tax-refund-calculation.co.uk Open in urlscan Pro
185.252.144.33 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tax-refund-calculation.co.uk/
Effective URL:
https://tax-refund-calculation.co.uk/step1.php
Submission: On March 06 via automatic, source certstream-suspicious (March 6th 2022, 10:07:48 pm UTC) — Scanned from DE

Summary HTTP 25 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 25 HTTP transactions. The main IP is 185.252.144.33, located in Helsinki, Finland and belongs to FIRST-SERVER-EU-AS, SC. The main domain is tax-refund-calculation.co.uk.
TLS certificate: Issued by R3 on March 6th 2022. Valid for: 3 months.

This is the only time tax-refund-calculation.co.uk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: UK Government (Government)

Domain & IP information

	IP Address	AS Autonomous System
1 15	185.252.144.33 185.252.144.33	200740 (FIRST-SER...) (FIRST-SERVER-EU-AS)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
9	2a04:4e42::144 2a04:4e42::144	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	4

15 185.252.144.33 (Helsinki, Finland) 1 redirects

ASN200740 (FIRST-SERVER-EU-AS, SC)
PTR: vm1517541.firstbyte.club

tax-refund-calculation.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a04:4e42::144 (United States)

ASN54113 (FASTLY, US)

www.gov.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	tax-refund-calculation.co.uk 1 redirects tax-refund-calculation.co.uk	892 KB
9	www.gov.uk www.gov.uk — Cisco Umbrella Rank: 18174	134 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	5 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
25	4

	Domain	Requested by
15	tax-refund-calculation.co.uk	1 redirects tax-refund-calculation.co.uk
9	www.gov.uk	tax-refund-calculation.co.uk
1	cdnjs.cloudflare.com	tax-refund-calculation.co.uk
1	www.google-analytics.com	tax-refund-calculation.co.uk
25	4

This site contains links to these domains. Also see Links.

Domain
www.gov.uk
www.nationalarchives.gov.uk

Subject Issuer	Validity	Valid
tax-refund-calculation.co.uk R3	`2022-03-06` - `2022-06-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.gov.uk GlobalSign RSA OV SSL CA 2018	`2021-11-18` - `2022-12-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://tax-refund-calculation.co.uk/step1.php
Frame ID: 985E9635A15D27F82F224161625D3142
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HRMC - Identity Verification - GOV.UK

Page URL History Show full URLs

https://tax-refund-calculation.co.uk/ HTTP 302
https://tax-refund-calculation.co.uk/step1.php Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

GOV.UK Frontend (UI frameworks) Expand

Overall confidence: 80%
Detected patterns

<body[^>]+govuk-template__body
<a[^>]+govuk-link

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

25
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

1051 kB
Transfer

1287 kB
Size

3
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.gov.uk/
Title: GOV.UK

Search URL Search Domain Scan URL

URL: https://www.nationalarchives.gov.uk/doc/open-government-licence/version/3/
Title: Open Government Licence v3.0

Search URL Search Domain Scan URL

URL: https://www.nationalarchives.gov.uk/information-management/re-using-public-sector-information/uk-government-licensing-framework/crown-copyright/
Title: © Crown copyright

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tax-refund-calculation.co.uk/ HTTP 302
https://tax-refund-calculation.co.uk/step1.php Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request step1.php Show response
tax-refund-calculation.co.uk/
Redirect Chain

https://tax-refund-calculation.co.uk/
https://tax-refund-calculation.co.uk/step1.php

68 KB
69 KB

131ms
131ms

Document
text/html

185.252.144.33
FIRST-SERVER-EU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tax-refund-calculation.co.uk/step1.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.252.144.33 Helsinki, Finland, ASN200740 (FIRST-SERVER-EU-AS, SC),
Reverse DNS: vm1517541.firstbyte.club
Software: Apache /
Resource Hash: d928fa5bd4f2e53a4d747911f36c06817fba8ff26ef9125beb22cfd66bc7d4d8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Sun, 06 Mar 2022 22:07:44 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

Redirect headers

Date: Sun, 06 Mar 2022 22:07:44 GMT
Server: Apache
Location: step1.php
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK main.1e1767e.min2.css
tax-refund-calculation.co.uk/css/ 216 KB
216 KB 143ms
68ms Stylesheet
text/css 185.252.144.33
FIRST-SERVER-EU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tax-refund-calculation.co.uk/css/main.1e1767e.min2.css
Requested by: Host: tax-refund-calculation.co.uk
URL: https://tax-refund-calculation.co.uk/step1.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.252.144.33 Helsinki, Finland, ASN200740 (FIRST-SERVER-EU-AS, SC),
Reverse DNS: vm1517541.firstbyte.club
Software: Apache /
Resource Hash: 9112312ac02f00f2bf43b6ee6cd30a20ab9a22e19182159e0792a8547274f8d1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tax-refund-calculation.co.uk/step1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 06 Mar 2022 22:07:44 GMT
Last-Modified: Wed, 16 Feb 2022 12:06:48 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 220679

GET
H/1.1 200
OK login.1e1767e.min.css
tax-refund-calculation.co.uk/css/ 68 KB
68 KB 200ms
68ms Stylesheet
text/css 185.252.144.33
FIRST-SERVER-EU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tax-refund-calculation.co.uk/css/login.1e1767e.min.css
Requested by: Host: tax-refund-calculation.co.uk
URL: https://tax-refund-calculation.co.uk/step1.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.252.144.33 Helsinki, Finland, ASN200740 (FIRST-SERVER-EU-AS, SC),
Reverse DNS: vm1517541.firstbyte.club
Software: Apache /
Resource Hash: 7f2548ca77dd03dfa09b5d4b083e432e6eff5f98032394a3b0ee662d2f5a65d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tax-refund-calculation.co.uk/step1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 06 Mar 2022 22:07:44 GMT
Last-Modified: Tue, 24 Nov 2020 15:59:52 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 69166

GET
H/1.1 200
OK jquery-1.js Show response
tax-refund-calculation.co.uk/assets/assets/files/ 262 KB
262 KB 281ms
69ms Script
application/javascript 185.252.144.33
FIRST-SERVER-EU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tax-refund-calculation.co.uk/assets/assets/files/jquery-1.js
Requested by: Host: tax-refund-calculation.co.uk
URL: https://tax-refund-calculation.co.uk/step1.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.252.144.33 Helsinki, Finland, ASN200740 (FIRST-SERVER-EU-AS, SC),
Reverse DNS: vm1517541.firstbyte.club
Software: Apache /
Resource Hash: 7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tax-refund-calculation.co.uk/step1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 06 Mar 2022 22:07:44 GMT
Last-Modified: Tue, 24 Nov 2020 15:59:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 268381

GET
H/1.1 200
OK jquery_002.js Show response
tax-refund-calculation.co.uk/assets/assets/files/ 21 KB
21 KB 289ms
67ms Script
application/javascript 185.252.144.33
FIRST-SERVER-EU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tax-refund-calculation.co.uk/assets/assets/files/jquery_002.js
Requested by: Host: tax-refund-calculation.co.uk
URL: https://tax-refund-calculation.co.uk/step1.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.252.144.33 Helsinki, Finland, ASN200740 (FIRST-SERVER-EU-AS, SC),
Reverse DNS: vm1517541.firstbyte.club
Software: Apache /
Resource Hash: 8244de8a4015fa72470e8be9b4203dd6238883d2c5f6a46263521bb5da9e2d70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tax-refund-calculation.co.uk/step1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 06 Mar 2022 22:07:44 GMT
Last-Modified: Tue, 24 Nov 2020 15:59:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 21083

GET
H/1.1 200
OK jquery_003.js Show response
tax-refund-calculation.co.uk/assets/assets/files/ 17 KB
17 KB 376ms
83ms Script
application/javascript 185.252.144.33
FIRST-SERVER-EU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tax-refund-calculation.co.uk/assets/assets/files/jquery_003.js
Requested by: Host: tax-refund-calculation.co.uk
URL: https://tax-refund-calculation.co.uk/step1.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.252.144.33 Helsinki, Finland, ASN200740 (FIRST-SERVER-EU-AS, SC),
Reverse DNS: vm1517541.firstbyte.club
Software: Apache /
Resource Hash: 190b90b1f62ad6798fca4c93adce6d0205c13b960b609af306f2d87b54885f85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tax-refund-calculation.co.uk/step1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 06 Mar 2022 22:07:44 GMT
Last-Modified: Tue, 24 Nov 2020 15:59:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 16962

GET
H/1.1 200
OK jquery.js Show response
tax-refund-calculation.co.uk/assets/assets/files/ 10 KB
10 KB 394ms
67ms Script
application/javascript 185.252.144.33
FIRST-SERVER-EU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tax-refund-calculation.co.uk/assets/assets/files/jquery.js
Requested by: Host: tax-refund-calculation.co.uk
URL: https://tax-refund-calculation.co.uk/step1.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.252.144.33 Helsinki, Finland, ASN200740 (FIRST-SERVER-EU-AS, SC),
Reverse DNS: vm1517541.firstbyte.club
Software: Apache /
Resource Hash: 7ef14a1e070a6a2ec9ff44ccf5e923cb2a460c5861a3db8a9ae1e21557d27020

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tax-refund-calculation.co.uk/step1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 06 Mar 2022 22:07:44 GMT
Last-Modified: Tue, 24 Nov 2020 15:59:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 10317

GET
H/1.1 200
OK Valid.js Show response
tax-refund-calculation.co.uk/assets/assets/files/ 35 KB
36 KB 415ms
73ms Script
application/javascript 185.252.144.33
FIRST-SERVER-EU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tax-refund-calculation.co.uk/assets/assets/files/Valid.js
Requested by: Host: tax-refund-calculation.co.uk
URL: https://tax-refund-calculation.co.uk/step1.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.252.144.33 Helsinki, Finland, ASN200740 (FIRST-SERVER-EU-AS, SC),
Reverse DNS: vm1517541.firstbyte.club
Software: Apache /
Resource Hash: 31cb86aa3e2352bac781aae0de892f456cbc796fcf1df9375a99a661579c9efa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tax-refund-calculation.co.uk/step1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 06 Mar 2022 22:07:44 GMT
Last-Modified: Tue, 24 Nov 2020 15:59:50 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 36159

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 126ms
39ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tax-refund-calculation.co.uk
URL: https://tax-refund-calculation.co.uk/step1.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tax-refund-calculation.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1971
date: Sun, 06 Mar 2022 21:34:53 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 06 Mar 2022 23:34:53 GMT

GET
H2 200 lux-reporter-07c3035587fe275e5daf5db7d32638fc313a5032c1555eab99f19973d53a3e9e.js Show response
www.gov.uk/assets/static/govuk_publishing_components/vendor/lux/ 17 KB
6 KB 7ms
7ms Script
application/javascript 2a04:4e42::144
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gov.uk/assets/static/govuk_publishing_components/vendor/lux/lux-reporter-07c3035587fe275e5daf5db7d32638fc313a5032c1555eab99f19973d53a3e9e.js

Requested by

Host: tax-refund-calculation.co.uk
URL: https://tax-refund-calculation.co.uk/step1.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::144 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

07c3035587fe275e5daf5db7d32638fc313a5032c1555eab99f19973d53a3e9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tax-refund-calculation.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload
content-encoding: br
etag: "60e412e4-4588"
age: 259181
x-cache: HIT
x-cache-hits: 1
content-length: 5983
x-served-by: cache-hhn4055-HHN
last-modified: Tue, 06 Jul 2021 08:23:00 GMT
server: nginx
fastly-backend-name: origin
date: Sun, 06 Mar 2022 22:07:44 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
x-timer: S1646604465.764723,VS0,VE1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lux-measurer-2953485ff03af7b9ea4c6a6170eeae0e42d13011e7ab0d7f31552c6c68b1ea08.js Show response
www.gov.uk/assets/static/govuk_publishing_components/vendor/lux/ 2 KB
805 B 7ms
6ms Script
application/javascript 2a04:4e42::144
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gov.uk/assets/static/govuk_publishing_components/vendor/lux/lux-measurer-2953485ff03af7b9ea4c6a6170eeae0e42d13011e7ab0d7f31552c6c68b1ea08.js

Requested by

Host: tax-refund-calculation.co.uk
URL: https://tax-refund-calculation.co.uk/step1.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::144 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

2953485ff03af7b9ea4c6a6170eeae0e42d13011e7ab0d7f31552c6c68b1ea08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tax-refund-calculation.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload
content-encoding: br
etag: "60e412e5-79a"
age: 1015954
x-cache: HIT
x-cache-hits: 6429
content-length: 694
x-served-by: cache-hhn4055-HHN
last-modified: Tue, 06 Jul 2021 08:23:01 GMT
server: nginx
fastly-backend-name: origin
date: Sun, 06 Mar 2022 22:07:44 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
x-timer: S1646604465.769323,VS0,VE0
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 rum-loader-e1f6e34550176df772357c41481daec62093a0adc77ddaca6671f8607dd4c345.js Show response
www.gov.uk/assets/static/govuk_publishing_components/ 636 B
464 B 8ms
7ms Script
application/javascript 2a04:4e42::144
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gov.uk/assets/static/govuk_publishing_components/rum-loader-e1f6e34550176df772357c41481daec62093a0adc77ddaca6671f8607dd4c345.js

Requested by

Host: tax-refund-calculation.co.uk
URL: https://tax-refund-calculation.co.uk/step1.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::144 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e1f6e34550176df772357c41481daec62093a0adc77ddaca6671f8607dd4c345

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tax-refund-calculation.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload
content-encoding: br
etag: "60e412e3-27c"
age: 421905
x-cache: HIT
x-cache-hits: 1
content-length: 357
x-served-by: cache-hhn4055-HHN
last-modified: Tue, 06 Jul 2021 08:22:59 GMT
server: nginx
fastly-backend-name: origin
date: Sun, 06 Mar 2022 22:07:44 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
x-timer: S1646604465.769483,VS0,VE1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK application-eeefd93bb4e3a40533688e62bae6a241ff74802cba07f6da687198e517c4b13e.css
tax-refund-calculation.co.uk/css/ 193 KB
193 KB 200ms
69ms Stylesheet
text/css 185.252.144.33
FIRST-SERVER-EU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tax-refund-calculation.co.uk/css/application-eeefd93bb4e3a40533688e62bae6a241ff74802cba07f6da687198e517c4b13e.css
Requested by: Host: tax-refund-calculation.co.uk
URL: https://tax-refund-calculation.co.uk/step1.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.252.144.33 Helsinki, Finland, ASN200740 (FIRST-SERVER-EU-AS, SC),
Reverse DNS: vm1517541.firstbyte.club
Software: Apache /
Resource Hash: f1c08150ed78a0db65c0099c8784d5efa8f193e07e803a8ea823397a94dbe5b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tax-refund-calculation.co.uk/step1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 06 Mar 2022 22:07:44 GMT
Last-Modified: Wed, 16 Feb 2022 12:01:00 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 197891

GET
H/1.1 404
Not Found application-0e6f1b796b951ca0e07ce65f537ba3045e163b208c897f53b1fd4f36993385cc.css
tax-refund-calculation.co.uk/assets/government-frontend/ 0
0 221ms
69ms Stylesheet
text/html 185.252.144.33
FIRST-SERVER-EU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tax-refund-calculation.co.uk/assets/government-frontend/application-0e6f1b796b951ca0e07ce65f537ba3045e163b208c897f53b1fd4f36993385cc.css
Requested by: Host: tax-refund-calculation.co.uk
URL: https://tax-refund-calculation.co.uk/step1.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.252.144.33 Helsinki, Finland, ASN200740 (FIRST-SERVER-EU-AS, SC),
Reverse DNS: vm1517541.firstbyte.club
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tax-refund-calculation.co.uk/step1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 06 Mar 2022 22:07:44 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 application-2be6729d764d43d01fa6a31482db9b11a7fa1212d9cd08d2ef74330edbba582a.js Show response
www.gov.uk/assets/static/ 186 KB
53 KB 61ms
8ms Script
application/javascript 2a04:4e42::144
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gov.uk/assets/static/application-2be6729d764d43d01fa6a31482db9b11a7fa1212d9cd08d2ef74330edbba582a.js

Requested by

Host: tax-refund-calculation.co.uk
URL: https://tax-refund-calculation.co.uk/step1.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::144 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

2be6729d764d43d01fa6a31482db9b11a7fa1212d9cd08d2ef74330edbba582a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tax-refund-calculation.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload
content-encoding: br
etag: "62064fe2-2e631"
age: 1628606
x-cache: HIT
x-cache-hits: 1
content-length: 53564
x-served-by: cache-hhn4055-HHN
last-modified: Fri, 11 Feb 2022 12:00:34 GMT
server: nginx
fastly-backend-name: origin
date: Sun, 06 Mar 2022 22:07:44 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
x-timer: S1646604464.441308,VS0,VE1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 404
Not Found application-ab19aa02766903b3db060e5924411efd813c6bfd371860c3f8dcb9dbc8f75961.js
tax-refund-calculation.co.uk/assets/government-frontend/ 0
0 375ms
67ms Script
text/html 185.252.144.33
FIRST-SERVER-EU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tax-refund-calculation.co.uk/assets/government-frontend/application-ab19aa02766903b3db060e5924411efd813c6bfd371860c3f8dcb9dbc8f75961.js
Requested by: Host: tax-refund-calculation.co.uk
URL: https://tax-refund-calculation.co.uk/step1.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.252.144.33 Helsinki, Finland, ASN200740 (FIRST-SERVER-EU-AS, SC),
Reverse DNS: vm1517541.firstbyte.club
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tax-refund-calculation.co.uk/step1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 06 Mar 2022 22:07:44 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=96
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 jquery.mask.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/ 20 KB
5 KB 58ms
22ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js

Requested by

Host: tax-refund-calculation.co.uk
URL: https://tax-refund-calculation.co.uk/step1.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tax-refund-calculation.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Mar 2022 22:07:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 786676
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4517
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-4e98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JL7pzI0eME5%2FoowDXsiUxWvJalnMO5sD5WrhvpfbxK1Z%2Fgc7SyyxvZCz9Tcc55iYfwqx9bcDjF%2FDFSlpBSsjuIm2MT1vouph%2BjP8WsHs9MqJW1gWPwZoNz5MnJL8PzYfKwZzAo0THnhnqQmmHLMq7cUi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e7e67eedbaf9bf4-FRA
expires: Fri, 24 Feb 2023 22:07:44 GMT

GET
H2 200 print-9c2fcb462904250f78858369ad2a644eeb16c3e0beafc9f253d3fa08b23d1314.css
www.gov.uk/assets/static/ 56 KB
6 KB 8ms
8ms Stylesheet
text/css 2a04:4e42::144
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gov.uk/assets/static/print-9c2fcb462904250f78858369ad2a644eeb16c3e0beafc9f253d3fa08b23d1314.css

Requested by

Host: tax-refund-calculation.co.uk
URL: https://tax-refund-calculation.co.uk/step1.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::144 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

9c2fcb462904250f78858369ad2a644eeb16c3e0beafc9f253d3fa08b23d1314

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tax-refund-calculation.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload
content-encoding: br
etag: "6196718e-df3a"
age: 4742315
x-cache: HIT
x-cache-hits: 1
content-length: 6143
x-served-by: cache-hhn4055-HHN
last-modified: Thu, 18 Nov 2021 15:30:22 GMT
server: nginx
fastly-backend-name: origin
date: Sun, 06 Mar 2022 22:07:44 GMT
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
via: 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
x-timer: S1646604465.769618,VS0,VE1
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 404
Not Found print-7e5d5687b824df6b00986ff3e8a7989532e6e7a4b0e747f70338c308b60285f7.css
tax-refund-calculation.co.uk/assets/government-frontend/ 0
0 69ms
68ms Stylesheet
text/html 185.252.144.33
FIRST-SERVER-EU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tax-refund-calculation.co.uk/assets/government-frontend/print-7e5d5687b824df6b00986ff3e8a7989532e6e7a4b0e747f70338c308b60285f7.css
Requested by: Host: tax-refund-calculation.co.uk
URL: https://tax-refund-calculation.co.uk/step1.php
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.252.144.33 Helsinki, Finland, ASN200740 (FIRST-SERVER-EU-AS, SC),
Reverse DNS: vm1517541.firstbyte.club
Software: Apache /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tax-refund-calculation.co.uk/step1.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 06 Mar 2022 22:07:44 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=95
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 light-94a07e06a1-v2-eedfb3c2f7945caebd0b15522b59d6c7f01be17fecd6102fd76452ad4042f7b0.woff2
www.gov.uk/assets/static/ 33 KB
33 KB 20ms
6ms Font
font/woff2 2a04:4e42::144
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gov.uk/assets/static/light-94a07e06a1-v2-eedfb3c2f7945caebd0b15522b59d6c7f01be17fecd6102fd76452ad4042f7b0.woff2

Requested by

Host: tax-refund-calculation.co.uk
URL: https://tax-refund-calculation.co.uk/css/application-eeefd93bb4e3a40533688e62bae6a241ff74802cba07f6da687198e517c4b13e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::144 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

eedfb3c2f7945caebd0b15522b59d6c7f01be17fecd6102fd76452ad4042f7b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://tax-refund-calculation.co.uk/
Origin: https://tax-refund-calculation.co.uk
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload
via: 1.1 varnish
etag: "5fbfa0d5-8266"
age: 1544731
x-cache: HIT
content-length: 33382
x-served-by: cache-hhn4039-HHN
last-modified: Thu, 26 Nov 2020 12:34:29 GMT
server: nginx
fastly-backend-name: origin
date: Sun, 06 Mar 2022 22:07:44 GMT
access-control-allow-methods: GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
x-timer: S1646604465.787339,VS0,VE0
access-control-allow-headers: origin, authorization
x-cache-hits: 19

GET
H2 200 bold-b542beb274-v2-06eba01b1af0f4014b484c711771fef1db30becbf0edf481498da1e4958d3d47.woff2
www.gov.uk/assets/static/ 31 KB
31 KB 21ms
8ms Font
font/woff2 2a04:4e42::144
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gov.uk/assets/static/bold-b542beb274-v2-06eba01b1af0f4014b484c711771fef1db30becbf0edf481498da1e4958d3d47.woff2

Requested by

Host: tax-refund-calculation.co.uk
URL: https://tax-refund-calculation.co.uk/css/application-eeefd93bb4e3a40533688e62bae6a241ff74802cba07f6da687198e517c4b13e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::144 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

06eba01b1af0f4014b484c711771fef1db30becbf0edf481498da1e4958d3d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Referer: https://tax-refund-calculation.co.uk/
Origin: https://tax-refund-calculation.co.uk
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload
via: 1.1 varnish
etag: "62010192-7af8"
age: 2324974
x-cache: HIT
content-length: 31480
x-served-by: cache-hhn4039-HHN
last-modified: Mon, 07 Feb 2022 11:25:06 GMT
server: nginx
fastly-backend-name: origin
date: Sun, 06 Mar 2022 22:07:44 GMT
access-control-allow-methods: GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: *
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
accept-ranges: bytes
x-timer: S1646604465.787449,VS0,VE0
access-control-allow-headers: origin, authorization
x-cache-hits: 9

GET
H/1.1 404
Not Found nobblee_light.woff
tax-refund-calculation.co.uk/fonts/ 0
0 66ms
66ms Font
text/html 185.252.144.33
FIRST-SERVER-EU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tax-refund-calculation.co.uk/fonts/nobblee_light.woff
Requested by: Host: tax-refund-calculation.co.uk
URL: https://tax-refund-calculation.co.uk/css/main.1e1767e.min2.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.252.144.33 Helsinki, Finland, ASN200740 (FIRST-SERVER-EU-AS, SC),
Reverse DNS: vm1517541.firstbyte.club
Software: Apache /
Resource Hash

Request headers

Referer: https://tax-refund-calculation.co.uk/css/main.1e1767e.min2.css
Origin: https://tax-refund-calculation.co.uk
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 06 Mar 2022 22:07:44 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 action-link-arrow--simple-light-404cfd5992e74d48ac785545369ce0368ef54590a692afa37b1b50035b13a0e8.svg
www.gov.uk/assets/static/govuk_publishing_components/ 431 B
512 B 6ms
6ms Image
image/svg+xml 2a04:4e42::144
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gov.uk/assets/static/govuk_publishing_components/action-link-arrow--simple-light-404cfd5992e74d48ac785545369ce0368ef54590a692afa37b1b50035b13a0e8.svg

Requested by

Host: tax-refund-calculation.co.uk
URL: https://tax-refund-calculation.co.uk/css/application-eeefd93bb4e3a40533688e62bae6a241ff74802cba07f6da687198e517c4b13e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::144 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

404cfd5992e74d48ac785545369ce0368ef54590a692afa37b1b50035b13a0e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tax-refund-calculation.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload
content-encoding: br
etag: "5f89da48-1af"
age: 1026810
x-cache: HIT
x-cache-hits: 6468
content-length: 206
x-served-by: cache-hhn4055-HHN
last-modified: Fri, 16 Oct 2020 17:37:12 GMT
server: nginx
fastly-backend-name: origin
date: Sun, 06 Mar 2022 22:07:44 GMT
vary: Accept-Encoding
content-type: image/svg+xml
via: 1.1 varnish
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
x-timer: S1646604465.820853,VS0,VE0
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 govuk-crest-bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b.png
www.gov.uk/assets/static/ 4 KB
4 KB 7ms
6ms Image
image/png 2a04:4e42::144
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gov.uk/assets/static/govuk-crest-bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b.png

Requested by

Host: tax-refund-calculation.co.uk
URL: https://tax-refund-calculation.co.uk/css/application-eeefd93bb4e3a40533688e62bae6a241ff74802cba07f6da687198e517c4b13e.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::144 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tax-refund-calculation.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload
via: 1.1 varnish
etag: "5fbf9ef5-e00"
age: 503739
x-cache: HIT
x-cache-hits: 16
content-length: 3584
x-served-by: cache-hhn4055-HHN
last-modified: Thu, 26 Nov 2020 12:26:29 GMT
server: nginx
fastly-backend-name: origin
date: Sun, 06 Mar 2022 22:07:44 GMT
content-type: image/png
cache-control: max-age=315360000, public, immutable
accept-ranges: bytes
x-timer: S1646604465.822582,VS0,VE0
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 404
Not Found nobblee_light.ttf
tax-refund-calculation.co.uk/fonts/core/ 0
0 65ms
65ms Font
text/html 185.252.144.33
FIRST-SERVER-EU-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tax-refund-calculation.co.uk/fonts/core/nobblee_light.ttf
Requested by: Host: tax-refund-calculation.co.uk
URL: https://tax-refund-calculation.co.uk/css/main.1e1767e.min2.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 185.252.144.33 Helsinki, Finland, ASN200740 (FIRST-SERVER-EU-AS, SC),
Reverse DNS: vm1517541.firstbyte.club
Software: Apache /
Resource Hash

Request headers

Referer: https://tax-refund-calculation.co.uk/css/main.1e1767e.min2.css
Origin: https://tax-refund-calculation.co.uk
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 06 Mar 2022 22:07:44 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 315
Content-Type: text/html; charset=iso-8859-1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: UK Government (Government)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tax-refund-calculation.co.uk/	1969-12-31 23:59:59	Name: PHPSESSID Value: c6b8ce8e75409ca74f1d937f39b696e7
tax-refund-calculation.co.uk/	1970-01-20 10:09:00	Name: cookies_policy Value: {"essential":true,"settings":false,"usage":false,"campaigns":false}
tax-refund-calculation.co.uk/	1970-01-20 01:23:26	Name: lux_uid Value: 164660446481816373

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://tax-refund-calculation.co.uk/assets/government-frontend/application-0e6f1b796b951ca0e07ce65f537ba3045e163b208c897f53b1fd4f36993385cc.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://tax-refund-calculation.co.uk/assets/government-frontend/application-ab19aa02766903b3db060e5924411efd813c6bfd371860c3f8dcb9dbc8f75961.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://tax-refund-calculation.co.uk/assets/government-frontend/print-7e5d5687b824df6b00986ff3e8a7989532e6e7a4b0e747f70338c308b60285f7.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://tax-refund-calculation.co.uk/fonts/nobblee_light.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://tax-refund-calculation.co.uk/fonts/core/nobblee_light.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
tax-refund-calculation.co.uk
www.google-analytics.com
www.gov.uk
185.252.144.33
2606:4700::6810:125e
2a00:1450:4001:810::200e
2a04:4e42::144
06eba01b1af0f4014b484c711771fef1db30becbf0edf481498da1e4958d3d47
07c3035587fe275e5daf5db7d32638fc313a5032c1555eab99f19973d53a3e9e
190b90b1f62ad6798fca4c93adce6d0205c13b960b609af306f2d87b54885f85
2953485ff03af7b9ea4c6a6170eeae0e42d13011e7ab0d7f31552c6c68b1ea08
2be6729d764d43d01fa6a31482db9b11a7fa1212d9cd08d2ef74330edbba582a
31cb86aa3e2352bac781aae0de892f456cbc796fcf1df9375a99a661579c9efa
404cfd5992e74d48ac785545369ce0368ef54590a692afa37b1b50035b13a0e8
7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40
7ef14a1e070a6a2ec9ff44ccf5e923cb2a460c5861a3db8a9ae1e21557d27020
7f2548ca77dd03dfa09b5d4b083e432e6eff5f98032394a3b0ee662d2f5a65d2
8244de8a4015fa72470e8be9b4203dd6238883d2c5f6a46263521bb5da9e2d70
9112312ac02f00f2bf43b6ee6cd30a20ab9a22e19182159e0792a8547274f8d1
9c2fcb462904250f78858369ad2a644eeb16c3e0beafc9f253d3fa08b23d1314
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b
be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44
d928fa5bd4f2e53a4d747911f36c06817fba8ff26ef9125beb22cfd66bc7d4d8
e1f6e34550176df772357c41481daec62093a0adc77ddaca6671f8607dd4c345
eedfb3c2f7945caebd0b15522b59d6c7f01be17fecd6102fd76452ad4042f7b0
f1c08150ed78a0db65c0099c8784d5efa8f193e07e803a8ea823397a94dbe5b8

tax-refund-calculation.co.uk Open in urlscan Pro 185.252.144.33 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

25 Requests

100 %HTTPS

75 %IPv6

4 Domains

4 Subdomains

4 IPs

3 Countries

1051 kBTransfer

1287 kBSize

3 Cookies

3 Outgoing links

Page URL History

Redirected requests

25 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

23 JavaScript Global Variables

3 Cookies

5 Console Messages

tax-refund-calculation.co.uk Open in urlscan Pro
185.252.144.33 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

25
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

1051 kB
Transfer

1287 kB
Size

3
Cookies

25 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!