r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3974
Expires: Mon, 28 Nov 2022 19:04:06 GMT
Date: Mon, 28 Nov 2022 17:57:52 GMT
Connection: keep-alive
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq
107.161.23.11301 Moved Permanently 707 B URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq
IP 107.161.23.11:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
fortinet Phishing
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Mon, 28 Nov 2022 17:57:52 GMT
server: LiteSpeed
location: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 71f9c681a82440fd55e76c780a20e55d
3147768cfbcdd06e0c6e69684292e68e99917a80
5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786"
Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6174
Expires: Mon, 28 Nov 2022 19:40:46 GMT
Date: Mon, 28 Nov 2022 17:57:52 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4295
Cache-Control: max-age=150304
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 17:57:52 GMT
Etag: "63848df9-1d7"
Expires: Wed, 30 Nov 2022 11:42:56 GMT
Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 4mVS3SN/SpYV8yH2lSqsWoTLaE1PkTEsQ8B6rmsVD0bbwdcZWBZHQUyiIEXVe7Acpoy1C3t0oq8=
x-amz-request-id: Q2Y27GVVTWG28KFH
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 17:45:07 GMT
age: 765
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 17:17:48 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2404
alt-svc: clear
X-Firefox-Spdy: h2
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
107.161.23.11200 OK 13 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
IP 107.161.23.11:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (745)
Hash 551bfbeb03aff04c4348bb0eb5db6509
ac7bb78f6b228e8bbfe4035d8da23f591f84ae69
3bf0dafbd2ab54a0be3e0ced290a0eddc946d12dbdfea54ce5b15d0270fa3d94
Analyzer Verdict Alert fortinet Phishing
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/ HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html; charset=UTF-8
content-length: 12553
content-encoding: gzip
vary: Accept-Encoding
date: Mon, 28 Nov 2022 17:57:52 GMT
server: LiteSpeed
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 17:57:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css
107.161.23.11200 OK 12 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css
IP 107.161.23.11:0
Hash eb0fd640862a811714f839da807b42c8
58ed0dbc073f51b4cc5ea6ff13dc63f5fc285613
49da2a504647faed72b2d37df938858513f3adb7bd1c8d1725483d617f2422c8
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: text/css
last-modified: Mon, 28 Nov 2022 15:00:15 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 12348
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/js/jquery.js
107.161.23.11200 OK 49 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/js/jquery.js
IP 107.161.23.11:0
Hash 14d63370852be37636ba7d23b97f816f
c7f48b93520f79b70abfd75c8468ed57181034ee
81d27b25147b3b8ae9e0a3b066ff5eb1d493f4f4f5cce7dec344c10f6da805d9
Analyzer Verdict Alert fortinet Phishing
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/js/jquery.js HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: application/javascript
last-modified: Mon, 28 Nov 2022 15:00:32 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 48954
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wf-logo.gif
107.161.23.11200 OK 3.7 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wf-logo.gif
IP 107.161.23.11:0
File type GIF image data, version 89a, 62 x 62\012- data
Hash d69ff1deb41d9c7593fcfdc0a6b395e2
4ea1efb99d83f3e9fc66d5f8141c4a9aab8a730f
edc5ee3b590dae17b0eb19063c34680c15ee144d13583d006e6a7976b69cd2db
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wf-logo.gif HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: image/gif
last-modified: Mon, 28 Nov 2022 15:00:29 GMT
accept-ranges: bytes
content-length: 3718
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/js/home.js
107.161.23.11200 OK 32 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/js/home.js
IP 107.161.23.11:0
File type ASCII text, with very long lines (325)
Hash 453bf39287925688149f2c9c07fd5c35
524d3667509486d4ce95440fbaa944591c45a0e3
45709f53d6b4b063b299772316698c7b938215f7973bc01b4c431a1df35375a2
Analyzer Verdict Alert fortinet Phishing
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/js/home.js HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: application/javascript
last-modified: Mon, 28 Nov 2022 15:00:31 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 32057
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-lock-sm.png
107.161.23.11200 OK 1.3 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-lock-sm.png
IP 107.161.23.11:0
File type PNG image data, 13 x 14, 8-bit colormap, non-interlaced\012- data
Hash 4f627420d188bbad8a77d9e50b01bb0f
42524d238a9e6b5c77bdc2e821d12540d4b8f8f5
a3c8f8c02df75338ec87757a65950f9152c56c4e34eb5f494f7e0c14cedfee95
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-lock-sm.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:24 GMT
accept-ranges: bytes
content-length: 1339
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/hp_signon_bg.png
107.161.23.11200 OK 2.8 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/hp_signon_bg.png
IP 107.161.23.11:0
File type PNG image data, 226 x 169, 8-bit/color RGBA, non-interlaced\012- data
Hash ebae38552c16033c7783d5ac3c5eae00
3b5fd156bf8e89ffdc34456635e15913868ad919
15f93d64144d386c80082dd9f918e1f57878e15298954c250a463bb2e29a524b
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/hp_signon_bg.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:23 GMT
accept-ranges: bytes
content-length: 2794
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/btn-icon-search.png
107.161.23.11200 OK 1.3 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/btn-icon-search.png
IP 107.161.23.11:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 9c4a13d12ae2cc124ac6600269afc485
5756dd6b6165af1bcfca526fccbaf6d980976bfd
da38fd7d6d2e1425dc8fecba13e64cd220d4f34d7c7d3ae76f9916d3b489b5d2
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/btn-icon-search.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:20 GMT
accept-ranges: bytes
content-length: 1295
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/hp_lock_icon2.png
107.161.23.11200 OK 301 B URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/hp_lock_icon2.png
IP 107.161.23.11:0
File type PNG image data, 10 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 21eb546bd68969ea11086646e669d2b8
d553d8898af232bd0f23d21dc28b0849a67981b7
6f7fce83ca635384c825bc342dbfff2d929a0db91173dbff9e808397a2f2a787
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/hp_lock_icon2.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:22 GMT
accept-ranges: bytes
content-length: 301
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 17:08:55 GMT
cache-control: public,max-age=3600
age: 2938
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/bg-c63-ribbon-shadow.png
107.161.23.11200 OK 238 B URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/bg-c63-ribbon-shadow.png
IP 107.161.23.11:0
File type PNG image data, 3 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 80f06d6fe9d94714808a03acab734938
6d373046e99dc04e8d6405db20ee0f9290e0657e
3d4985981327dd5410104feb4cf4fb91538f0fa406a676e44a78210b5dc9ce8b
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/bg-c63-ribbon-shadow.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:19 GMT
accept-ranges: bytes
content-length: 238
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/bg-c63-ribbon.png
107.161.23.11200 OK 3.0 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/bg-c63-ribbon.png
IP 107.161.23.11:0
File type PNG image data, 164 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 0064dc0e3cfb1d505b699825648bdbe5
cf53dc992d5d136bdddd7ed48fc13b1af5f03feb
461203b0b61c506410e8648871d59620da6f36d914a081577a1a6d01b7328baa
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/bg-c63-ribbon.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:19 GMT
accept-ranges: bytes
content-length: 3002
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/bg-footer.png
107.161.23.11200 OK 1.4 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/bg-footer.png
IP 107.161.23.11:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 9x60, components 3\012- data
Hash de2b416f3f351aae7b9750fe5c0bafba
c168aa6e6b3232fb54658e8f03698a136c204f9f
1ed889a15705bc76729d29d715c64f3d7f35de2ea519e1d2704924cf40d9e30d
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/bg-footer.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:20 GMT
accept-ranges: bytes
content-length: 1411
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/hp_af_bg.gif
107.161.23.11200 OK 1.2 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/hp_af_bg.gif
IP 107.161.23.11:0
File type GIF image data, version 89a, 1 x 58\012- data
Hash 7b822f00c50f16fb36e926d9da1af789
18857d045970500cfe342e4deb1062b780e1a02c
df8002dd64de942cafd7f03bb00d3989f945e0a14a25231ff048654b66076584
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/hp_af_bg.gif HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: image/gif
last-modified: Mon, 28 Nov 2022 15:00:22 GMT
accept-ranges: bytes
content-length: 1213
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/arrow-right-gray.png
107.161.23.11200 OK 1.0 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/arrow-right-gray.png
IP 107.161.23.11:0
File type PNG image data, 8 x 7, 8-bit/color RGBA, non-interlaced\012- data
Hash be505af34d87e1972b34b80aa1514877
a3ddb49f2bb237cdbdb0aa99811bc74029b1ad29
df500743bbedcef7623fdf2ef0c05ca411437c6216674271f4cc8b32f910f96d
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/arrow-right-gray.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:19 GMT
accept-ranges: bytes
content-length: 1036
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 931f6450c1bae373cd94f76ab4534ccd
ed46d8889d96a636a7faef169149fe8a1047932f
9f7aa1dec84d72db2f39c368336d6181146c73e5e2fb4c6be18eee98c9c58525
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4651
Cache-Control: max-age=140220
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 17:57:53 GMT
Etag: "63846532-1d7"
Expires: Wed, 30 Nov 2022 08:54:53 GMT
Last-Modified: Mon, 28 Nov 2022 07:37:22 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.wellsfargo.com/assets/images/global/chevron-large-left-grey.png
23.36.79.33200 OK 249 B URL HTTP/1.1 www.wellsfargo.com/assets/images/global/chevron-large-left-grey.png
IP 23.36.79.33:0
ASN #20940 Akamai International B.V.
File type PNG image data, 10 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 19cbd1a0375fe73721c9457a62daeab5
219e75260a18cb504000a1150a4d786a9404f5a8
b7b4da4a2d23cfed6cf949e002d1b0ae50131842ae8fe953be76bf75cd9ab792
GET /assets/images/global/chevron-large-left-grey.png HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.americantaxcredit.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 249
Last-Modified: Fri, 24 May 2013 20:07:44 GMT
ETag: "519fc890-f9"
Expires: Sun, 09 Apr 2023 12:04:19 GMT
Cache-Control: max-age=15552000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Date: Mon, 28 Nov 2022 17:57:53 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=nq1te+3monO6oUykp+rrBQ%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfia605_bn_b8172_0480_970x260.jpg
107.161.23.11200 OK 52 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfia605_bn_b8172_0480_970x260.jpg
IP 107.161.23.11:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 970x260, components 3\012- data
Hash bdf3a9dc321722874c456e16ba7e0d07
1fa56defaff765c7e0308fa8791c569ff4fee681
a1ded3e26ba27d15cc2bab60253e986e9f9158f295c63a5e324a73060ba48e6f
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfia605_bn_b8172_0480_970x260.jpg HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: image/jpeg
last-modified: Mon, 28 Nov 2022 15:00:29 GMT
accept-ranges: bytes
content-length: 52224
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 931f6450c1bae373cd94f76ab4534ccd
ed46d8889d96a636a7faef169149fe8a1047932f
9f7aa1dec84d72db2f39c368336d6181146c73e5e2fb4c6be18eee98c9c58525
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3723
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 17:57:53 GMT
Etag: "63846532-1d7"
Last-Modified: Mon, 28 Nov 2022 16:55:50 GMT
Server: ECS (amb/6B80)
X-Cache: HIT
Content-Length: 471
www.wellsfargo.com/assets/images/global/chevron-large-right-grey.png
23.36.79.33200 OK 259 B URL HTTP/1.1 www.wellsfargo.com/assets/images/global/chevron-large-right-grey.png
IP 23.36.79.33:0
ASN #20940 Akamai International B.V.
File type PNG image data, 10 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 081fae7218ce29edcb76158a0d0211f5
26eafbb627087e18e8f01a838f6d493b76cfa4e0
429a57520c174b1d7527c72849aa58157e4dd589e83ab55f93c91a63c528823d
GET /assets/images/global/chevron-large-right-grey.png HTTP/1.1
Host: www.wellsfargo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.americantaxcredit.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/png
Content-Length: 259
Last-Modified: Fri, 24 May 2013 20:07:46 GMT
ETag: "519fc892-103"
Expires: Sun, 09 Apr 2023 08:03:40 GMT
Cache-Control: max-age=15552000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self' *.wellsfargo.com
Date: Mon, 28 Nov 2022 17:57:53 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000 ; includeSubDomains
Set-Cookie: DCID=X4mxlrXlFWYN0rWVmWPUbA%3d%3d; Domain=www.wellsfargo.com; Path=/; Expires=Thu, 01 Jan 1970 00:30:00 GMT;Httponly; Secure
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/chevron-right-blue.png
107.161.23.11200 OK 1.0 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/chevron-right-blue.png
IP 107.161.23.11:0
File type PNG image data, 6 x 9, 8-bit/color RGBA, non-interlaced\012- data
Hash d84f6eb2426a66f21839e67f4bb18bb9
c339e759dd99d63478a9e8f1d3f63976a001bd26
3554aa96a4221cb3bf2062ba10fdb9a83e81fe8e8d08b3ae5a92edf6a1b7b2f7
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/chevron-right-blue.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:21 GMT
accept-ranges: bytes
content-length: 1020
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/facebook_icon.png
107.161.23.11200 OK 313 B URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/facebook_icon.png
IP 107.161.23.11:0
File type PNG image data, 30 x 30, 8-bit/color RGB, non-interlaced\012- data
Hash c517b7bb0978d5a3e38435ef5c844970
1c2134498faf941551df9dbb62814abb0f7b489f
8ce209b2d7e5800555cc229e8534bff0c682bee3aa36f285837addd50b182621
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/facebook_icon.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:21 GMT
accept-ranges: bytes
content-length: 313
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/google_icon.png
107.161.23.11200 OK 713 B URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/google_icon.png
IP 107.161.23.11:0
File type PNG image data, 30 x 30, 8-bit/color RGB, non-interlaced\012- data
Hash e31cbd98ef74c574fccf7a8da6778cd8
cc8757a4da495c8dde2319fe2052757e615b3012
694b6ead1b83a91de30230afb33e9c7b087ae17e3a418af266b1406077eab467
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/google_icon.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:22 GMT
accept-ranges: bytes
content-length: 713
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/linkedin_icon.png
107.161.23.11200 OK 436 B URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/linkedin_icon.png
IP 107.161.23.11:0
File type PNG image data, 30 x 30, 8-bit/color RGB, non-interlaced\012- data
Hash f4250cff7ffd809440cc177021e58418
adcbae9c924ebb7b3182fcfe2e53ea9cfe43625c
336452f69ef3a98ac298f2686841c90dae7db1fca698a230c7bb627b7751208e
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/linkedin_icon.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:24 GMT
accept-ranges: bytes
content-length: 436
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/img/s.gif?log=1&pid=222-6531-64&pageUrl=http%3A%2F%2Fwww.americantaxcredit.co%2F~medscrip%2Fbjauosflfa.dz5e6ql1b6ip%2Fzx7zkuaxg97a6j1p.u1grkt8mkapj0tjks%2Fc6vrvuto4anvf4qx.i09u14uic8093krdzmg%2Frg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq%2F&cb=1669658272864&event=PageLoad&eventDescription=DisplayMarqueeCarouselItem&clist=242-6525-16~224-6277-32
107.161.23.11404 Not Found 1.2 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/img/s.gif?log=1&pid=222-6531-64&pageUrl=http%3A%2F%2Fwww.americantaxcredit.co%2F~medscrip%2Fbjauosflfa.dz5e6ql1b6ip%2Fzx7zkuaxg97a6j1p.u1grkt8mkapj0tjks%2Fc6vrvuto4anvf4qx.i09u14uic8093krdzmg%2Frg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq%2F&cb=1669658272864&event=PageLoad&eventDescription=DisplayMarqueeCarouselItem&clist=242-6525-16~224-6277-32
IP 107.161.23.11:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/img/s.gif?log=1&pid=222-6531-64&pageUrl=http%3A%2F%2Fwww.americantaxcredit.co%2F~medscrip%2Fbjauosflfa.dz5e6ql1b6ip%2Fzx7zkuaxg97a6j1p.u1grkt8mkapj0tjks%2Fc6vrvuto4anvf4qx.i09u14uic8093krdzmg%2Frg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq%2F&cb=1669658272864&event=PageLoad&eventDescription=DisplayMarqueeCarouselItem&clist=242-6525-16~224-6277-32 HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6372
Cache-Control: max-age=147314
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 17:57:53 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:53:07 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/img/s.gif?log=1&pid=222-6531-64&pageUrl=http%3A%2F%2Fwww.americantaxcredit.co%2F~medscrip%2Fbjauosflfa.dz5e6ql1b6ip%2Fzx7zkuaxg97a6j1p.u1grkt8mkapj0tjks%2Fc6vrvuto4anvf4qx.i09u14uic8093krdzmg%2Frg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq%2F&cb=1669658272895&event=PageLoad&eventDescription=DisplayRibbonCarouselItem&clist=182-6514-16~223-6251-32
107.161.23.11404 Not Found 1.2 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/img/s.gif?log=1&pid=222-6531-64&pageUrl=http%3A%2F%2Fwww.americantaxcredit.co%2F~medscrip%2Fbjauosflfa.dz5e6ql1b6ip%2Fzx7zkuaxg97a6j1p.u1grkt8mkapj0tjks%2Fc6vrvuto4anvf4qx.i09u14uic8093krdzmg%2Frg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq%2F&cb=1669658272895&event=PageLoad&eventDescription=DisplayRibbonCarouselItem&clist=182-6514-16~223-6251-32
IP 107.161.23.11:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/img/s.gif?log=1&pid=222-6531-64&pageUrl=http%3A%2F%2Fwww.americantaxcredit.co%2F~medscrip%2Fbjauosflfa.dz5e6ql1b6ip%2Fzx7zkuaxg97a6j1p.u1grkt8mkapj0tjks%2Fc6vrvuto4anvf4qx.i09u14uic8093krdzmg%2Frg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq%2F&cb=1669658272895&event=PageLoad&eventDescription=DisplayRibbonCarouselItem&clist=182-6514-16~223-6251-32 HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/pinterest_icon.png
107.161.23.11200 OK 743 B URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/pinterest_icon.png
IP 107.161.23.11:0
File type PNG image data, 30 x 30, 8-bit/color RGB, non-interlaced\012- data
Hash 9a636673b3028308e0ec6bf64d8da3fe
a8ecbdd3374284333027c777fb452cde0369212c
333d8baf4b77237c8c9f053f68239c072333883ebcde8eeb76ba09adfd3a4cd9
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/pinterest_icon.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:26 GMT
accept-ranges: bytes
content-length: 743
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/youtube_icon.png
107.161.23.11200 OK 445 B URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/youtube_icon.png
IP 107.161.23.11:0
File type PNG image data, 30 x 30, 8-bit/color RGB, non-interlaced\012- data
Hash b4fd0176c79028fc55621c326d456d0f
74088854f232db26851904e78b445f640d755172
6b2cd54a3f4fe48b36a87a4c0e4fa057436575aa76c0576c9294c616e49c51ce
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/youtube_icon.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:30 GMT
accept-ranges: bytes
content-length: 445
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/twitter_icon.png
107.161.23.11200 OK 570 B URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/twitter_icon.png
IP 107.161.23.11:0
File type PNG image data, 30 x 30, 8-bit/color RGB, non-interlaced\012- data
Hash c2cc026f8a40e4aa481e485a856c6ba1
03ef453c644c650bd97ac3463f5f60158acaf9a2
c877e0eee1228b4710eff05be680dac647d81ce7a99379918c4f9bda1e4ec892
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/twitter_icon.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:28 GMT
accept-ranges: bytes
content-length: 570
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfblog_icon.png
107.161.23.11200 OK 594 B URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfblog_icon.png
IP 107.161.23.11:0
File type PNG image data, 30 x 30, 8-bit/color RGB, non-interlaced\012- data
Hash 4a02e7da4ac21e067dd8542f456ef9f8
2dc14ae8aa840fe1f8f3b90ec04b80c7ea5a074a
25c19d7dac2fbb3f86f92b21a6113cc378fe3edee8218d0f44707edb54a79a18
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfblog_icon.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:28 GMT
accept-ranges: bytes
content-length: 594
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/search_bar_gray_button_45x30.png
107.161.23.11200 OK 1.1 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/search_bar_gray_button_45x30.png
IP 107.161.23.11:0
File type PNG image data, 45 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 9f433801d8e2a5c769a44ed1a921f067
8225c607085129f640a188e03c7469e0b5e2440a
e20b059c7051277dbb18d5ece18584c70670bc8afd3639cecf2587b391bd6bb5
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/search_bar_gray_button_45x30.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:27 GMT
accept-ranges: bytes
content-length: 1136
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/carousel_dot_active.png
107.161.23.11200 OK 362 B URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/carousel_dot_active.png
IP 107.161.23.11:0
File type PNG image data, 12 x 11, 8-bit/color RGBA, non-interlaced\012- data
Hash 76efb056b5fb48805f21888a41023803
c0b85220d77b3bd7b6e89ea139b242b6aba729fd
4d76553824f903c7edb364b622d8713ab2339834a973d77c7b51b9bdd6bd0037
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/carousel_dot_active.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:20 GMT
accept-ranges: bytes
content-length: 362
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-compass.png
107.161.23.11200 OK 4.0 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-compass.png
IP 107.161.23.11:0
File type PNG image data, 55 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 98b2be6845f546309023dbef6c359710
d929f7682a939c78a2eabf9961929ca9f3276201
8ccf08a81271d23c713b8b55043da958d73f320217a251f4add4d633a942d6f7
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-compass.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:23 GMT
accept-ranges: bytes
content-length: 3999
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/carousel_dot.png
107.161.23.11200 OK 254 B URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/carousel_dot.png
IP 107.161.23.11:0
File type PNG image data, 12 x 11, 8-bit/color RGBA, non-interlaced\012- data
Hash b170ba6b4076625053ec18c669127981
0b2652123f854b7b39cb423dfa61fa9791630b52
786019624e9fc20ec043ec6d9ab95b3bdbe84c01e57e5365137560d4fef25a44
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/carousel_dot.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:20 GMT
accept-ranges: bytes
content-length: 254
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/bg-c63-chevron.png
107.161.23.11200 OK 11 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/bg-c63-chevron.png
IP 107.161.23.11:0
File type PNG image data, 193 x 102, 8-bit/color RGBA, non-interlaced\012- data
Hash fbbfcdb97930520d667fe6436950b012
2c8cf141075458535125d9f48b2f3fd76f26eafd
88810d243d0ecf167d4e6ca367ce5eeee835b8ebae595fe4b9eb7c080b564ae7
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/bg-c63-chevron.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/css/homepage.css
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:19 GMT
accept-ranges: bytes
content-length: 11345
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-survey1.png
107.161.23.11200 OK 1.8 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-survey1.png
IP 107.161.23.11:0
File type PNG image data, 65 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 4d8b724bc3b43e3172835f8c902832b8
51655f5da4101d56e11eaeca9c5c52a5b3280fda
7b77d7268f3ce696dda85b2ed68bad9973245bdcae3febb8cb3eea91dae7ca5c
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-survey1.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:24 GMT
accept-ranges: bytes
content-length: 1843
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-graph.png
107.161.23.11200 OK 410 B URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-graph.png
IP 107.161.23.11:0
File type PNG image data, 45 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash e7150ba69c24066736736611680a7457
19df90a537b21b2669d5067299921f4fbcceb5a5
a17e190393ba8fc6e241aadb6c0ada6cfe8f27a4575137f8f902d95b1b8ae764
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-graph.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:23 GMT
accept-ranges: bytes
content-length: 410
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-key-old-fashioned.png
107.161.23.11200 OK 801 B URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-key-old-fashioned.png
IP 107.161.23.11:0
File type PNG image data, 44 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash fec96c74b755eedcc7a6a3283a746f4d
7977da3cb41bf7c3cfb6b1129faf4a4f863c9b48
bd5ed6749993b69c53283b23e8bd67ad97fd32b95f62fa731aa87e588069985c
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-key-old-fashioned.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:23 GMT
accept-ranges: bytes
content-length: 801
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-mortarboard.png
107.161.23.11200 OK 1.2 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-mortarboard.png
IP 107.161.23.11:0
File type PNG image data, 64 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash eb402a474a130ae7e9da78825319c138
d434b38c411ecef29ab81df0b4461d3b6645c46d
a63872f091b6475feb1104466739105a8b949cb98efdb94c16091d1a46177554
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-mortarboard.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:23 GMT
accept-ranges: bytes
content-length: 1206
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-lock.png
107.161.23.11200 OK 947 B URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-lock.png
IP 107.161.23.11:0
File type PNG image data, 38 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 7b71a3a1ec5abd91f495a5f285a368e0
bbd30a1cd36647b9dc2f05c0aa30478428f46ef2
a0151e148864598aa0a83538a18fb6807f8ef6611fb79e5fa6017301ba8c0f14
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-lock.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:23 GMT
accept-ranges: bytes
content-length: 947
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfia792_ph_vcbp0032686_227x288.jpg
107.161.23.11200 OK 28 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfia792_ph_vcbp0032686_227x288.jpg
IP 107.161.23.11:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=\302\251 Corbis. All Rights Reserved.], baseline, precision 8, 227x288, components 3\012- data
Hash 8bd80a2cc048dbfe00af7c524652b8ab
9f156ef428c9c86aa945804ded8c1efe0b15eba3
63247feabb1403069d67d3752329d693dd55ea89f868fe26c41dfa5eb685ab99
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfia792_ph_vcbp0032686_227x288.jpg HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: image/jpeg
last-modified: Mon, 28 Nov 2022 15:00:29 GMT
accept-ranges: bytes
content-length: 28362
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-house.png
107.161.23.11200 OK 809 B URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-house.png
IP 107.161.23.11:0
File type PNG image data, 63 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 51a4de861c404232bc894ac45f2795e6
cd3384677e95a48480d1c80b73a9458c3bd3fea3
150cd3e453eaf9d45bab87fcb6a3d420b2f3893083cf6ddae3e63c9378e7c901
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-c63-house.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:23 GMT
accept-ranges: bytes
content-length: 809
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/sav_openw2saccount_234x144.png
107.161.23.11200 OK 4.0 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/sav_openw2saccount_234x144.png
IP 107.161.23.11:0
File type PNG image data, 234 x 144, 8-bit colormap, non-interlaced\012- data
Hash 9c8396c6fb54c9e82d00dd43aff3a38a
200dd96e99239338b113a0f9700855d0d726b866
6a32b9de78a5d369ca33aaafdd3f517e1af0573c5f297d0421567c10b6af9bae
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/sav_openw2saccount_234x144.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:53 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:27 GMT
accept-ranges: bytes
content-length: 3966
date: Mon, 28 Nov 2022 17:57:53 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/mba_iabrown_234x144.png
107.161.23.11200 OK 3.7 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/mba_iabrown_234x144.png
IP 107.161.23.11:0
File type PNG image data, 234 x 144, 8-bit colormap, non-interlaced\012- data
Hash a444a797a76f8345711c90bb93ba7cac
113f4593453dbee15de550e3869829bae527f398
efb6eee3edd815df498ce06c8cfa99a54a82d70195372d4933ea31b1a1b18d71
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/mba_iabrown_234x144.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:54 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:25 GMT
accept-ranges: bytes
content-length: 3692
date: Mon, 28 Nov 2022 17:57:54 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/mtg_2ndprequalfindout06dm_227x238.jpg
107.161.23.11200 OK 29 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/mtg_2ndprequalfindout06dm_227x238.jpg
IP 107.161.23.11:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 227x238, components 3\012- data
Hash 942108c0438cf456b39773abaa8f9010
b8d93e1dfce358040b6040709c8d7325507ba055
1f0af862d9699a4339a94792976cab45ee2e649323ade02ea5866936e5920151
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/mtg_2ndprequalfindout06dm_227x238.jpg HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:54 GMT
content-type: image/jpeg
last-modified: Mon, 28 Nov 2022 15:00:25 GMT
accept-ranges: bytes
content-length: 28685
date: Mon, 28 Nov 2022 17:57:54 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/mba_txtchkbal_227x238.jpg
107.161.23.11200 OK 22 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/mba_txtchkbal_227x238.jpg
IP 107.161.23.11:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 227x238, components 3\012- data
Hash 0210cce875ab1bef3ec6d2d6a18dd80e
0a63f681efaa2c3085270893fb1c68cb811e8f57
2468f48257f01b79c5bc9b7bbdf31d07e39439187b46c475f7854971a1acbc23
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/mba_txtchkbal_227x238.jpg HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:54 GMT
content-type: image/jpeg
last-modified: Mon, 28 Nov 2022 15:00:25 GMT
accept-ranges: bytes
content-length: 21845
date: Mon, 28 Nov 2022 17:57:54 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/stagecoach.jpg
107.161.23.11200 OK 4.9 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/stagecoach.jpg
IP 107.161.23.11:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 219x87, components 3\012- data
Hash a7904a8bd73927bae00c902fb999b4ee
1fcde8e5697bdd02105d291a08d553fe8c0ab137
1f55cd70e90f5dcc98ed0b5555f10259828e3084d36d0567b15b35e5bd523823
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/stagecoach.jpg HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:54 GMT
content-type: image/jpeg
last-modified: Mon, 28 Nov 2022 15:00:27 GMT
accept-ranges: bytes
content-length: 4890
date: Mon, 28 Nov 2022 17:57:54 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-equal-housing.gif
107.161.23.11200 OK 776 B URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-equal-housing.gif
IP 107.161.23.11:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 14x10, components 3\012- data
Hash c1f4a5e719c90b47be1fa329d75b9d75
9438c4d9ffb750b70fd1f71640cd49234b645f36
397bf475ca4b12d3595efbfebb09b9dff2529df4c3a55e5a3bbe7fab0a5cefe7
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/icon-equal-housing.gif HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:54 GMT
content-type: image/gif
last-modified: Mon, 28 Nov 2022 15:00:24 GMT
accept-ranges: bytes
content-length: 776
date: Mon, 28 Nov 2022 17:57:54 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/woman_on-tablet_227x288.jpg
107.161.23.11200 OK 14 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/woman_on-tablet_227x288.jpg
IP 107.161.23.11:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 227x288, components 3\012- data
Hash 6341680b80d4204ea9ebd8ff70a773f0
7c1e721f6b6770eee4bd4c9507c7fd4ce4aab4dd
a471933037c90b4277436a6b2d5d1bc479586bba273713ba01de6e096befd16a
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/woman_on-tablet_227x288.jpg HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:54 GMT
content-type: image/jpeg
last-modified: Mon, 28 Nov 2022 15:00:30 GMT
accept-ranges: bytes
content-length: 13512
date: Mon, 28 Nov 2022 17:57:54 GMT
server: LiteSpeed
push.services.mozilla.com/
34.208.31.97101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.208.31.97:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 226XKl49c4p4aJ02RmnpAA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: eB1zjVSMvuBTOKJ4kmvmeRHHUi0=
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfia432_ph_g132269213_227x240.gif
107.161.23.11200 OK 27 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfia432_ph_g132269213_227x240.gif
IP 107.161.23.11:0
File type GIF image data, version 89a, 227 x 240\012- data
Hash 15b63e74526b4bde34562aed0b9826d4
e3e11223a938ddd6f3a185fc4e92663b4c7428de
50829a52b0a4383f442edf6d316d2e30932914ddc892024d639d2f198b00b36f
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfia432_ph_g132269213_227x240.gif HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:54 GMT
content-type: image/gif
last-modified: Mon, 28 Nov 2022 15:00:28 GMT
accept-ranges: bytes
content-length: 26553
date: Mon, 28 Nov 2022 17:57:54 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/afg_usedcarapply_234x144.png
107.161.23.11200 OK 3.8 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/afg_usedcarapply_234x144.png
IP 107.161.23.11:0
File type PNG image data, 234 x 144, 8-bit colormap, non-interlaced\012- data
Hash 4d2979757f06f51ca43178d7e0479797
20ff96176514d8a4ccae374f1aafbe4c97ce82f9
8404eca0fa62587b3eabbe41a3f2bf6a7a1517137cb20ed4d261c87e2a4ccafe
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/afg_usedcarapply_234x144.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:54 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:18 GMT
accept-ranges: bytes
content-length: 3769
date: Mon, 28 Nov 2022 17:57:54 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfi999_bn_d-nopaymentsnodiscv2_234x144.png
107.161.23.11200 OK 5.8 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfi999_bn_d-nopaymentsnodiscv2_234x144.png
IP 107.161.23.11:0
File type PNG image data, 234 x 144, 8-bit colormap, non-interlaced\012- data
Hash b103a16e8883695d2122ad8d5cae4050
bd599598eb2569c2b5dbd1fbefb33de33a6365df
81279882b10ea977c6c29cefbd0da60c87c41506309324b54132f33fc095f21d
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfi999_bn_d-nopaymentsnodiscv2_234x144.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:54 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:28 GMT
accept-ranges: bytes
content-length: 5787
date: Mon, 28 Nov 2022 17:57:54 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/assets/images/global/chevron-large-left-grey.png
107.161.23.11200 OK 249 B URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/assets/images/global/chevron-large-left-grey.png
IP 107.161.23.11:0
File type PNG image data, 10 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 19cbd1a0375fe73721c9457a62daeab5
219e75260a18cb504000a1150a4d786a9404f5a8
b7b4da4a2d23cfed6cf949e002d1b0ae50131842ae8fe953be76bf75cd9ab792
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/assets/images/global/chevron-large-left-grey.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:54 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:14 GMT
accept-ranges: bytes
content-length: 249
date: Mon, 28 Nov 2022 17:57:54 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/assets/images/global/chevron-large-right-grey.png
107.161.23.11200 OK 259 B URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/assets/images/global/chevron-large-right-grey.png
IP 107.161.23.11:0
File type PNG image data, 10 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 081fae7218ce29edcb76158a0d0211f5
26eafbb627087e18e8f01a838f6d493b76cfa4e0
429a57520c174b1d7527c72849aa58157e4dd589e83ab55f93c91a63c528823d
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/assets/images/global/chevron-large-right-grey.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:54 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:15 GMT
accept-ranges: bytes
content-length: 259
date: Mon, 28 Nov 2022 17:57:54 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfia581_ph_g78750409_970x260.jpg
107.161.23.11200 OK 58 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfia581_ph_g78750409_970x260.jpg
IP 107.161.23.11:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 970x260, components 3\012- data
Hash 1999238dcb57f22e1573dd325e26e995
27d4054dd68e2580222e0bd2aa390274bb05389e
aea665d1dd1369add88b00765e48a4fea8e057c927ffed1c036a683714b88927
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfia581_ph_g78750409_970x260.jpg HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:54 GMT
content-type: image/jpeg
last-modified: Mon, 28 Nov 2022 15:00:28 GMT
accept-ranges: bytes
content-length: 58008
date: Mon, 28 Nov 2022 17:57:54 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/woman-farmers-market-227x288.png
107.161.23.11200 OK 41 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/woman-farmers-market-227x288.png
IP 107.161.23.11:0
File type PNG image data, 227 x 288, 8-bit colormap, non-interlaced\012- data
Hash dcd148e28a4de0eca07b7a54752c24a4
0b4aa6cb589f0f693657fcd153dfbb2737617d96
eebc9df9f8cf9bfab532c41cc0d1206cfe368001fb7b64ea3d1f37dd67bcd0d4
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/woman-farmers-market-227x288.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:54 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:30 GMT
accept-ranges: bytes
content-length: 40560
date: Mon, 28 Nov 2022 17:57:54 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfia999_tx_abcb2135_234x144.png
107.161.23.11200 OK 5.6 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfia999_tx_abcb2135_234x144.png
IP 107.161.23.11:0
File type PNG image data, 234 x 144, 8-bit colormap, non-interlaced\012- data
Hash c8ef81fe3462fb21d5f7e7f23bf6930a
022ae407f424be15c4cbc3ca4bb371cb6c707251
344f68ddf6f08d721982a3492f60979d26a9eda7d7b6aa48481cf27872ad9c40
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfia999_tx_abcb2135_234x144.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:54 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:29 GMT
accept-ranges: bytes
content-length: 5587
date: Mon, 28 Nov 2022 17:57:54 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/sav_savingssimpler_234x144.png
107.161.23.11200 OK 3.9 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/sav_savingssimpler_234x144.png
IP 107.161.23.11:0
File type PNG image data, 234 x 144, 8-bit colormap, non-interlaced\012- data
Hash 6cf3644db4a4c4a4b2b5e44e266eb8ed
0c33c1194ec47ee517539ba91c9cee182e51a710
7794f82cb97333d92415b5117d5e496098302e023974bbcbd6b4aef2d5172532
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/sav_savingssimpler_234x144.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:54 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:27 GMT
accept-ranges: bytes
content-length: 3851
date: Mon, 28 Nov 2022 17:57:54 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfib999_tx_d-autosavings_234x144.gif
107.161.23.11200 OK 8.9 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfib999_tx_d-autosavings_234x144.gif
IP 107.161.23.11:0
File type GIF image data, version 89a, 234 x 144\012- data
Hash 033496b6ca7baf54574cbb553d546097
eec7ebfdd50efbfaeaab95a8ee0bb4f2c5608570
d06ee87c4b0bed9940a18d514d464c30308c669314db4838abe0b9487d52f155
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfib999_tx_d-autosavings_234x144.gif HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:54 GMT
content-type: image/gif
last-modified: Mon, 28 Nov 2022 15:00:29 GMT
accept-ranges: bytes
content-length: 8921
date: Mon, 28 Nov 2022 17:57:54 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/mtg_buyingprequaldmiweghcpp_970x260.jpg
107.161.23.11200 OK 60 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/mtg_buyingprequaldmiweghcpp_970x260.jpg
IP 107.161.23.11:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 970x260, components 3\012- data
Hash dabdf4172d8be974436f5a03f5ef5aa5
1fa358339b49b306df1179429a908e6d28eeba9b
560cc17a135f7d1bcf7447ae35759589206b9a8b2061911c77a36d4e9b7fffe0
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/mtg_buyingprequaldmiweghcpp_970x260.jpg HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:54 GMT
content-type: image/jpeg
last-modified: Mon, 28 Nov 2022 15:00:26 GMT
accept-ranges: bytes
content-length: 60336
date: Mon, 28 Nov 2022 17:57:54 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/ins_prudentialswitch1325_234x144.jpg
107.161.23.11200 OK 8.7 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/ins_prudentialswitch1325_234x144.jpg
IP 107.161.23.11:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 234x144, components 3\012- data
Hash ce48cf2abe027e6e1bdb8fb06bcfe025
96216a4c78d63a20452648bbc6ba29431ce2fe4c
af8dc28e0f4535397b636865b8b0bc331e796835e557f7d8ca2bbadda0a1cddc
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/ins_prudentialswitch1325_234x144.jpg HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:54 GMT
content-type: image/jpeg
last-modified: Mon, 28 Nov 2022 15:00:24 GMT
accept-ranges: bytes
content-length: 8736
date: Mon, 28 Nov 2022 17:57:54 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/college_students_smartphone_227x288.jpg
107.161.23.11200 OK 36 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/college_students_smartphone_227x288.jpg
IP 107.161.23.11:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 227x288, components 3\012- data
Hash a6775600889532d6786bbe25f845177e
aa6e18dae191be7753cc7fc54d8d19915df8600d
fc2a35d6d84b04811e4a6d17e67486ac2aea49b9101362e60395031fa460c546
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/college_students_smartphone_227x288.jpg HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:54 GMT
content-type: image/jpeg
last-modified: Mon, 28 Nov 2022 15:00:21 GMT
accept-ranges: bytes
content-length: 35725
date: Mon, 28 Nov 2022 17:57:54 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wifa999_tx_dabcbefs1561-2_234x144.gif
107.161.23.11200 OK 8.1 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wifa999_tx_dabcbefs1561-2_234x144.gif
IP 107.161.23.11:0
File type GIF image data, version 89a, 234 x 144\012- data
Hash defe0f1bb9eb29a814fb2a5746509919
496329613fcd04ffeb08bfdf848dadfbb1796bff
87f1a19ba1e513760b638ce2143ec9109b1bd439bd86f786ff11775ee9b6458d
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wifa999_tx_dabcbefs1561-2_234x144.gif HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:54 GMT
content-type: image/gif
last-modified: Mon, 28 Nov 2022 15:00:30 GMT
accept-ranges: bytes
content-length: 8149
date: Mon, 28 Nov 2022 17:57:54 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/chk_studentcheckingcd3138_234x144.jpg
107.161.23.11200 OK 7.7 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/chk_studentcheckingcd3138_234x144.jpg
IP 107.161.23.11:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 234x144, components 3\012- data
Hash 80804c44d928a26d28b7168a20dcebc0
364b010c6b1ecb1527c4369ca01f884a8446f6d3
8e316f70fee31b2003edb2e3efa1ce3ae79b7ff9d2b7e926d5121c6aeec0b941
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/chk_studentcheckingcd3138_234x144.jpg HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:54 GMT
content-type: image/jpeg
last-modified: Mon, 28 Nov 2022 15:00:21 GMT
accept-ranges: bytes
content-length: 7661
date: Mon, 28 Nov 2022 17:57:54 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/fraud-center-woman-on-phone_227x288.png
107.161.23.11200 OK 37 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/fraud-center-woman-on-phone_227x288.png
IP 107.161.23.11:0
File type PNG image data, 227 x 288, 8-bit colormap, non-interlaced\012- data
Hash 4e03f2782b3f0ceef3449410caa5962c
ad8f431f64754a3c4eac88753b00600e33d4cb8a
b576ee4f5da90d65c3e8a37cbbb38cb897567cd6d31a2093ef325d324ac0f610
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/fraud-center-woman-on-phone_227x288.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:54 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:22 GMT
accept-ranges: bytes
content-length: 36793
date: Mon, 28 Nov 2022 17:57:54 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/oth_cyberthreats_234x144.png
107.161.23.11200 OK 2.7 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/oth_cyberthreats_234x144.png
IP 107.161.23.11:0
File type PNG image data, 234 x 144, 8-bit colormap, non-interlaced\012- data
Hash 6e7690f71e79d41c51a19f9448762db0
27b79779ccbca311e7e6950e022bc29fc2a4dd4f
5ec58ca3e0a073320b85799204300f6e2bfc0996984bf59711617b2d8ac9c417
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/oth_cyberthreats_234x144.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:54 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:26 GMT
accept-ranges: bytes
content-length: 2714
date: Mon, 28 Nov 2022 17:57:54 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfia999_bn_ddatabreach_234x144.gif
107.161.23.11200 OK 8.1 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfia999_bn_ddatabreach_234x144.gif
IP 107.161.23.11:0
File type GIF image data, version 89a, 234 x 144\012- data
Hash cbcc050c759d0447061411c30f541bd9
8729cb9760505d0dba9276ddbb055f9ca6ad0c15
93ae03c539a699c75573b1b7bc106a817739e1db0b9648abc5d9afdf97e408fb
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/wfia999_bn_ddatabreach_234x144.gif HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:54 GMT
content-type: image/gif
last-modified: Mon, 28 Nov 2022 15:00:29 GMT
accept-ranges: bytes
content-length: 8143
date: Mon, 28 Nov 2022 17:57:54 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/father-daughter_house-exterior_shoulders-airplane_227x288.jpg
107.161.23.11200 OK 13 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/father-daughter_house-exterior_shoulders-airplane_227x288.jpg
IP 107.161.23.11:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 227x288, components 3\012- data
Hash 4dbf3c384a10ece19cbad6102aade5f4
d1bcdd119b025a82b902916361616573ddfdd12f
957b98dc08bfec5841f634c6c362531bf01706a9f714afb1527a63b4d6ace525
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/father-daughter_house-exterior_shoulders-airplane_227x288.jpg HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:54 GMT
content-type: image/jpeg
last-modified: Mon, 28 Nov 2022 15:00:21 GMT
accept-ranges: bytes
content-length: 12993
date: Mon, 28 Nov 2022 17:57:54 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/mtg_fthbcourse1dmiwefthe2_234x144.png
107.161.23.11200 OK 4.4 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/mtg_fthbcourse1dmiwefthe2_234x144.png
IP 107.161.23.11:0
File type PNG image data, 234 x 144, 8-bit colormap, non-interlaced\012- data
Hash e9c37660f84bbd309e152dc99245eae6
43508e2533e3bb4b96a1e086f7649247e4ff15c5
1352a8925707b31c9de50423c7564ecab9fa587bfbea846c1d2f6870ec132733
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/mtg_fthbcourse1dmiwefthe2_234x144.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:54 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:26 GMT
accept-ranges: bytes
content-length: 4397
date: Mon, 28 Nov 2022 17:57:54 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/father-playing-soccer-with-kids-227x288.png
107.161.23.11200 OK 45 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/father-playing-soccer-with-kids-227x288.png
IP 107.161.23.11:0
File type PNG image data, 227 x 288, 8-bit colormap, non-interlaced\012- data
Hash 2495ff161c51ef1387698f92b3e98742
2a4d8c111d0b73902dce9e1b4d8229a2843dbf09
650ede89afe55ae9979fe130589eaf8513c44f6596c47b4088881f779efa507b
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/father-playing-soccer-with-kids-227x288.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:54 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:22 GMT
accept-ranges: bytes
content-length: 45106
date: Mon, 28 Nov 2022 17:57:54 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/mtg_buyingprequaldmiweghcpp_234x144.png
107.161.23.11200 OK 3.9 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/mtg_buyingprequaldmiweghcpp_234x144.png
IP 107.161.23.11:0
File type PNG image data, 234 x 144, 8-bit colormap, non-interlaced\012- data
Hash 55d26fc341552f2fe704606121e13bcd
f049731a072f357cc8856a6fb844e43a2e5ddada
332f5a2d230c84db725e699ec245cba9765ac6ff022224ea7ed7353c3c20005c
Analyzer Verdict Alert urlquery Phishing - Wells Fargo
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/img/mtg_buyingprequaldmiweghcpp_234x144.png HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Mon, 05 Dec 2022 17:57:54 GMT
content-type: image/png
last-modified: Mon, 28 Nov 2022 15:00:25 GMT
accept-ranges: bytes
content-length: 3947
date: Mon, 28 Nov 2022 17:57:54 GMT
server: LiteSpeed
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/favicon2.ico
107.161.23.11404 Not Found 1.2 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/favicon2.ico
IP 107.161.23.11:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
Analyzer Verdict Alert fortinet Phishing
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/favicon2.ico HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Mon, 28 Nov 2022 17:57:54 GMT
server: LiteSpeed
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2204
Expires: Mon, 28 Nov 2022 18:34:39 GMT
Date: Mon, 28 Nov 2022 17:57:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2204
Expires: Mon, 28 Nov 2022 18:34:39 GMT
Date: Mon, 28 Nov 2022 17:57:55 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2204
Expires: Mon, 28 Nov 2022 18:34:39 GMT
Date: Mon, 28 Nov 2022 17:57:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e5051d8c06f69e1842a9295ce256a36
1a542a53ba0b1cd0fb23257ebed8166555f16dfb
a7c0dbbb4d0d9138f5ca318cc2aa44e12dadf7ed6263ec204ba756da64b29c41
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7556
x-amzn-requestid: 1cda5313-2256-4830-bf84-2e6e15949d3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78KFTmoAMF4yg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e7-452e36d718a298d12a2374a9;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OWVkuAw6-nRNU_CVOgvsSSenSXnfSYSmJiKa60JvSaiJgPuXjJByZw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:46:41 GMT
age: 72674
etag: "1a542a53ba0b1cd0fb23257ebed8166555f16dfb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ibLuLI6j9EWh0dgk51O7kiPBRyURZ0UdNtlgbBD-SXnDg_GT_tJm8Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:16 GMT
age: 71799
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78b1389f425425d0450c94d900404dc4
53b12a8702f7c5b7cc697e2a24da824d9434be65
0c1659ab3afc6e45f9e3acb12f8865bb99e4668f7df4501b1cc740e53f5b62ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6376
x-amzn-requestid: 25b82353-9c15-44c0-ada5-55f4697de935
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KGeaoAMFb_Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-71711cca7c063030292c5e47;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: odmAWkNyUMevvXStu7zRJyckokhyBjUwu7-JSvj8by-JWJ9eAm9P5Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:26 GMT
age: 71789
etag: "53b12a8702f7c5b7cc697e2a24da824d9434be65"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa57bc6cf-beaa-443b-9756-cf26e4fe3767.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa57bc6cf-beaa-443b-9756-cf26e4fe3767.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2212cf75f99dc67fd45db47f7101d754
4b4a8c8e8aeccfff25d2748720dcef8fed287126
7b2d2e302faba8f273b51031fa48b444cb7839733b90e8c9d077ca63637320d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa57bc6cf-beaa-443b-9756-cf26e4fe3767.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6954
x-amzn-requestid: 94a02687-72f2-4796-a7ea-d3f28b412566
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b1jHpGBVIAMFsSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63787efd-22666b18283ae59b1348bf47;Sampled=0
x-amzn-remapped-date: Sat, 19 Nov 2022 07:00:13 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: feZayJeKq9jWHQ-rjutNr6buIjLVeIdY0A_ZeGo6NKgoQ6BBT3XQaw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 0906d4887f6625f4a4467d8d4fd268d2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 08:55:37 GMT
age: 32538
etag: "4b4a8c8e8aeccfff25d2748720dcef8fed287126"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3a1a4e00f1f15827cf651f373863c379
70c2a238f06ca7e56ef80c83738e081bf0de3330
3d936e1f0c96297f121faece12d6f8173e12eed5087165cd4eefc0fab368419f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8885
x-amzn-requestid: 71b8367f-f79f-42a7-bcb8-c441a154babf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGDTEFSeIAMF3rg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f18e0-631b775d3430a8c30c3b4420;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 07:10:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jsmd6yxjJxLMEgv1jDa87iEoZXL2OuALsmUZ9Nxx1rUN-xOTdtN1-A==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 08:11:39 GMT
age: 35176
etag: "70c2a238f06ca7e56ef80c83738e081bf0de3330"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2cd887044e91d7ed0f1a8d7119ff7dd0
ae8aa4ce6ddaccba771fe65446926b60fc5628da
bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10199
x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iF1VIAMF09g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:43 GMT
age: 72372
etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/img/s.gif?log=1&pid=222-6531-64&pageUrl=http%3A%2F%2Fwww.americantaxcredit.co%2F~medscrip%2Fbjauosflfa.dz5e6ql1b6ip%2Fzx7zkuaxg97a6j1p.u1grkt8mkapj0tjks%2Fc6vrvuto4anvf4qx.i09u14uic8093krdzmg%2Frg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq%2F&cb=1669658280864&event=LinkActivated&eventType=autoload&eventDescription=DisplayMarqueeCarouselItem&clist=242-6525-16~224-6277-32
107.161.23.11404 Not Found 1.2 kB URL HTTP/1.1 www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/img/s.gif?log=1&pid=222-6531-64&pageUrl=http%3A%2F%2Fwww.americantaxcredit.co%2F~medscrip%2Fbjauosflfa.dz5e6ql1b6ip%2Fzx7zkuaxg97a6j1p.u1grkt8mkapj0tjks%2Fc6vrvuto4anvf4qx.i09u14uic8093krdzmg%2Frg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq%2F&cb=1669658280864&event=LinkActivated&eventType=autoload&eventDescription=DisplayMarqueeCarouselItem&clist=242-6525-16~224-6277-32
IP 107.161.23.11:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/img/s.gif?log=1&pid=222-6531-64&pageUrl=http%3A%2F%2Fwww.americantaxcredit.co%2F~medscrip%2Fbjauosflfa.dz5e6ql1b6ip%2Fzx7zkuaxg97a6j1p.u1grkt8mkapj0tjks%2Fc6vrvuto4anvf4qx.i09u14uic8093krdzmg%2Frg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq%2F&cb=1669658280864&event=LinkActivated&eventType=autoload&eventDescription=DisplayMarqueeCarouselItem&clist=242-6525-16~224-6277-32 HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Mon, 28 Nov 2022 17:58:01 GMT
server: LiteSpeed
www.americantaxcredit.co/tas
107.161.23.11404 Not Found 16 kB URL HTTP/1.1 www.americantaxcredit.co/tas
IP 107.161.23.11:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (40089), with CRLF, LF line terminators
Hash 9a96df99652822423baab3ed489f93e4
372027411b14c4de147c210aaf5e1aae3cbdccfa
cfa7bfaf6d313c997082891237bae23ab047d9acb6c7af93fb5ead7f3f9e11da
POST /tas HTTP/1.1
Host: www.americantaxcredit.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 326
Origin: http://www.americantaxcredit.co
Connection: keep-alive
Referer: http://www.americantaxcredit.co/~medscrip/bjauosflfa.dz5e6ql1b6ip/zx7zkuaxg97a6j1p.u1grkt8mkapj0tjks/c6vrvuto4anvf4qx.i09u14uic8093krdzmg/rg8iplb9469q.jy5xe9tzxduvew.alle48x19v8wq/
HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
content-type: text/html; charset=UTF-8
link: <https://americantaxcredit.co/wp-json/>; rel="https://api.w.org/"
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Mon, 28 Nov 2022 17:58:01 GMT
server: LiteSpeed