha256: 957b98dc08bfec5841f634c6c362531bf01706a9f714afb1527a63b4d6ace525 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/mtg_fthbcourse1dmiwefthe2_234x144.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:54 GMT last-modified: Mon, 28 Nov 2022 15:00:26 GMT accept-ranges: bytes content-length: 4397 date: Mon, 28 Nov 2022 17:57:54 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 234 x 144, 8-bit colormap, non-interlaced\012- data Size: 4397 Md5: e9c37660f84bbd309e152dc99245eae6 Sha1: 43508e2533e3bb4b96a1e086f7649247e4ff15c5 Sha256: 1352a8925707b31c9de50423c7564ecab9fa587bfbea846c1d2f6870ec132733 urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/father-playing-soccer-with-kids-227x288.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:54 GMT last-modified: Mon, 28 Nov 2022 15:00:22 GMT accept-ranges: bytes content-length: 45106 date: Mon, 28 Nov 2022 17:57:54 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 227 x 288, 8-bit colormap, non-interlaced\012- data Size: 45106 Md5: 2495ff161c51ef1387698f92b3e98742 Sha1: 2a4d8c111d0b73902dce9e1b4d8229a2843dbf09 Sha256: 650ede89afe55ae9979fe130589eaf8513c44f6596c47b4088881f779efa507b urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/mtg_buyingprequaldmiweghcpp_234x144.png HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 200 OK content-type: image/png Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: public, max-age=604800 expires: Mon, 05 Dec 2022 17:57:54 GMT last-modified: Mon, 28 Nov 2022 15:00:25 GMT accept-ranges: bytes content-length: 3947 date: Mon, 28 Nov 2022 17:57:54 GMT server: LiteSpeed --- Additional Info --- Magic: PNG image data, 234 x 144, 8-bit colormap, non-interlaced\012- data Size: 3947 Md5: 55d26fc341552f2fe704606121e13bcd Sha1: f049731a072f357cc8856a6fb844e43a2e5ddada Sha256: 332f5a2d230c84db725e699ec245cba9765ac6ff022224ea7ed7353c3c20005c urlquery: - Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/favicon2.ico HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 404 Not Found content-type: text/html Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: private, no-cache, no-store, must-revalidate, max-age=0 pragma: no-cache content-length: 1238 date: Mon, 28 Nov 2022 17:57:54 GMT server: LiteSpeed --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators Size: 1238 Md5: 0bde7d4b3da67537eaf9188e6f8049cf Sha1: 64300fc482d01d38b40ab20e15960b6509665e5a Sha256: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807 Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2204 Expires: Mon, 28 Nov 2022 18:34:39 GMT Date: Mon, 28 Nov 2022 17:57:55 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8bb181e3f5ca898c6e31a8efc2e28291 Sha1: eda3a91f8e2cbc5467da08ad85e6f6a30702b66c Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2204 Expires: Mon, 28 Nov 2022 18:34:39 GMT Date: Mon, 28 Nov 2022 17:57:55 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8bb181e3f5ca898c6e31a8efc2e28291 Sha1: eda3a91f8e2cbc5467da08ad85e6f6a30702b66c Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2204 Expires: Mon, 28 Nov 2022 18:34:39 GMT Date: Mon, 28 Nov 2022 17:57:55 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8bb181e3f5ca898c6e31a8efc2e28291 Sha1: eda3a91f8e2cbc5467da08ad85e6f6a30702b66c Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7556 x-amzn-requestid: 1cda5313-2256-4830-bf84-2e6e15949d3e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cR78KFTmoAMF4yg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6383d9e7-452e36d718a298d12a2374a9;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:03 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: OWVkuAw6-nRNU_CVOgvsSSenSXnfSYSmJiKa60JvSaiJgPuXjJByZw== via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google date: Sun, 27 Nov 2022 21:46:41 GMT age: 72674 etag: "1a542a53ba0b1cd0fb23257ebed8166555f16dfb" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7556 Md5: 7e5051d8c06f69e1842a9295ce256a36 Sha1: 1a542a53ba0b1cd0fb23257ebed8166555f16dfb Sha256: a7c0dbbb4d0d9138f5ca318cc2aa44e12dadf7ed6263ec204ba756da64b29c41
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9430 x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cR7wyGCIIAMFhgw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: ibLuLI6j9EWh0dgk51O7kiPBRyURZ0UdNtlgbBD-SXnDg_GT_tJm8Q== via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google date: Sun, 27 Nov 2022 22:01:16 GMT age: 71799 etag: "075531f525e625b117b2497f31139c9824d0e9c5" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9430 Md5: 1f434933b5bd6377d299ada22d1ae7ef Sha1: 075531f525e625b117b2497f31139c9824d0e9c5 Sha256: b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6376 x-amzn-requestid: 25b82353-9c15-44c0-ada5-55f4697de935 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cR6_KGeaoAMFb_Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6383d860-71711cca7c063030292c5e47;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: odmAWkNyUMevvXStu7zRJyckokhyBjUwu7-JSvj8by-JWJ9eAm9P5Q== via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google date: Sun, 27 Nov 2022 22:01:26 GMT age: 71789 etag: "53b12a8702f7c5b7cc697e2a24da824d9434be65" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6376 Md5: 78b1389f425425d0450c94d900404dc4 Sha1: 53b12a8702f7c5b7cc697e2a24da824d9434be65 Sha256: 0c1659ab3afc6e45f9e3acb12f8865bb99e4668f7df4501b1cc740e53f5b62ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa57bc6cf-beaa-443b-9756-cf26e4fe3767.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6954 x-amzn-requestid: 94a02687-72f2-4796-a7ea-d3f28b412566 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: b1jHpGBVIAMFsSg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63787efd-22666b18283ae59b1348bf47;Sampled=0 x-amzn-remapped-date: Sat, 19 Nov 2022 07:00:13 GMT x-amz-cf-pop: SEA19-C3 x-cache: Hit from cloudfront x-amz-cf-id: feZayJeKq9jWHQ-rjutNr6buIjLVeIdY0A_ZeGo6NKgoQ6BBT3XQaw== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 0906d4887f6625f4a4467d8d4fd268d2.cloudfront.net (CloudFront), 1.1 google date: Mon, 28 Nov 2022 08:55:37 GMT age: 32538 etag: "4b4a8c8e8aeccfff25d2748720dcef8fed287126" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6954 Md5: 2212cf75f99dc67fd45db47f7101d754 Sha1: 4b4a8c8e8aeccfff25d2748720dcef8fed287126 Sha256: 7b2d2e302faba8f273b51031fa48b444cb7839733b90e8c9d077ca63637320d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8885 x-amzn-requestid: 71b8367f-f79f-42a7-bcb8-c441a154babf x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cGDTEFSeIAMF3rg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637f18e0-631b775d3430a8c30c3b4420;Sampled=0 x-amzn-remapped-date: Thu, 24 Nov 2022 07:10:24 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: jsmd6yxjJxLMEgv1jDa87iEoZXL2OuALsmUZ9Nxx1rUN-xOTdtN1-A== via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google date: Mon, 28 Nov 2022 08:11:39 GMT age: 35176 etag: "70c2a238f06ca7e56ef80c83738e081bf0de3330" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8885 Md5: 3a1a4e00f1f15827cf651f373863c379 Sha1: 70c2a238f06ca7e56ef80c83738e081bf0de3330 Sha256: 3d936e1f0c96297f121faece12d6f8173e12eed5087165cd4eefc0fab368419f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10199 x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cOo4iF1VIAMF09g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0 x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ== via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google date: Sun, 27 Nov 2022 21:51:43 GMT age: 72372 etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10199 Md5: 2cd887044e91d7ed0f1a8d7119ff7dd0 Sha1: ae8aa4ce6ddaccba771fe65446926b60fc5628da Sha256: bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/img/s.gif?log=1&pid=222-6531-64&pageUrl=http%3A%2F%2Fwww.americantaxcredit.co%2F~medscrip%2Fbjauosflfa.dz5e6ql1b6ip%2Fzx7zkuaxg97a6j1p.u1grkt8mkapj0tjks%2Fc6vrvuto4anvf4qx.i09u14uic8093krdzmg%2Frg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq%2F&cb=1669658280864&event=LinkActivated&eventType=autoload&eventDescription=DisplayMarqueeCarouselItem&clist=242-6525-16~224-6277-32 HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate X-Requested-With: XMLHttpRequest Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 404 Not Found content-type: text/html Connection: Keep-Alive Keep-Alive: timeout=5, max=100 cache-control: private, no-cache, no-store, must-revalidate, max-age=0 pragma: no-cache content-length: 1238 date: Mon, 28 Nov 2022 17:58:01 GMT server: LiteSpeed --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators Size: 1238 Md5: 0bde7d4b3da67537eaf9188e6f8049cf Sha1: 64300fc482d01d38b40ab20e15960b6509665e5a Sha256: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
POST /tas HTTP/1.1 Host: www.americantaxcredit.co User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded X-Requested-With: XMLHttpRequest Content-Length: 326 Origin: http://www.americantaxcredit.co Connection: keep-alive Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/	107.161.23.11 HTTP/1.1 404 Not Found content-type: text/html; charset=UTF-8 Connection: Keep-Alive Keep-Alive: timeout=5, max=100 expires: Wed, 11 Jan 1984 05:00:00 GMT cache-control: no-cache, must-revalidate, max-age=0 link: <https://americantaxcredit.co/wp-json/>; rel="https://api.w.org/" transfer-encoding: chunked content-encoding: gzip vary: Accept-Encoding date: Mon, 28 Nov 2022 17:58:01 GMT server: LiteSpeed --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (40089), with CRLF, LF line terminators Size: 15749 Md5: 9a96df99652822423baab3ed489f93e4 Sha1: 372027411b14c4de147c210aaf5e1aae3cbdccfa Sha256: cfa7bfaf6d313c997082891237bae23ab047d9acb6c7af93fb5ead7f3f9e11da

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 301 Moved Permanently 

                                            
                                                
content-type: text/html

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
content-length: 707 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:52 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
location: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/ 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators

                                                Size:   707

                                                Md5:    1304294c0823ca486542ba408ed761e3

                                                Sha1:   b2a70fb2d810ca13985882e6981f33998823e83e

                                                Sha256: 3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo 

                                                
                                            

                                            
                                                Blocklists:

                                                
                                                      - fortinet: Phishing

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/ HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: text/html; charset=UTF-8

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
content-length: 12553 

                                            
                                                
content-encoding: gzip 

                                            
                                                
vary: Accept-Encoding 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:52 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (745)

                                                Size:   12553

                                                Md5:    551bfbeb03aff04c4348bb0eb5db6509

                                                Sha1:   ac7bb78f6b228e8bbfe4035d8da23f591f84ae69

                                                Sha256: 3bf0dafbd2ab54a0be3e0ced290a0eddc946d12dbdfea54ce5b15d0270fa3d94

                                        

                                        
                                            

                                            

                                            
                                                Blocklists:

                                                
                                                      - fortinet: Phishing

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/js/jquery.js HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: application/javascript

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:32 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-encoding: gzip 

                                            
                                                
vary: Accept-Encoding 

                                            
                                                
content-length: 48954 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  ASCII text

                                                Size:   48954

                                                Md5:    14d63370852be37636ba7d23b97f816f

                                                Sha1:   c7f48b93520f79b70abfd75c8468ed57181034ee

                                                Sha256: 81d27b25147b3b8ae9e0a3b066ff5eb1d493f4f4f5cce7dec344c10f6da805d9

                                        

                                        
                                            

                                            

                                            
                                                Blocklists:

                                                
                                                      - fortinet: Phishing

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wf-logo.gif HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/gif

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:29 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 3718 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  GIF image data, version 89a, 62 x 62\012- data

                                                Size:   3718

                                                Md5:    d69ff1deb41d9c7593fcfdc0a6b395e2

                                                Sha1:   4ea1efb99d83f3e9fc66d5f8141c4a9aab8a730f

                                                Sha256: edc5ee3b590dae17b0eb19063c34680c15ee144d13583d006e6a7976b69cd2db

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/js/home.js HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: application/javascript

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:31 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-encoding: gzip 

                                            
                                                
vary: Accept-Encoding 

                                            
                                                
content-length: 32057 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  ASCII text, with very long lines (325)

                                                Size:   32057

                                                Md5:    453bf39287925688149f2c9c07fd5c35

                                                Sha1:   524d3667509486d4ce95440fbaa944591c45a0e3

                                                Sha256: 45709f53d6b4b063b299772316698c7b938215f7973bc01b4c431a1df35375a2

                                        

                                        
                                            

                                            

                                            
                                                Blocklists:

                                                
                                                      - fortinet: Phishing

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-lock-sm.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:24 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 1339 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 13 x 14, 8-bit colormap, non-interlaced\012- data

                                                Size:   1339

                                                Md5:    4f627420d188bbad8a77d9e50b01bb0f

                                                Sha1:   42524d238a9e6b5c77bdc2e821d12540d4b8f8f5

                                                Sha256: a3c8f8c02df75338ec87757a65950f9152c56c4e34eb5f494f7e0c14cedfee95

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/hp_signon_bg.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:23 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 2794 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 226 x 169, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   2794

                                                Md5:    ebae38552c16033c7783d5ac3c5eae00

                                                Sha1:   3b5fd156bf8e89ffdc34456635e15913868ad919

                                                Sha256: 15f93d64144d386c80082dd9f918e1f57878e15298954c250a463bb2e29a524b

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/btn-icon-search.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:20 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 1295 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   1295

                                                Md5:    9c4a13d12ae2cc124ac6600269afc485

                                                Sha1:   5756dd6b6165af1bcfca526fccbaf6d980976bfd

                                                Sha256: da38fd7d6d2e1425dc8fecba13e64cd220d4f34d7c7d3ae76f9916d3b489b5d2

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/hp_lock_icon2.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:22 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 301 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 10 x 15, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   301

                                                Md5:    21eb546bd68969ea11086646e669d2b8

                                                Sha1:   d553d8898af232bd0f23d21dc28b0849a67981b7

                                                Sha256: 6f7fce83ca635384c825bc342dbfff2d929a0db91173dbff9e808397a2f2a787

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/bg-c63-ribbon-shadow.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:19 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 238 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 3 x 36, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   238

                                                Md5:    80f06d6fe9d94714808a03acab734938

                                                Sha1:   6d373046e99dc04e8d6405db20ee0f9290e0657e

                                                Sha256: 3d4985981327dd5410104feb4cf4fb91538f0fa406a676e44a78210b5dc9ce8b

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/bg-c63-ribbon.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:19 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 3002 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 164 x 60, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   3002

                                                Md5:    0064dc0e3cfb1d505b699825648bdbe5

                                                Sha1:   cf53dc992d5d136bdddd7ed48fc13b1af5f03feb

                                                Sha256: 461203b0b61c506410e8648871d59620da6f36d914a081577a1a6d01b7328baa

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/bg-footer.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:20 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 1411 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 9x60, components 3\012- data

                                                Size:   1411

                                                Md5:    de2b416f3f351aae7b9750fe5c0bafba

                                                Sha1:   c168aa6e6b3232fb54658e8f03698a136c204f9f

                                                Sha256: 1ed889a15705bc76729d29d715c64f3d7f35de2ea519e1d2704924cf40d9e30d

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/hp_af_bg.gif HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/gif

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:22 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 1213 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  GIF image data, version 89a, 1 x 58\012- data

                                                Size:   1213

                                                Md5:    7b822f00c50f16fb36e926d9da1af789

                                                Sha1:   18857d045970500cfe342e4deb1062b780e1a02c

                                                Sha256: df8002dd64de942cafd7f03bb00d3989f945e0a14a25231ff048654b66076584

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/arrow-right-gray.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:19 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 1036 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 8 x 7, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   1036

                                                Md5:    be505af34d87e1972b34b80aa1514877

                                                Sha1:   a3ddb49f2bb237cdbdb0aa99811bc74029b1ad29

                                                Sha256: df500743bbedcef7623fdf2ef0c05ca411437c6216674271f4cc8b32f910f96d

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfia605_bn_b8172_0480_970x260.jpg HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/jpeg

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:29 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 52224 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 970x260, components 3\012- data

                                                Size:   52224

                                                Md5:    bdf3a9dc321722874c456e16ba7e0d07

                                                Sha1:   1fa56defaff765c7e0308fa8791c569ff4fee681

                                                Sha256: a1ded3e26ba27d15cc2bab60253e986e9f9158f295c63a5e324a73060ba48e6f

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/chevron-right-blue.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:21 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 1020 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 6 x 9, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   1020

                                                Md5:    d84f6eb2426a66f21839e67f4bb18bb9

                                                Sha1:   c339e759dd99d63478a9e8f1d3f63976a001bd26

                                                Sha256: 3554aa96a4221cb3bf2062ba10fdb9a83e81fe8e8d08b3ae5a92edf6a1b7b2f7

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/facebook_icon.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:21 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 313 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 30 x 30, 8-bit/color RGB, non-interlaced\012- data

                                                Size:   313

                                                Md5:    c517b7bb0978d5a3e38435ef5c844970

                                                Sha1:   1c2134498faf941551df9dbb62814abb0f7b489f

                                                Sha256: 8ce209b2d7e5800555cc229e8534bff0c682bee3aa36f285837addd50b182621

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/google_icon.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:22 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 713 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 30 x 30, 8-bit/color RGB, non-interlaced\012- data

                                                Size:   713

                                                Md5:    e31cbd98ef74c574fccf7a8da6778cd8

                                                Sha1:   cc8757a4da495c8dde2319fe2052757e615b3012

                                                Sha256: 694b6ead1b83a91de30230afb33e9c7b087ae17e3a418af266b1406077eab467

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/linkedin_icon.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:24 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 436 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 30 x 30, 8-bit/color RGB, non-interlaced\012- data

                                                Size:   436

                                                Md5:    f4250cff7ffd809440cc177021e58418

                                                Sha1:   adcbae9c924ebb7b3182fcfe2e53ea9cfe43625c

                                                Sha256: 336452f69ef3a98ac298f2686841c90dae7db1fca698a230c7bb627b7751208e

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/pinterest_icon.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:26 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 743 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 30 x 30, 8-bit/color RGB, non-interlaced\012- data

                                                Size:   743

                                                Md5:    9a636673b3028308e0ec6bf64d8da3fe

                                                Sha1:   a8ecbdd3374284333027c777fb452cde0369212c

                                                Sha256: 333d8baf4b77237c8c9f053f68239c072333883ebcde8eeb76ba09adfd3a4cd9

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/youtube_icon.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:30 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 445 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 30 x 30, 8-bit/color RGB, non-interlaced\012- data

                                                Size:   445

                                                Md5:    b4fd0176c79028fc55621c326d456d0f

                                                Sha1:   74088854f232db26851904e78b445f640d755172

                                                Sha256: 6b2cd54a3f4fe48b36a87a4c0e4fa057436575aa76c0576c9294c616e49c51ce

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/twitter_icon.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:28 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 570 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 30 x 30, 8-bit/color RGB, non-interlaced\012- data

                                                Size:   570

                                                Md5:    c2cc026f8a40e4aa481e485a856c6ba1

                                                Sha1:   03ef453c644c650bd97ac3463f5f60158acaf9a2

                                                Sha256: c877e0eee1228b4710eff05be680dac647d81ce7a99379918c4f9bda1e4ec892

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfblog_icon.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:28 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 594 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 30 x 30, 8-bit/color RGB, non-interlaced\012- data

                                                Size:   594

                                                Md5:    4a02e7da4ac21e067dd8542f456ef9f8

                                                Sha1:   2dc14ae8aa840fe1f8f3b90ec04b80c7ea5a074a

                                                Sha256: 25c19d7dac2fbb3f86f92b21a6113cc378fe3edee8218d0f44707edb54a79a18

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/search_bar_gray_button_45x30.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:27 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 1136 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 45 x 30, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   1136

                                                Md5:    9f433801d8e2a5c769a44ed1a921f067

                                                Sha1:   8225c607085129f640a188e03c7469e0b5e2440a

                                                Sha256: e20b059c7051277dbb18d5ece18584c70670bc8afd3639cecf2587b391bd6bb5

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/carousel_dot_active.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:20 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 362 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 12 x 11, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   362

                                                Md5:    76efb056b5fb48805f21888a41023803

                                                Sha1:   c0b85220d77b3bd7b6e89ea139b242b6aba729fd

                                                Sha256: 4d76553824f903c7edb364b622d8713ab2339834a973d77c7b51b9bdd6bd0037

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-compass.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:23 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 3999 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 55 x 40, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   3999

                                                Md5:    98b2be6845f546309023dbef6c359710

                                                Sha1:   d929f7682a939c78a2eabf9961929ca9f3276201

                                                Sha256: 8ccf08a81271d23c713b8b55043da958d73f320217a251f4add4d633a942d6f7

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/carousel_dot.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:20 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 254 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 12 x 11, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   254

                                                Md5:    b170ba6b4076625053ec18c669127981

                                                Sha1:   0b2652123f854b7b39cb423dfa61fa9791630b52

                                                Sha256: 786019624e9fc20ec043ec6d9ab95b3bdbe84c01e57e5365137560d4fef25a44

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/bg-c63-chevron.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:19 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 11345 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 193 x 102, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   11345

                                                Md5:    fbbfcdb97930520d667fe6436950b012

                                                Sha1:   2c8cf141075458535125d9f48b2f3fd76f26eafd

                                                Sha256: 88810d243d0ecf167d4e6ca367ce5eeee835b8ebae595fe4b9eb7c080b564ae7

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-survey1.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:24 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 1843 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 65 x 40, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   1843

                                                Md5:    4d8b724bc3b43e3172835f8c902832b8

                                                Sha1:   51655f5da4101d56e11eaeca9c5c52a5b3280fda

                                                Sha256: 7b77d7268f3ce696dda85b2ed68bad9973245bdcae3febb8cb3eea91dae7ca5c

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-graph.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:23 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 410 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 45 x 40, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   410

                                                Md5:    e7150ba69c24066736736611680a7457

                                                Sha1:   19df90a537b21b2669d5067299921f4fbcceb5a5

                                                Sha256: a17e190393ba8fc6e241aadb6c0ada6cfe8f27a4575137f8f902d95b1b8ae764

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-key-old-fashioned.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:23 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 801 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 44 x 40, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   801

                                                Md5:    fec96c74b755eedcc7a6a3283a746f4d

                                                Sha1:   7977da3cb41bf7c3cfb6b1129faf4a4f863c9b48

                                                Sha256: bd5ed6749993b69c53283b23e8bd67ad97fd32b95f62fa731aa87e588069985c

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-mortarboard.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:23 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 1206 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 64 x 40, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   1206

                                                Md5:    eb402a474a130ae7e9da78825319c138

                                                Sha1:   d434b38c411ecef29ab81df0b4461d3b6645c46d

                                                Sha256: a63872f091b6475feb1104466739105a8b949cb98efdb94c16091d1a46177554

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-lock.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:23 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 947 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 38 x 40, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   947

                                                Md5:    7b71a3a1ec5abd91f495a5f285a368e0

                                                Sha1:   bbd30a1cd36647b9dc2f05c0aa30478428f46ef2

                                                Sha256: a0151e148864598aa0a83538a18fb6807f8ef6611fb79e5fa6017301ba8c0f14

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfia792_ph_vcbp0032686_227x288.jpg HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/jpeg

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:29 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 28362 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=\302\251 Corbis.  All Rights Reserved.], baseline, precision 8, 227x288, components 3\012- data

                                                Size:   28362

                                                Md5:    8bd80a2cc048dbfe00af7c524652b8ab

                                                Sha1:   9f156ef428c9c86aa945804ded8c1efe0b15eba3

                                                Sha256: 63247feabb1403069d67d3752329d693dd55ea89f868fe26c41dfa5eb685ab99

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-house.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:23 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 809 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 63 x 40, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   809

                                                Md5:    51a4de861c404232bc894ac45f2795e6

                                                Sha1:   cd3384677e95a48480d1c80b73a9458c3bd3fea3

                                                Sha256: 150cd3e453eaf9d45bab87fcb6a3d420b2f3893083cf6ddae3e63c9378e7c901

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/sav_openw2saccount_234x144.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:53 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:27 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 3966 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:53 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 234 x 144, 8-bit colormap, non-interlaced\012- data

                                                Size:   3966

                                                Md5:    9c8396c6fb54c9e82d00dd43aff3a38a

                                                Sha1:   200dd96e99239338b113a0f9700855d0d726b866

                                                Sha256: 6a32b9de78a5d369ca33aaafdd3f517e1af0573c5f297d0421567c10b6af9bae

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/mba_iabrown_234x144.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:54 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:25 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 3692 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:54 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 234 x 144, 8-bit colormap, non-interlaced\012- data

                                                Size:   3692

                                                Md5:    a444a797a76f8345711c90bb93ba7cac

                                                Sha1:   113f4593453dbee15de550e3869829bae527f398

                                                Sha256: efb6eee3edd815df498ce06c8cfa99a54a82d70195372d4933ea31b1a1b18d71

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/mtg_2ndprequalfindout06dm_227x238.jpg HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/jpeg

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:54 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:25 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 28685 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:54 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 227x238, components 3\012- data

                                                Size:   28685

                                                Md5:    942108c0438cf456b39773abaa8f9010

                                                Sha1:   b8d93e1dfce358040b6040709c8d7325507ba055

                                                Sha256: 1f0af862d9699a4339a94792976cab45ee2e649323ade02ea5866936e5920151

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/mba_txtchkbal_227x238.jpg HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/jpeg

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:54 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:25 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 21845 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:54 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 227x238, components 3\012- data

                                                Size:   21845

                                                Md5:    0210cce875ab1bef3ec6d2d6a18dd80e

                                                Sha1:   0a63f681efaa2c3085270893fb1c68cb811e8f57

                                                Sha256: 2468f48257f01b79c5bc9b7bbdf31d07e39439187b46c475f7854971a1acbc23

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/stagecoach.jpg HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/jpeg

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:54 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:27 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 4890 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:54 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 219x87, components 3\012- data

                                                Size:   4890

                                                Md5:    a7904a8bd73927bae00c902fb999b4ee

                                                Sha1:   1fcde8e5697bdd02105d291a08d553fe8c0ab137

                                                Sha256: 1f55cd70e90f5dcc98ed0b5555f10259828e3084d36d0567b15b35e5bd523823

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-equal-housing.gif HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/gif

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:54 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:24 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 776 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:54 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 14x10, components 3\012- data

                                                Size:   776

                                                Md5:    c1f4a5e719c90b47be1fa329d75b9d75

                                                Sha1:   9438c4d9ffb750b70fd1f71640cd49234b645f36

                                                Sha256: 397bf475ca4b12d3595efbfebb09b9dff2529df4c3a55e5a3bbe7fab0a5cefe7

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/woman_on-tablet_227x288.jpg HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/jpeg

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:54 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:30 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 13512 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:54 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 227x288, components 3\012- data

                                                Size:   13512

                                                Md5:    6341680b80d4204ea9ebd8ff70a773f0

                                                Sha1:   7c1e721f6b6770eee4bd4c9507c7fd4ce4aab4dd

                                                Sha256: a471933037c90b4277436a6b2d5d1bc479586bba273713ba01de6e096befd16a

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfia432_ph_g132269213_227x240.gif HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/gif

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:54 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:28 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 26553 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:54 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  GIF image data, version 89a, 227 x 240\012- data

                                                Size:   26553

                                                Md5:    15b63e74526b4bde34562aed0b9826d4

                                                Sha1:   e3e11223a938ddd6f3a185fc4e92663b4c7428de

                                                Sha256: 50829a52b0a4383f442edf6d316d2e30932914ddc892024d639d2f198b00b36f

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/afg_usedcarapply_234x144.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:54 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:18 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 3769 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:54 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 234 x 144, 8-bit colormap, non-interlaced\012- data

                                                Size:   3769

                                                Md5:    4d2979757f06f51ca43178d7e0479797

                                                Sha1:   20ff96176514d8a4ccae374f1aafbe4c97ce82f9

                                                Sha256: 8404eca0fa62587b3eabbe41a3f2bf6a7a1517137cb20ed4d261c87e2a4ccafe

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfi999_bn_d-nopaymentsnodiscv2_234x144.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:54 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:28 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 5787 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:54 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 234 x 144, 8-bit colormap, non-interlaced\012- data

                                                Size:   5787

                                                Md5:    b103a16e8883695d2122ad8d5cae4050

                                                Sha1:   bd599598eb2569c2b5dbd1fbefb33de33a6365df

                                                Sha256: 81279882b10ea977c6c29cefbd0da60c87c41506309324b54132f33fc095f21d

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/assets/images/global/chevron-large-left-grey.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:54 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:14 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 249 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:54 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 10 x 15, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   249

                                                Md5:    19cbd1a0375fe73721c9457a62daeab5

                                                Sha1:   219e75260a18cb504000a1150a4d786a9404f5a8

                                                Sha256: b7b4da4a2d23cfed6cf949e002d1b0ae50131842ae8fe953be76bf75cd9ab792

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/assets/images/global/chevron-large-right-grey.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:54 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:15 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 259 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:54 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 10 x 15, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   259

                                                Md5:    081fae7218ce29edcb76158a0d0211f5

                                                Sha1:   26eafbb627087e18e8f01a838f6d493b76cfa4e0

                                                Sha256: 429a57520c174b1d7527c72849aa58157e4dd589e83ab55f93c91a63c528823d

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfia581_ph_g78750409_970x260.jpg HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/jpeg

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:54 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:28 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 58008 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:54 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 970x260, components 3\012- data

                                                Size:   58008

                                                Md5:    1999238dcb57f22e1573dd325e26e995

                                                Sha1:   27d4054dd68e2580222e0bd2aa390274bb05389e

                                                Sha256: aea665d1dd1369add88b00765e48a4fea8e057c927ffed1c036a683714b88927

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/woman-farmers-market-227x288.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:54 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:30 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 40560 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:54 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 227 x 288, 8-bit colormap, non-interlaced\012- data

                                                Size:   40560

                                                Md5:    dcd148e28a4de0eca07b7a54752c24a4

                                                Sha1:   0b4aa6cb589f0f693657fcd153dfbb2737617d96

                                                Sha256: eebc9df9f8cf9bfab532c41cc0d1206cfe368001fb7b64ea3d1f37dd67bcd0d4

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfia999_tx_abcb2135_234x144.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:54 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:29 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 5587 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:54 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 234 x 144, 8-bit colormap, non-interlaced\012- data

                                                Size:   5587

                                                Md5:    c8ef81fe3462fb21d5f7e7f23bf6930a

                                                Sha1:   022ae407f424be15c4cbc3ca4bb371cb6c707251

                                                Sha256: 344f68ddf6f08d721982a3492f60979d26a9eda7d7b6aa48481cf27872ad9c40

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/sav_savingssimpler_234x144.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:54 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:27 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 3851 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:54 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 234 x 144, 8-bit colormap, non-interlaced\012- data

                                                Size:   3851

                                                Md5:    6cf3644db4a4c4a4b2b5e44e266eb8ed

                                                Sha1:   0c33c1194ec47ee517539ba91c9cee182e51a710

                                                Sha256: 7794f82cb97333d92415b5117d5e496098302e023974bbcbd6b4aef2d5172532

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfib999_tx_d-autosavings_234x144.gif HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/gif

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:54 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:29 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 8921 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:54 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  GIF image data, version 89a, 234 x 144\012- data

                                                Size:   8921

                                                Md5:    033496b6ca7baf54574cbb553d546097

                                                Sha1:   eec7ebfdd50efbfaeaab95a8ee0bb4f2c5608570

                                                Sha256: d06ee87c4b0bed9940a18d514d464c30308c669314db4838abe0b9487d52f155

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/mtg_buyingprequaldmiweghcpp_970x260.jpg HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/jpeg

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:54 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:26 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 60336 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:54 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 970x260, components 3\012- data

                                                Size:   60336

                                                Md5:    dabdf4172d8be974436f5a03f5ef5aa5

                                                Sha1:   1fa358339b49b306df1179429a908e6d28eeba9b

                                                Sha256: 560cc17a135f7d1bcf7447ae35759589206b9a8b2061911c77a36d4e9b7fffe0

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/ins_prudentialswitch1325_234x144.jpg HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/jpeg

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:54 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:24 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 8736 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:54 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 234x144, components 3\012- data

                                                Size:   8736

                                                Md5:    ce48cf2abe027e6e1bdb8fb06bcfe025

                                                Sha1:   96216a4c78d63a20452648bbc6ba29431ce2fe4c

                                                Sha256: af8dc28e0f4535397b636865b8b0bc331e796835e557f7d8ca2bbadda0a1cddc

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/college_students_smartphone_227x288.jpg HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/jpeg

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:54 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:21 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 35725 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:54 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 227x288, components 3\012- data

                                                Size:   35725

                                                Md5:    a6775600889532d6786bbe25f845177e

                                                Sha1:   aa6e18dae191be7753cc7fc54d8d19915df8600d

                                                Sha256: fc2a35d6d84b04811e4a6d17e67486ac2aea49b9101362e60395031fa460c546

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wifa999_tx_dabcbefs1561-2_234x144.gif HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/gif

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:54 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:30 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 8149 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:54 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  GIF image data, version 89a, 234 x 144\012- data

                                                Size:   8149

                                                Md5:    defe0f1bb9eb29a814fb2a5746509919

                                                Sha1:   496329613fcd04ffeb08bfdf848dadfbb1796bff

                                                Sha256: 87f1a19ba1e513760b638ce2143ec9109b1bd439bd86f786ff11775ee9b6458d

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/chk_studentcheckingcd3138_234x144.jpg HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/jpeg

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:54 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:21 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 7661 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:54 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 234x144, components 3\012- data

                                                Size:   7661

                                                Md5:    80804c44d928a26d28b7168a20dcebc0

                                                Sha1:   364b010c6b1ecb1527c4369ca01f884a8446f6d3

                                                Sha256: 8e316f70fee31b2003edb2e3efa1ce3ae79b7ff9d2b7e926d5121c6aeec0b941

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/fraud-center-woman-on-phone_227x288.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:54 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:22 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 36793 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:54 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 227 x 288, 8-bit colormap, non-interlaced\012- data

                                                Size:   36793

                                                Md5:    4e03f2782b3f0ceef3449410caa5962c

                                                Sha1:   ad8f431f64754a3c4eac88753b00600e33d4cb8a

                                                Sha256: b576ee4f5da90d65c3e8a37cbbb38cb897567cd6d31a2093ef325d324ac0f610

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/oth_cyberthreats_234x144.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:54 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:26 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 2714 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:54 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 234 x 144, 8-bit colormap, non-interlaced\012- data

                                                Size:   2714

                                                Md5:    6e7690f71e79d41c51a19f9448762db0

                                                Sha1:   27b79779ccbca311e7e6950e022bc29fc2a4dd4f

                                                Sha256: 5ec58ca3e0a073320b85799204300f6e2bfc0996984bf59711617b2d8ac9c417

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfia999_bn_ddatabreach_234x144.gif HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/gif

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:54 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:29 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 8143 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:54 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  GIF image data, version 89a, 234 x 144\012- data

                                                Size:   8143

                                                Md5:    cbcc050c759d0447061411c30f541bd9

                                                Sha1:   8729cb9760505d0dba9276ddbb055f9ca6ad0c15

                                                Sha256: 93ae03c539a699c75573b1b7bc106a817739e1db0b9648abc5d9afdf97e408fb

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/father-daughter_house-exterior_shoulders-airplane_227x288.jpg HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/jpeg

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:54 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:21 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 12993 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:54 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 227x288, components 3\012- data

                                                Size:   12993

                                                Md5:    4dbf3c384a10ece19cbad6102aade5f4

                                                Sha1:   d1bcdd119b025a82b902916361616573ddfdd12f

                                                Sha256: 957b98dc08bfec5841f634c6c362531bf01706a9f714afb1527a63b4d6ace525

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/mtg_fthbcourse1dmiwefthe2_234x144.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:54 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:26 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 4397 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:54 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 234 x 144, 8-bit colormap, non-interlaced\012- data

                                                Size:   4397

                                                Md5:    e9c37660f84bbd309e152dc99245eae6

                                                Sha1:   43508e2533e3bb4b96a1e086f7649247e4ff15c5

                                                Sha256: 1352a8925707b31c9de50423c7564ecab9fa587bfbea846c1d2f6870ec132733

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/father-playing-soccer-with-kids-227x288.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:54 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:22 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 45106 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:54 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 227 x 288, 8-bit colormap, non-interlaced\012- data

                                                Size:   45106

                                                Md5:    2495ff161c51ef1387698f92b3e98742

                                                Sha1:   2a4d8c111d0b73902dce9e1b4d8229a2843dbf09

                                                Sha256: 650ede89afe55ae9979fe130589eaf8513c44f6596c47b4088881f779efa507b

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/mtg_buyingprequaldmiweghcpp_234x144.png HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 200 OK 

                                            
                                                
content-type: image/png

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: public, max-age=604800 

                                            
                                                
expires: Mon, 05 Dec 2022 17:57:54 GMT 

                                            
                                                
last-modified: Mon, 28 Nov 2022 15:00:25 GMT 

                                            
                                                
accept-ranges: bytes 

                                            
                                                
content-length: 3947 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:54 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  PNG image data, 234 x 144, 8-bit colormap, non-interlaced\012- data

                                                Size:   3947

                                                Md5:    55d26fc341552f2fe704606121e13bcd

                                                Sha1:   f049731a072f357cc8856a6fb844e43a2e5ddada

                                                Sha256: 332f5a2d230c84db725e699ec245cba9765ac6ff022224ea7ed7353c3c20005c

                                        

                                        
                                            

                                            
                                                urlquery:

                                                
                                                      - Phishing - Wells Fargo

                                        
                                            GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/favicon2.ico HTTP/1.1 

                                        
                                            
Host: www.americantaxcredit.co

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/

                                        
                                             107.161.23.11

                                            
                                                HTTP/1.1 404 Not Found 

                                            
                                                
content-type: text/html

                                            

                                            
                                                
Connection: Keep-Alive 

                                            
                                                
Keep-Alive: timeout=5, max=100 

                                            
                                                
cache-control: private, no-cache, no-store, must-revalidate, max-age=0 

                                            
                                                
pragma: no-cache 

                                            
                                                
content-length: 1238 

                                            
                                                
date: Mon, 28 Nov 2022 17:57:54 GMT 

                                            
                                                
server: LiteSpeed 

                                            
                                                
 

                                            
                                            
                                                

                                                --- Additional Info ---

                                                Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators

                                                Size:   1238

                                                Md5:    0bde7d4b3da67537eaf9188e6f8049cf

                                                Sha1:   64300fc482d01d38b40ab20e15960b6509665e5a

                                                Sha256: 5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

                                        

                                        
                                            

                                            

                                            
                                                Blocklists:

                                                
                                                      - fortinet: Phishing

URL	www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq
IP	107.161.23.11 (United States)
ASN	#3842 RAMNODE
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Access
Report completed	2022-11-28 17:58:06 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	5
urlquery alerts	62 Phishing - Wells Fargo
Tags	None

Overview

Domain Summary (9)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 107.161.23.11

Last 5 reports on ASN: RAMNODE

Last 5 reports on domain: americantaxcredit.co

Last 1 reports with similar screenshot

JavaScript

Executed Scripts (7)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (92)

Overview

Domain Summary (9)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 107.161.23.11

Last 5 reports on ASN: RAMNODE

Last 5 reports on domain: americantaxcredit.co

Last 1 reports with similar screenshot

JavaScript

Executed Scripts (7)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (92)

Network Intrusion Detection Systems