URL: https://kwincometaxservice.com/
Submission: On May 16 via automatic, source certstream-suspicious

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 30 HTTP transactions. The main IP is 108.167.143.112, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is kwincometaxservice.com.
TLS certificate: Issued by R3 on March 16th 2021. Valid for: 3 months.
This is the only time kwincometaxservice.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 108.167.143.112 46606 (UNIFIEDLA...)
1 23.111.9.35 33438 (HIGHWINDS2)
4 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
30 6
Domain Requested by
17 kwincometaxservice.com kwincometaxservice.com
6 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com kwincometaxservice.com
www.gstatic.com
1 fonts.gstatic.com www.google.com
1 use.fontawesome.com kwincometaxservice.com
0 use.edgefonts.net Failed kwincometaxservice.com
30 6

This site contains no links.

Subject Issuer Validity Valid
autodiscover.kwincometaxservice.com
R3
2021-03-16 -
2021-06-14
3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-13 -
2021-12-14
a year crt.sh
www.google.com
GTS CA 1C3
2021-04-13 -
2021-07-06
3 months crt.sh
*.google.com
GTS CA 1O1
2021-04-13 -
2021-07-06
3 months crt.sh

This page contains 3 frames:

Primary Page: https://kwincometaxservice.com/
Frame ID: DA95586239877BC62BDDBD931BC28C7E
Requests: 23 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le6olsUAAAAAOcvP9_R0zPyiM8i1yWrcrb40z22&co=aHR0cHM6Ly9rd2luY29tZXRheHNlcnZpY2UuY29tOjQ0Mw..&hl=en&v=f-bnnOuahiYKuei7dmAd3kgv&size=normal&cb=hvm2cmlpoehn
Frame ID: E93C853E6870DEBDA8DE86BFD747BD71
Requests: 8 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=f-bnnOuahiYKuei7dmAd3kgv&k=6Le6olsUAAAAAOcvP9_R0zPyiM8i1yWrcrb40z22&cb=834eo36a42ae
Frame ID: 4E7BF825D5723A52042DF34C659A7AD8
Requests: 3 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<!--[^>]*(?:InstanceBeginEditable|Dreamweaver([^>]+)target|DWLayoutDefaultTable)/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i

Page Statistics

30
Requests

97 %
HTTPS

60 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

5802 kB
Transfer

6847 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
kwincometaxservice.com/
14 KB
5 KB
Document
General
Full URL
https://kwincometaxservice.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.143.112 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
gator4178.hostgator.com
Software
Apache /
Resource Hash
261f46863a9f27b68a748d582b21b1288c22f33b5f5ccff4a13308c3bb09f63e

Request headers

:method
GET
:authority
kwincometaxservice.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 08:15:46 GMT
server
Apache
vary
Accept-Encoding
content-encoding
gzip
content-length
4591
content-type
text/html; charset=UTF-8
bootstrap-4.4.1.css
kwincometaxservice.com/css/
193 KB
39 KB
Stylesheet
General
Full URL
https://kwincometaxservice.com/css/bootstrap-4.4.1.css
Requested by
Host: kwincometaxservice.com
URL: https://kwincometaxservice.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.143.112 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
gator4178.hostgator.com
Software
Apache /
Resource Hash
038ecec312ff9c0374c9d8831534865fb7ed6df4c94ca822274cea0ae4cf0e1e

Request headers

:path
/css/bootstrap-4.4.1.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
kwincometaxservice.com
referer
https://kwincometaxservice.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kwincometaxservice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 08:15:46 GMT
content-encoding
gzip
last-modified
Fri, 25 Dec 2020 00:52:50 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
text/css
layout.css
kwincometaxservice.com/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://kwincometaxservice.com/css/layout.css
Requested by
Host: kwincometaxservice.com
URL: https://kwincometaxservice.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.143.112 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
gator4178.hostgator.com
Software
Apache /
Resource Hash
3203de3a2e6ba3639ac09de55de2c66ba192a2201d0ff6c5a00d6132c3d25aaf

Request headers

:path
/css/layout.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
kwincometaxservice.com
referer
https://kwincometaxservice.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kwincometaxservice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 08:15:46 GMT
content-encoding
gzip
last-modified
Fri, 25 Dec 2020 00:52:48 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
2185
all.css
use.fontawesome.com/releases/v5.0.13/css/
40 KB
10 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.0.13/css/all.css
Requested by
Host: kwincometaxservice.com
URL: https://kwincometaxservice.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e

Request headers

Referer
https://kwincometaxservice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 08:15:46 GMT
content-encoding
gzip
last-modified
Thu, 10 May 2018 15:10:14 GMT
server
NetDNA-cache/2.2
etag
W/"d61bfe9b56c13ecff5313ee3abb45e8b"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
KWITSLogo.png
kwincometaxservice.com/images/
10 KB
10 KB
Image
General
Full URL
https://kwincometaxservice.com/images/KWITSLogo.png
Requested by
Host: kwincometaxservice.com
URL: https://kwincometaxservice.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.143.112 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
gator4178.hostgator.com
Software
Apache /
Resource Hash
cf753d59a225a95fbd818ddcb7377256e03fb6af939784243f98f514cda16ad8

Request headers

:path
/images/KWITSLogo.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kwincometaxservice.com
referer
https://kwincometaxservice.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kwincometaxservice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 08:15:47 GMT
last-modified
Fri, 25 Dec 2020 00:53:13 GMT
server
Apache
accept-ranges
bytes
content-length
10677
content-type
image/png
Image-STLSkyline.png
kwincometaxservice.com/images/
2 MB
2 MB
Image
General
Full URL
https://kwincometaxservice.com/images/Image-STLSkyline.png
Requested by
Host: kwincometaxservice.com
URL: https://kwincometaxservice.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.143.112 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
gator4178.hostgator.com
Software
Apache /
Resource Hash
2d82573c4433c3fdd968a97e923c4f4cd4ac977b86a475f55a468988ab985bb9

Request headers

:path
/images/Image-STLSkyline.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kwincometaxservice.com
referer
https://kwincometaxservice.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kwincometaxservice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 08:15:47 GMT
last-modified
Fri, 25 Dec 2020 00:53:08 GMT
server
Apache
accept-ranges
bytes
content-length
1726519
content-type
image/png
Image-Taxes.png
kwincometaxservice.com/images/
560 KB
561 KB
Image
General
Full URL
https://kwincometaxservice.com/images/Image-Taxes.png
Requested by
Host: kwincometaxservice.com
URL: https://kwincometaxservice.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.143.112 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
gator4178.hostgator.com
Software
Apache /
Resource Hash
842592eba892cada0be976c01ce002d5473462268a9401927912c9d66481c5d6

Request headers

:path
/images/Image-Taxes.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kwincometaxservice.com
referer
https://kwincometaxservice.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kwincometaxservice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 08:15:47 GMT
last-modified
Fri, 25 Dec 2020 00:53:12 GMT
server
Apache
accept-ranges
bytes
content-length
573865
content-type
image/png
Image-ManWomanDesk.png
kwincometaxservice.com/images/
1 MB
1 MB
Image
General
Full URL
https://kwincometaxservice.com/images/Image-ManWomanDesk.png
Requested by
Host: kwincometaxservice.com
URL: https://kwincometaxservice.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.143.112 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
gator4178.hostgator.com
Software
Apache /
Resource Hash
d33c95f08444fc66d49f5baf14d747f21bcdfbc75c978a4ba7cb3cdadf14c3e4

Request headers

:path
/images/Image-ManWomanDesk.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kwincometaxservice.com
referer
https://kwincometaxservice.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kwincometaxservice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 08:15:47 GMT
last-modified
Mon, 25 Jan 2021 22:59:29 GMT
server
Apache
accept-ranges
bytes
content-length
1310154
content-type
image/png
quote.jpg
kwincometaxservice.com/images/
2 KB
2 KB
Image
General
Full URL
https://kwincometaxservice.com/images/quote.jpg
Requested by
Host: kwincometaxservice.com
URL: https://kwincometaxservice.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.143.112 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
gator4178.hostgator.com
Software
Apache /
Resource Hash
081ae522e2c4119df12e5126a2c25306b9710c6a43b62bb1d35bd0e83c3e0893

Request headers

:path
/images/quote.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kwincometaxservice.com
referer
https://kwincometaxservice.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kwincometaxservice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 08:15:47 GMT
last-modified
Fri, 25 Dec 2020 00:53:13 GMT
server
Apache
accept-ranges
bytes
content-length
1972
content-type
image/jpeg
book.jpg
kwincometaxservice.com/images/
2 KB
2 KB
Image
General
Full URL
https://kwincometaxservice.com/images/book.jpg
Requested by
Host: kwincometaxservice.com
URL: https://kwincometaxservice.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.143.112 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
gator4178.hostgator.com
Software
Apache /
Resource Hash
8bac73d7e2bd8be3af59ac72b688c49dfc22df78390299b2bdf1c759443bd1a8

Request headers

:path
/images/book.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kwincometaxservice.com
referer
https://kwincometaxservice.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kwincometaxservice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 08:15:47 GMT
last-modified
Fri, 25 Dec 2020 00:52:53 GMT
server
Apache
accept-ranges
bytes
content-length
1874
content-type
image/jpeg
bargain.jpg
kwincometaxservice.com/images/
2 KB
2 KB
Image
General
Full URL
https://kwincometaxservice.com/images/bargain.jpg
Requested by
Host: kwincometaxservice.com
URL: https://kwincometaxservice.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.143.112 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
gator4178.hostgator.com
Software
Apache /
Resource Hash
25fd4eef63593e719cd064789871c5bff21e61ffc4c6d660247c70e88058dc2f

Request headers

:path
/images/bargain.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kwincometaxservice.com
referer
https://kwincometaxservice.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kwincometaxservice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 08:15:47 GMT
last-modified
Fri, 25 Dec 2020 00:52:52 GMT
server
Apache
accept-ranges
bytes
content-length
1877
content-type
image/jpeg
Image-OfficeVisit.png
kwincometaxservice.com/images/
529 KB
529 KB
Image
General
Full URL
https://kwincometaxservice.com/images/Image-OfficeVisit.png
Requested by
Host: kwincometaxservice.com
URL: https://kwincometaxservice.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.143.112 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
gator4178.hostgator.com
Software
Apache /
Resource Hash
769d5493209e8b5da4fe828289e48118f56a6bc55b39603719f26cc6ac160d0f

Request headers

:path
/images/Image-OfficeVisit.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kwincometaxservice.com
referer
https://kwincometaxservice.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kwincometaxservice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 08:15:47 GMT
last-modified
Fri, 25 Dec 2020 00:53:06 GMT
server
Apache
accept-ranges
bytes
content-length
541619
content-type
image/png
Image-ComputerUpload.png
kwincometaxservice.com/images/
532 KB
532 KB
Image
General
Full URL
https://kwincometaxservice.com/images/Image-ComputerUpload.png
Requested by
Host: kwincometaxservice.com
URL: https://kwincometaxservice.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.143.112 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
gator4178.hostgator.com
Software
Apache /
Resource Hash
d0a045ae0b41859c8ac84fd36eb092976f4964193dd87cdc732321f26857e52c

Request headers

:path
/images/Image-ComputerUpload.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kwincometaxservice.com
referer
https://kwincometaxservice.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kwincometaxservice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 08:15:47 GMT
last-modified
Fri, 25 Dec 2020 00:52:59 GMT
server
Apache
accept-ranges
bytes
content-length
544515
content-type
image/png
Image-MailEnvelope.png
kwincometaxservice.com/images/
559 KB
559 KB
Image
General
Full URL
https://kwincometaxservice.com/images/Image-MailEnvelope.png
Requested by
Host: kwincometaxservice.com
URL: https://kwincometaxservice.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.143.112 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
gator4178.hostgator.com
Software
Apache /
Resource Hash
a52b1fa985f482033dc4bedda8fcc04656d8b794a398d932663a7b055109c17d

Request headers

:path
/images/Image-MailEnvelope.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kwincometaxservice.com
referer
https://kwincometaxservice.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kwincometaxservice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 08:15:47 GMT
last-modified
Fri, 25 Dec 2020 00:52:58 GMT
server
Apache
accept-ranges
bytes
content-length
571990
content-type
image/png
api.js
www.google.com/recaptcha/
850 B
762 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: kwincometaxservice.com
URL: https://kwincometaxservice.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2a299b3fc8f2cb4e4fa6093c4e79fbc3e0edaf08acbb3822c2a571bba0a37431
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://kwincometaxservice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 08:15:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
554
x-xss-protection
1; mode=block
expires
Sun, 16 May 2021 08:15:46 GMT
remote-coupon.gif
kwincometaxservice.com/images/
4 KB
4 KB
Image
General
Full URL
https://kwincometaxservice.com/images/remote-coupon.gif
Requested by
Host: kwincometaxservice.com
URL: https://kwincometaxservice.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.143.112 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
gator4178.hostgator.com
Software
Apache /
Resource Hash
73d6d1ded206e0ba38467b43eea8eb14bd20ed2d22804bb8423091a4b821117b

Request headers

:path
/images/remote-coupon.gif
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
kwincometaxservice.com
referer
https://kwincometaxservice.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kwincometaxservice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 08:15:47 GMT
last-modified
Fri, 25 Dec 2020 00:53:13 GMT
server
Apache
accept-ranges
bytes
content-length
4246
content-type
image/gif
jquery-3.4.1.min.js
kwincometaxservice.com/js/
86 KB
38 KB
Script
General
Full URL
https://kwincometaxservice.com/js/jquery-3.4.1.min.js
Requested by
Host: kwincometaxservice.com
URL: https://kwincometaxservice.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.143.112 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
gator4178.hostgator.com
Software
Apache /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Request headers

:path
/js/jquery-3.4.1.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
kwincometaxservice.com
referer
https://kwincometaxservice.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kwincometaxservice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 08:15:46 GMT
content-encoding
gzip
last-modified
Fri, 25 Dec 2020 00:53:19 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
application/javascript
popper.min.js
kwincometaxservice.com/js/
21 KB
9 KB
Script
General
Full URL
https://kwincometaxservice.com/js/popper.min.js
Requested by
Host: kwincometaxservice.com
URL: https://kwincometaxservice.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.143.112 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
gator4178.hostgator.com
Software
Apache /
Resource Hash
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060

Request headers

:path
/js/popper.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
kwincometaxservice.com
referer
https://kwincometaxservice.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kwincometaxservice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 08:15:47 GMT
content-encoding
gzip
last-modified
Fri, 25 Dec 2020 00:53:20 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
8978
bootstrap-4.4.1.js
kwincometaxservice.com/js/
132 KB
42 KB
Script
General
Full URL
https://kwincometaxservice.com/js/bootstrap-4.4.1.js
Requested by
Host: kwincometaxservice.com
URL: https://kwincometaxservice.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
108.167.143.112 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
gator4178.hostgator.com
Software
Apache /
Resource Hash
eba7fab904d092f1c5f23a6788b5898e7b5e11f990682fed01315ec3f9d3040f

Request headers

:path
/js/bootstrap-4.4.1.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
kwincometaxservice.com
referer
https://kwincometaxservice.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://kwincometaxservice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 08:15:47 GMT
content-encoding
gzip
last-modified
Fri, 25 Dec 2020 00:53:18 GMT
server
Apache
accept-ranges
bytes
vary
Accept-Encoding
content-type
application/javascript
source-sans-pro:n2,n4,n6:default;pt-sans:n4,n7:default.js
use.edgefonts.net/
0
0

truncated
/
156 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9701ff96675266ed2a8c5c2086ca44d6a0338dc114fe66a58dbdea9f4182e71

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
157 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d0055e6d8cfd78504ea3bfeb93b24bafd670e051503e4f69c2bd26c72148a7a

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
recaptcha__en.js
www.gstatic.com/recaptcha/releases/f-bnnOuahiYKuei7dmAd3kgv/
335 KB
131 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/f-bnnOuahiYKuei7dmAd3kgv/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee8f2a6ea8c02259b3f4d068d0607f92ba9cd2a6f06d915ca317b75a39676932
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://kwincometaxservice.com
Referer
https://kwincometaxservice.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 22:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33925
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134136
x-xss-protection
0
last-modified
Tue, 11 May 2021 21:19:12 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 May 2022 22:50:22 GMT
anchor
www.google.com/recaptcha/api2/ Frame E93C
39 KB
20 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le6olsUAAAAAOcvP9_R0zPyiM8i1yWrcrb40z22&co=aHR0cHM6Ly9rd2luY29tZXRheHNlcnZpY2UuY29tOjQ0Mw..&hl=en&v=f-bnnOuahiYKuei7dmAd3kgv&size=normal&cb=hvm2cmlpoehn
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/f-bnnOuahiYKuei7dmAd3kgv/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d48fa6852f68c17763182c99821aac4308aa83da16776d7dc1ba61d6c6aeaf9e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8lC8idqLxnMSRQBSf1aoQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/anchor?ar=1&k=6Le6olsUAAAAAOcvP9_R0zPyiM8i1yWrcrb40z22&co=aHR0cHM6Ly9rd2luY29tZXRheHNlcnZpY2UuY29tOjQ0Mw..&hl=en&v=f-bnnOuahiYKuei7dmAd3kgv&size=normal&cb=hvm2cmlpoehn
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kwincometaxservice.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://kwincometaxservice.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 16 May 2021 08:15:48 GMT
content-security-policy
script-src 'report-sample' 'nonce-8lC8idqLxnMSRQBSf1aoQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20099
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/f-bnnOuahiYKuei7dmAd3kgv/ Frame E93C
51 KB
25 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/f-bnnOuahiYKuei7dmAd3kgv/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le6olsUAAAAAOcvP9_R0zPyiM8i1yWrcrb40z22&co=aHR0cHM6Ly9rd2luY29tZXRheHNlcnZpY2UuY29tOjQ0Mw..&hl=en&v=f-bnnOuahiYKuei7dmAd3kgv&size=normal&cb=hvm2cmlpoehn
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94b328f86382cda7d83cebb40ee8dd8f567582a60ba91a90a37f490b0f0edefa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 02:51:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 May 2021 21:19:12 GMT
server
sffe
age
19441
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25722
x-xss-protection
0
expires
Mon, 16 May 2022 02:51:47 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/f-bnnOuahiYKuei7dmAd3kgv/ Frame E93C
335 KB
131 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/f-bnnOuahiYKuei7dmAd3kgv/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le6olsUAAAAAOcvP9_R0zPyiM8i1yWrcrb40z22&co=aHR0cHM6Ly9rd2luY29tZXRheHNlcnZpY2UuY29tOjQ0Mw..&hl=en&v=f-bnnOuahiYKuei7dmAd3kgv&size=normal&cb=hvm2cmlpoehn
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee8f2a6ea8c02259b3f4d068d0607f92ba9cd2a6f06d915ca317b75a39676932
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 22:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33926
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134136
x-xss-protection
0
last-modified
Tue, 11 May 2021 21:19:12 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 May 2022 22:50:22 GMT
truncated
/ Frame E93C
14 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame E93C
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame E93C
2 KB
2 KB
Image
General
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/f-bnnOuahiYKuei7dmAd3kgv/styles__ltr.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.gstatic.com/recaptcha/releases/f-bnnOuahiYKuei7dmAd3kgv/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 12 May 2021 19:52:31 GMT
x-content-type-options
nosniff
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
age
303797
content-type
image/png
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
expires
Wed, 19 May 2021 19:52:31 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E93C
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le6olsUAAAAAOcvP9_R0zPyiM8i1yWrcrb40z22&co=aHR0cHM6Ly9rd2luY29tZXRheHNlcnZpY2UuY29tOjQ0Mw..&hl=en&v=f-bnnOuahiYKuei7dmAd3kgv&size=normal&cb=hvm2cmlpoehn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.google.com
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 11 May 2021 21:46:00 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
age
383388
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
expires
Wed, 11 May 2022 21:46:00 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame E93C
102 B
132 B
Other
General
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=f-bnnOuahiYKuei7dmAd3kgv
Requested by
Host: kwincometaxservice.com
URL: https://kwincometaxservice.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1fb0140eac079c8f8cc4df2380db9cf976d01b110e68e3924d5dbee0c54bc430
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le6olsUAAAAAOcvP9_R0zPyiM8i1yWrcrb40z22&co=aHR0cHM6Ly9rd2luY29tZXRheHNlcnZpY2UuY29tOjQ0Mw..&hl=en&v=f-bnnOuahiYKuei7dmAd3kgv&size=normal&cb=hvm2cmlpoehn
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 08:15:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Sun, 16 May 2021 08:15:48 GMT
bframe
www.google.com/recaptcha/api2/ Frame 4E7B
7 KB
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/bframe?hl=en&v=f-bnnOuahiYKuei7dmAd3kgv&k=6Le6olsUAAAAAOcvP9_R0zPyiM8i1yWrcrb40z22&cb=834eo36a42ae
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/f-bnnOuahiYKuei7dmAd3kgv/recaptcha__en.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
74ba5eb3e450e25271fed2775fd5020df63f1ba8980c4c640cb81c74c6e11e0b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Uo9r9rwphv3LoY18aq/G/A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/bframe?hl=en&v=f-bnnOuahiYKuei7dmAd3kgv&k=6Le6olsUAAAAAOcvP9_R0zPyiM8i1yWrcrb40z22&cb=834eo36a42ae
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://kwincometaxservice.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://kwincometaxservice.com/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 16 May 2021 08:15:48 GMT
content-security-policy
script-src 'report-sample' 'nonce-Uo9r9rwphv3LoY18aq/G/A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
1109
server
GSE
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/f-bnnOuahiYKuei7dmAd3kgv/ Frame 4E7B
51 KB
25 KB
Stylesheet
General
Full URL
https://www.gstatic.com/recaptcha/releases/f-bnnOuahiYKuei7dmAd3kgv/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=f-bnnOuahiYKuei7dmAd3kgv&k=6Le6olsUAAAAAOcvP9_R0zPyiM8i1yWrcrb40z22&cb=834eo36a42ae
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
94b328f86382cda7d83cebb40ee8dd8f567582a60ba91a90a37f490b0f0edefa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 16 May 2021 02:51:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 11 May 2021 21:19:12 GMT
server
sffe
age
19441
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25722
x-xss-protection
0
expires
Mon, 16 May 2022 02:51:47 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/f-bnnOuahiYKuei7dmAd3kgv/ Frame 4E7B
335 KB
131 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/f-bnnOuahiYKuei7dmAd3kgv/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=f-bnnOuahiYKuei7dmAd3kgv&k=6Le6olsUAAAAAOcvP9_R0zPyiM8i1yWrcrb40z22&cb=834eo36a42ae
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee8f2a6ea8c02259b3f4d068d0607f92ba9cd2a6f06d915ca317b75a39676932
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 15 May 2021 22:50:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33926
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134136
x-xss-protection
0
last-modified
Tue, 11 May 2021 21:19:12 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 May 2022 22:50:22 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
use.edgefonts.net
URL
http://use.edgefonts.net/source-sans-pro:n2,n4,n6:default;pt-sans:n4,n7:default.js

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| __adobewebfontsappname__ object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| $ function| jQuery object| recaptcha function| Popper object| bootstrap object| closure_lm_321650

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
kwincometaxservice.com
use.edgefonts.net
use.fontawesome.com
www.google.com
www.gstatic.com
use.edgefonts.net
108.167.143.112
23.111.9.35
2a00:1450:4001:80e::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2003
038ecec312ff9c0374c9d8831534865fb7ed6df4c94ca822274cea0ae4cf0e1e
081ae522e2c4119df12e5126a2c25306b9710c6a43b62bb1d35bd0e83c3e0893
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1fb0140eac079c8f8cc4df2380db9cf976d01b110e68e3924d5dbee0c54bc430
25fd4eef63593e719cd064789871c5bff21e61ffc4c6d660247c70e88058dc2f
261f46863a9f27b68a748d582b21b1288c22f33b5f5ccff4a13308c3bb09f63e
2a299b3fc8f2cb4e4fa6093c4e79fbc3e0edaf08acbb3822c2a571bba0a37431
2d82573c4433c3fdd968a97e923c4f4cd4ac977b86a475f55a468988ab985bb9
3203de3a2e6ba3639ac09de55de2c66ba192a2201d0ff6c5a00d6132c3d25aaf
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
73d6d1ded206e0ba38467b43eea8eb14bd20ed2d22804bb8423091a4b821117b
74ba5eb3e450e25271fed2775fd5020df63f1ba8980c4c640cb81c74c6e11e0b
769d5493209e8b5da4fe828289e48118f56a6bc55b39603719f26cc6ac160d0f
842592eba892cada0be976c01ce002d5473462268a9401927912c9d66481c5d6
8bac73d7e2bd8be3af59ac72b688c49dfc22df78390299b2bdf1c759443bd1a8
8d0055e6d8cfd78504ea3bfeb93b24bafd670e051503e4f69c2bd26c72148a7a
94b328f86382cda7d83cebb40ee8dd8f567582a60ba91a90a37f490b0f0edefa
a52b1fa985f482033dc4bedda8fcc04656d8b794a398d932663a7b055109c17d
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
c9701ff96675266ed2a8c5c2086ca44d6a0338dc114fe66a58dbdea9f4182e71
cf753d59a225a95fbd818ddcb7377256e03fb6af939784243f98f514cda16ad8
d0a045ae0b41859c8ac84fd36eb092976f4964193dd87cdc732321f26857e52c
d33c95f08444fc66d49f5baf14d747f21bcdfbc75c978a4ba7cb3cdadf14c3e4
d48fa6852f68c17763182c99821aac4308aa83da16776d7dc1ba61d6c6aeaf9e
eba7fab904d092f1c5f23a6788b5898e7b5e11f990682fed01315ec3f9d3040f
ee8f2a6ea8c02259b3f4d068d0607f92ba9cd2a6f06d915ca317b75a39676932