www.ustaxdefense.org Open in urlscan Pro
172.81.118.28 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3kNO3OJ#12972clh24433148msa26897yue83648edp3239amz14814yzo
Effective URL:
https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1933&sub1=822468&sub2=660115517&sub3=&transaction_id=1026bf5f397d6...
Submission: On September 27 via api (September 27th 2021, 10:55:26 pm UTC) from BE — Scanned from DE

Summary HTTP 29 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 7 domains to perform 29 HTTP transactions. The main IP is 172.81.118.28, located in United States and belongs to IMH-IAD, US. The main domain is www.ustaxdefense.org.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 19th 2021. Valid for: 3 months.

This is the only time www.ustaxdefense.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 2	103.109.36.226 103.109.36.226	135942 (ADSOTA-AS...) (ADSOTA-AS-VN Adsota Corporation)
1 1	69.197.143.251 69.197.143.251	32097 (WII) (WII)
1 1	54.72.240.173 54.72.240.173	16509 (AMAZON-02) (AMAZON-02)
8	172.81.118.28 172.81.118.28	54641 (IMH-IAD) (IMH-IAD)
1	69.16.175.42 69.16.175.42	20446 (HIGHWINDS3) (HIGHWINDS3)
14	65.9.58.86 65.9.58.86	16509 (AMAZON-02) (AMAZON-02)
1 4	44.194.208.110 44.194.208.110	14618 (AMAZON-AES) (AMAZON-AES)
2	99.86.4.53 99.86.4.53	16509 (AMAZON-02) (AMAZON-02)
29	6

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.109.36.226 (Viet Nam) 1 redirects

ASN135942 (ADSOTA-AS-VN Adsota Corporation, VN)
PTR: dc36.kdata.vn

103.109.36.226	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.197.143.251 (United States) 1 redirects

ASN32097 (WII, US)

www.antongsand.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.240.173 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-240-173.eu-west-1.compute.amazonaws.com

go.nerdingout11.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.81.118.28 (United States)

ASN54641 (IMH-IAD, US)
PTR: ded5652.inmotionhosting.com

www.ustaxdefense.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: tlb.hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 65.9.58.86 (United States)

ASN16509 (AMAZON-02, US)

dhozj507pfmqc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.194.208.110 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-194-208-110.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-53.fra6.r.cloudfront.net

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	cloudfront.net dhozj507pfmqc.cloudfront.net	543 KB
8	ustaxdefense.org www.ustaxdefense.org	380 KB
6	trustedform.com 1 redirects api.trustedform.com cdn.trustedform.com	36 KB
1	jquery.com code.jquery.com	33 KB
1	nerdingout11.com 1 redirects go.nerdingout11.com	2 KB
1	antongsand.com 1 redirects www.antongsand.com	372 B
1	bit.ly 1 redirects bit.ly	255 B
29	7

	Domain	Requested by
14	dhozj507pfmqc.cloudfront.net	www.ustaxdefense.org cdn.trustedform.com
8	www.ustaxdefense.org	103.109.36.226 www.ustaxdefense.org
4	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
2	cdn.trustedform.com	www.ustaxdefense.org api.trustedform.com
1	code.jquery.com	www.ustaxdefense.org
1	go.nerdingout11.com	1 redirects
1	www.antongsand.com	1 redirects
1	bit.ly	1 redirects
29	8

This site contains no links.

Subject Issuer	Validity	Valid
ustaxdefense.org cPanel, Inc. Certification Authority	`2021-08-19` - `2021-11-17`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
cdn.trustedform.com Amazon	`2021-05-14` - `2022-06-12`	a year	crt.sh
*.trustedform.com Amazon	`2020-11-11` - `2021-12-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1933&sub1=822468&sub2=660115517&sub3=&transaction_id=1026bf5f397d6cb4f7b3ad4a870a8a
Frame ID: F747F32BD4243966B0E75BC128E80792
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

US TAX DEFENSE

Page URL History Show full URLs

https://bit.ly/3kNO3OJ HTTP 301
http://103.109.36.226/shorten.php Page URL
http://103.109.36.226/12972clh24433148msa26897yue83648edp3239amz14814yzo HTTP 302
https://www.antongsand.com/vjMcsZmGJP5-a_NvmuO3DEKu5weIZUOB85yeoY6XRP9gyEFqRHPq9OzYpHyzX1silr6LKHWIDMTI... HTTP 302
http://go.nerdingout11.com/aff_c?offer_id=662&aff_id=1933&aff_sub=822468&aff_sub2=660115517 HTTP 302
https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1933&sub1=822468&sub2=660115517&sub3=&transact... Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

29
Requests

97 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

6
IPs

3
Countries

992 kB
Transfer

1106 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3kNO3OJ HTTP 301
http://103.109.36.226/shorten.php Page URL
http://103.109.36.226/12972clh24433148msa26897yue83648edp3239amz14814yzo HTTP 302
https://www.antongsand.com/vjMcsZmGJP5-a_NvmuO3DEKu5weIZUOB85yeoY6XRP9gyEFqRHPq9OzYpHyzX1silr6LKHWIDMTI4FYmIt1fwA~~/1120/12972/24433148 HTTP 302
http://go.nerdingout11.com/aff_c?offer_id=662&aff_id=1933&aff_sub=822468&aff_sub2=660115517 HTTP 302
https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1933&sub1=822468&sub2=660115517&sub3=&transaction_id=1026bf5f397d6cb4f7b3ad4a870a8a Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://bit.ly/3kNO3OJ HTTP 301
http://103.109.36.226/shorten.php

Request Chain 17

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16327833244400.33312318715596123 HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16327833244400.33312318715596123

29 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	shorten.php 103.109.36.226/ Redirect Chain https://bit.ly/3kNO3OJ http://103.109.36.226/shorten.php	237 B 498 B	556ms 278ms	Document text/html	103.109.36.226 ADSOTA-AS-VN Adso...
General Check archive.org Show headers Download Go to Full URL http://103.109.36.226/shorten.php Protocol HTTP/1.1 Server 103.109.36.226 , Viet Nam, ASN135942 (ADSOTA-AS-VN Adsota Corporation, VN), Reverse DNS dc36.kdata.vn Software Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 / PHP/5.4.16 Resource Hash Request headers Host 103.109.36.226 Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers Date Mon, 27 Sep 2021 22:55:21 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 X-Powered-By PHP/5.4.16 Content-Length 237 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html; charset=UTF-8 Redirect headers server nginx date Mon, 27 Sep 2021 22:55:20 GMT content-type text/html; charset=utf-8 content-length 120 cache-control private, max-age=90 content-security-policy referrer always; location http://103.109.36.226/shorten.php referrer-policy unsafe-url set-cookie _bit=l8rmTk-b2f253331523804c92-00t; Domain=bit.ly; Expires=Sat, 26 Mar 2022 22:55:20 GMT via 1.1 google alt-svc clear
GET H/1.1	200 OK	Primary Request index.php Show response www.ustaxdefense.org/ Redirect Chain http://103.109.36.226/12972clh24433148msa26897yue83648edp3239amz14814yzo https://www.antongsand.com/vjMcsZmGJP5-a_NvmuO3DEKu5weIZUOB85yeoY6XRP9gyEFqRHPq9OzYpHyzX1silr6LKHWIDMTI4FYmIt1fwA~~/1120/12972/24433148 http://go.nerdingout11.com/aff_c?offer_id=662&aff_id=1933&aff_sub=822468&aff_sub2=660115517 https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1933&sub1=822468&sub2=660115517&sub3=&transaction_id=1026bf5f397d6cb4f7b3ad4a870a8a	9 KB 9 KB	694ms 96ms	Document text/html	172.81.118.28 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1933&sub1=822468&sub2=660115517&sub3=&transaction_id=1026bf5f397d6cb4f7b3ad4a870a8a Requested by Host: 103.109.36.226 URL: http://103.109.36.226/shorten.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.81.118.28 , United States, ASN54641 (IMH-IAD, US), Reverse DNS ded5652.inmotionhosting.com Software Apache / Resource Hash `2a00b72a8e9f429d50921f6bdc64e407d5eaac580d48d473264bc7c63f911e1e` Request headers Host www.ustaxdefense.org Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest document Referer http://103.109.36.226/ Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer http://103.109.36.226/shorten.php#12972clh24433148msa26897yue83648edp3239amz14814yzo Response headers Date Mon, 27 Sep 2021 22:55:24 GMT Server Apache Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Redirect headers Server nginx Date Mon, 27 Sep 2021 22:55:23 GMT Content-Type text/html; charset=iso-8859-1 Content-Length 346 Connection keep-alive Cache-Control no-cache, no-store, must-revalidate Expires Sat, 26 Jul 1997 05:00:00 GMT Location https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1933&sub1=822468&sub2=660115517&sub3=&transaction_id=1026bf5f397d6cb4f7b3ad4a870a8a P3p CP="NOI CUR OUR NOR INT" Pragma no-cache Set-Cookie enc_aff_session_662=ENC03567ccd31da27550ae2010643b489449d6ffeebfd61d865cddb468c98142bcdad8ad306ae48ade7264e2bb45dc3430f89a02c8d481f9247d03dc9755238f72b21ca33ef14d0bf4c64158b56dd3c89a05c8e94108150a00299a2ad95e63d1a393cf0d4ef518c5e3ca1dd990308c654112a1098855c155506c146644305425b658741e38a629592a7e123cd6e7a6cfd563d0600bb1e66d257c7c7673e7a68e085e50f28c2b8; expires=Wed, 27 Oct 2021 22:55:23 GMT; path=/; SameSite=None; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5My4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS85My4wLjQ1NzcuNjMgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImRlLURFLGRlO3E9MC45IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9; expires=Thu, 22 Aug 2024 09:35:23 GMT; path=/; SameSite=None; Secure Tracking_id 1026bf5f397d6cb4f7b3ad4a870a8a X-Robots-Tag noindex, nofollow Access-Control-Allow-Origin * X-Request-Id 13e033cadc527d8fc2c1c861761b5697 Access-Control-Allow-Headers Tune-SDK-Version
GET H/1.1	200 OK	style.css www.ustaxdefense.org/css/	8 KB 8 KB	94ms 94ms	Stylesheet text/css	172.81.118.28 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://www.ustaxdefense.org/css/style.css Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1933&sub1=822468&sub2=660115517&sub3=&transaction_id=1026bf5f397d6cb4f7b3ad4a870a8a Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.81.118.28 , United States, ASN54641 (IMH-IAD, US), Reverse DNS ded5652.inmotionhosting.com Software Apache / Resource Hash `3d4219ba46c268a82d95117635a50aca746eec89f71d967955ce3ad640d03e05` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host www.ustaxdefense.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,/;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1933&sub1=822468&sub2=660115517&sub3=&transaction_id=1026bf5f397d6cb4f7b3ad4a870a8a Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1933&sub1=822468&sub2=660115517&sub3=&transaction_id=1026bf5f397d6cb4f7b3ad4a870a8a User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 27 Sep 2021 22:55:24 GMT Last-Modified Wed, 27 Jun 2018 01:43:31 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 8202
GET H/1.1	200 OK	responsive.css www.ustaxdefense.org/css/	6 KB 7 KB	93ms 93ms	Stylesheet text/css	172.81.118.28 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://www.ustaxdefense.org/css/responsive.css Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1933&sub1=822468&sub2=660115517&sub3=&transaction_id=1026bf5f397d6cb4f7b3ad4a870a8a Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.81.118.28 , United States, ASN54641 (IMH-IAD, US), Reverse DNS ded5652.inmotionhosting.com Software Apache / Resource Hash `3f60cdedb71d6480a9425a3de601c7a0b61933913e24104f874f8c931a1e384e` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host www.ustaxdefense.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept text/css,/;q=0.1 Cache-Control no-cache Sec-Fetch-Dest style Referer https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1933&sub1=822468&sub2=660115517&sub3=&transaction_id=1026bf5f397d6cb4f7b3ad4a870a8a Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1933&sub1=822468&sub2=660115517&sub3=&transaction_id=1026bf5f397d6cb4f7b3ad4a870a8a User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 27 Sep 2021 22:55:24 GMT Last-Modified Wed, 27 Jun 2018 01:43:37 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 6548
GET H/1.1	200 OK	button.js Show response www.ustaxdefense.org/js/	1 KB 1 KB	186ms 92ms	Script application/javascript	172.81.118.28 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://www.ustaxdefense.org/js/button.js Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1933&sub1=822468&sub2=660115517&sub3=&transaction_id=1026bf5f397d6cb4f7b3ad4a870a8a Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.81.118.28 , United States, ASN54641 (IMH-IAD, US), Reverse DNS ded5652.inmotionhosting.com Software Apache / Resource Hash `ec14c2b971443ca7322f04a1b65dc70974ad71f470d4726cea33d482a86215a2` Request headers Pragma no-cache Sec-Fetch-Site same-origin Accept-Encoding gzip, deflate, br Host www.ustaxdefense.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode no-cors Accept / Cache-Control no-cache Sec-Fetch-Dest script Referer https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1933&sub1=822468&sub2=660115517&sub3=&transaction_id=1026bf5f397d6cb4f7b3ad4a870a8a Connection keep-alive Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1933&sub1=822468&sub2=660115517&sub3=&transaction_id=1026bf5f397d6cb4f7b3ad4a870a8a User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 27 Sep 2021 22:55:24 GMT Last-Modified Sat, 05 Aug 2017 22:06:37 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1087
GET H2	200	jquery-latest.min.js Show response code.jquery.com/	94 KB 33 KB	52ms 16ms	Script application/javascript	69.16.175.42 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-latest.min.js Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1933&sub1=822468&sub2=660115517&sub3=&transaction_id=1026bf5f397d6cb4f7b3ad4a870a8a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 69.16.175.42 , United States, ASN20446 (HIGHWINDS3, US), Reverse DNS tlb.hwcdn.net Software nginx / Resource Hash `540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 27 Sep 2021 22:55:24 GMT content-encoding gzip last-modified Fri, 24 Oct 2014 00:16:08 GMT server nginx etag "54499a48-1762a" vary Accept-Encoding x-hw 1632783324.dop237.am5.t,1632783324.cds110.am5.hn,1632783324.cds146.am5.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 33202
GET H2	200	us-tax-defense-logo.jpg dhozj507pfmqc.cloudfront.net/sites/1002/images/	33 KB 33 KB	59ms 14ms	Image image/jpeg	65.9.58.86 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dhozj507pfmqc.cloudfront.net/sites/1002/images/us-tax-defense-logo.jpg Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1933&sub1=822468&sub2=660115517&sub3=&transaction_id=1026bf5f397d6cb4f7b3ad4a870a8a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.58.86 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash `e7ef5da3c7f69950571db2adc0d8ced92038a5901e0097dd789b54d9de1adfcc` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 27 Sep 2021 17:12:18 GMT via 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2017 22:04:07 GMT server Apache age 20586 x-edge-origin-shield-skipped 0 content-type image/jpeg x-cache Hit from cloudfront x-amz-cf-pop FRA56-C1 accept-ranges bytes content-length 33750 x-amz-cf-id 9dhRRsqOE5tpx77QA7kRE5XYGBLzDD1SW3tBfE_l3WbpF7UNlmmuYw==
GET H2	200	top-right-logos.png dhozj507pfmqc.cloudfront.net/sites/1002/images/	12 KB 12 KB	17ms 16ms	Image image/png	65.9.58.86 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dhozj507pfmqc.cloudfront.net/sites/1002/images/top-right-logos.png Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1933&sub1=822468&sub2=660115517&sub3=&transaction_id=1026bf5f397d6cb4f7b3ad4a870a8a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.58.86 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash `ad014ff719a6356c0f09bada37ae5d43c836c939938275e943bd27ffcb363d6e` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 27 Sep 2021 19:03:03 GMT via 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront) last-modified Wed, 24 Jul 2019 15:38:26 GMT server Apache age 13941 x-edge-origin-shield-skipped 0 content-type image/png x-cache Hit from cloudfront x-amz-cf-pop FRA56-C1 accept-ranges bytes content-length 12249 x-amz-cf-id BCk3AM7oPyc05Z4eVjeAlmHuOOlURzn7-62KZyHZ44ULGy-2syVuEw==
GET H2	200	seen-on-bg.jpg dhozj507pfmqc.cloudfront.net/sites/1002/images/	12 KB 12 KB	11ms 10ms	Image image/jpeg	65.9.58.86 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dhozj507pfmqc.cloudfront.net/sites/1002/images/seen-on-bg.jpg Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1933&sub1=822468&sub2=660115517&sub3=&transaction_id=1026bf5f397d6cb4f7b3ad4a870a8a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.58.86 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash `64bc06c9dc8775903f678cf5602492761161ee981315c188a53200ced5f1442b` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 27 Sep 2021 19:03:03 GMT via 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2017 22:04:06 GMT server Apache age 13941 x-edge-origin-shield-skipped 0 content-type image/jpeg x-cache Hit from cloudfront x-amz-cf-pop FRA56-C1 accept-ranges bytes content-length 12252 x-amz-cf-id ocon-O7jGm9KgFp_euw4CbempFuJxTXWKLbcujyBy5elY2_KNMhiCA==
GET H2	200	welcome-left-bg.png dhozj507pfmqc.cloudfront.net/sites/1002/images/	157 KB 158 KB	11ms 11ms	Image image/png	65.9.58.86 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dhozj507pfmqc.cloudfront.net/sites/1002/images/welcome-left-bg.png Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1933&sub1=822468&sub2=660115517&sub3=&transaction_id=1026bf5f397d6cb4f7b3ad4a870a8a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.58.86 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash `de30344e9a5cff6eeb3a4a95fc67158b3b0cf28ede574c109bbec94b564472bf` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 27 Sep 2021 19:03:03 GMT via 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2017 22:04:09 GMT server Apache age 13941 x-edge-origin-shield-skipped 0 content-type image/png x-cache Hit from cloudfront x-amz-cf-pop FRA56-C1 accept-ranges bytes content-length 161081 x-amz-cf-id RhLU2u4FgwRgVd9rMQ0VPSp2kr7fXTEuu5mG7KX_hfww72p1oXO4bg==
GET H2	200	evaluation-normal-button.jpg dhozj507pfmqc.cloudfront.net/sites/1002/images/	8 KB 8 KB	20ms 20ms	Image image/jpeg	65.9.58.86 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dhozj507pfmqc.cloudfront.net/sites/1002/images/evaluation-normal-button.jpg Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1933&sub1=822468&sub2=660115517&sub3=&transaction_id=1026bf5f397d6cb4f7b3ad4a870a8a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.58.86 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash `0b730aa72b4d84271ea7be37cd849e6e54f6fe7eacf5e2c5a993f5e8b65a3ce0` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 27 Sep 2021 19:03:03 GMT via 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2017 22:04:03 GMT server Apache age 13941 x-edge-origin-shield-skipped 0 content-type image/jpeg x-cache Hit from cloudfront x-amz-cf-pop FRA56-C1 accept-ranges bytes content-length 8051 x-amz-cf-id H8pvKFxod5B5V3PTu4-chG5yAAwTDWzwUwv3yl7VxTmiOA-1uIXo0g==
GET H2	200	welcome-inside-bg.jpg dhozj507pfmqc.cloudfront.net/sites/1002/images/	2 KB 2 KB	22ms 20ms	Image image/jpeg	65.9.58.86 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dhozj507pfmqc.cloudfront.net/sites/1002/images/welcome-inside-bg.jpg Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.58.86 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash `e04902cb8d591b22813f665be2bc146ece30400643efea6f12efc056edad981a` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 27 Sep 2021 14:11:45 GMT via 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2017 22:04:09 GMT server Apache age 31418 x-edge-origin-shield-skipped 0 content-type image/jpeg x-cache Hit from cloudfront x-amz-cf-pop FRA56-C1 accept-ranges bytes content-length 1818 x-amz-cf-id m0qzEcRA2wouRyryrFqRGyUq2GlzIiLvlnuXvxTblDeP5Jv_iqalvQ==
GET H2	200	welcome-bg.jpg dhozj507pfmqc.cloudfront.net/sites/1002/images/	82 KB 83 KB	12ms 11ms	Image image/jpeg	65.9.58.86 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dhozj507pfmqc.cloudfront.net/sites/1002/images/welcome-bg.jpg Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.58.86 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash `a7c84e0797c80785d8123860ed09e1f09efe26488e255475d9ef37f897f0ce43` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 27 Sep 2021 19:03:03 GMT via 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2017 22:04:09 GMT server Apache age 13941 x-edge-origin-shield-skipped 0 content-type image/jpeg x-cache Hit from cloudfront x-amz-cf-pop FRA56-C1 accept-ranges bytes content-length 84378 x-amz-cf-id wsC2ayc1Zd4xHh0ggcHyUvsrQkFs-hFRoZ_LmnOvcCLWe8fOyeCn3A==
GET H2	200	right-arrow.png dhozj507pfmqc.cloudfront.net/sites/1002/images/	2 KB 2 KB	11ms 10ms	Image image/png	65.9.58.86 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dhozj507pfmqc.cloudfront.net/sites/1002/images/right-arrow.png Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.58.86 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash `c66a78f08a25909a6be6a4b762217eb7a176dd7f5ae7bb20c5807510411b591d` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 27 Sep 2021 19:03:03 GMT via 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2017 22:04:04 GMT server Apache age 13941 x-edge-origin-shield-skipped 0 content-type image/png x-cache Hit from cloudfront x-amz-cf-pop FRA56-C1 accept-ranges bytes content-length 2232 x-amz-cf-id AAyrcvlLNCzlM4-jj9qjVhLFpmEMKpbKxD-tz5sqiN2WpO6AzhEAXQ==
GET H/1.1	200 OK	Lato-Black.ttf www.ustaxdefense.org/	87 KB 88 KB	95ms 93ms	Font font/ttf	172.81.118.28 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://www.ustaxdefense.org/Lato-Black.ttf Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/css/style.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.81.118.28 , United States, ASN54641 (IMH-IAD, US), Reverse DNS ded5652.inmotionhosting.com Software Apache / Resource Hash `54db141f62decc2eff9a8fbd6f4abbc168930c87248c5dd15927e2b807b59602` Request headers Pragma no-cache Sec-Fetch-Site same-origin Origin https://www.ustaxdefense.org Accept-Encoding gzip, deflate, br Host www.ustaxdefense.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Accept / Cache-Control no-cache Sec-Fetch-Dest font Referer https://www.ustaxdefense.org/css/style.css Connection keep-alive Referer https://www.ustaxdefense.org/css/style.css Origin https://www.ustaxdefense.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 27 Sep 2021 22:55:24 GMT Last-Modified Sat, 05 Aug 2017 22:06:35 GMT Server Apache Content-Type font/ttf Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 89448
GET H/1.1	200 OK	Lato-Italic.ttf www.ustaxdefense.org/	82 KB 82 KB	94ms 92ms	Font font/ttf	172.81.118.28 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://www.ustaxdefense.org/Lato-Italic.ttf Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/css/style.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.81.118.28 , United States, ASN54641 (IMH-IAD, US), Reverse DNS ded5652.inmotionhosting.com Software Apache / Resource Hash `216f31d03ced35bd38c606cda5aa23c7fd78688679aec98d19a24cbf7c8912ed` Request headers Pragma no-cache Sec-Fetch-Site same-origin Origin https://www.ustaxdefense.org Accept-Encoding gzip, deflate, br Host www.ustaxdefense.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Accept / Cache-Control no-cache Sec-Fetch-Dest font Referer https://www.ustaxdefense.org/css/style.css Connection keep-alive Referer https://www.ustaxdefense.org/css/style.css Origin https://www.ustaxdefense.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 27 Sep 2021 22:55:24 GMT Last-Modified Sat, 05 Aug 2017 22:06:34 GMT Server Apache Content-Type font/ttf Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 83680
GET H/1.1	200 OK	Lato-Bold.ttf www.ustaxdefense.org/	91 KB 91 KB	94ms 93ms	Font font/ttf	172.81.118.28 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://www.ustaxdefense.org/Lato-Bold.ttf Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/css/style.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.81.118.28 , United States, ASN54641 (IMH-IAD, US), Reverse DNS ded5652.inmotionhosting.com Software Apache / Resource Hash `ca182edc7135b49762bccd4e05d417abc9168b2ede7433e6f5ab412fa3d4cc8a` Request headers Pragma no-cache Sec-Fetch-Site same-origin Origin https://www.ustaxdefense.org Accept-Encoding gzip, deflate, br Host www.ustaxdefense.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Accept / Cache-Control no-cache Sec-Fetch-Dest font Referer https://www.ustaxdefense.org/css/style.css Connection keep-alive Referer https://www.ustaxdefense.org/css/style.css Origin https://www.ustaxdefense.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 27 Sep 2021 22:55:24 GMT Last-Modified Sat, 05 Aug 2017 22:06:34 GMT Server Apache Content-Type font/ttf Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 93224
GET H/1.1	200 OK	Lato-Regular.ttf www.ustaxdefense.org/	94 KB 94 KB	276ms 94ms	Font font/ttf	172.81.118.28 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://www.ustaxdefense.org/Lato-Regular.ttf Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/css/style.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.81.118.28 , United States, ASN54641 (IMH-IAD, US), Reverse DNS ded5652.inmotionhosting.com Software Apache / Resource Hash `d5d1706afe013adca66defa792ca52bf29be3877c25a8354d20004a2c873c5bf` Request headers Pragma no-cache Sec-Fetch-Site same-origin Origin https://www.ustaxdefense.org Accept-Encoding gzip, deflate, br Host www.ustaxdefense.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Sec-Fetch-Mode cors Accept / Cache-Control no-cache Sec-Fetch-Dest font Referer https://www.ustaxdefense.org/css/style.css Connection keep-alive Referer https://www.ustaxdefense.org/css/style.css Origin https://www.ustaxdefense.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers Date Mon, 27 Sep 2021 22:55:24 GMT Last-Modified Sat, 05 Aug 2017 22:06:34 GMT Server Apache Content-Type font/ttf Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 96044
GET H2	200	bootstrap.js Show response cdn.trustedform.com/ Redirect Chain https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16327833244400.33312318715596123 https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16327833244400.33312318715596123	14 KB 6 KB	271ms 219ms	Script application/javascript	99.86.4.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16327833244400.33312318715596123 Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1933&sub1=822468&sub2=660115517&sub3=&transaction_id=1026bf5f397d6cb4f7b3ad4a870a8a Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-53.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash `9f74593149adc21c135cc88bba9dfb21d71504ae0f2f558e0f2fe227ff98b380` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 27 Sep 2021 22:55:25 GMT content-encoding gzip last-modified Wed, 01 Sep 2021 19:54:35 GMT server AmazonS3 x-edge-origin-shield-skipped 0 etag W/"676b14012df40978e4f1e696cb3be8f4" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript via 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 x-amz-version-id TWI9lv7C1jqnWDzOe6KyGpneY2VFzHrx x-amz-cf-id XGlG04EMxhp6m9J85LNdJun4ECW8kD7qKTXUWyXvCR9EN6i7rdRa8Q== Redirect headers location https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16327833244400.33312318715596123 date Mon, 27 Sep 2021 22:55:24 GMT server awselb/2.0 content-length 134 content-type text/html
GET H2	200	evaluation-hover-button.jpg dhozj507pfmqc.cloudfront.net/sites/1002/images/	8 KB 8 KB	11ms 10ms	Image image/jpeg	65.9.58.86 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dhozj507pfmqc.cloudfront.net/sites/1002/images/evaluation-hover-button.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.58.86 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash `e5fede04dcf930dd6b36df204b17b3e52738af0636544c17dc0461634c267608` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 27 Sep 2021 19:03:05 GMT via 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2017 22:04:03 GMT server Apache age 13940 x-edge-origin-shield-skipped 0 content-type image/jpeg x-cache Hit from cloudfront x-amz-cf-pop FRA56-C1 accept-ranges bytes content-length 7999 x-amz-cf-id ns4uaZWIYYJSU7pc_-FfUCtsynlRmncfpF5aZZbaestDTsZPgkoIqQ==
POST H2	201	certs Show response api.trustedform.com/	475 B 686 B	279ms 93ms	XHR application/json	44.194.208.110 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.trustedform.com/certs Requested by Host: api.trustedform.com URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16327833244400.33312318715596123 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.194.208.110 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-194-208-110.compute-1.amazonaws.com Software Cowboy / Resource Hash `c12fb1ffb25512f21f3968513de41011ff6c7f71d86bd39bbead4f8884b89baa` Request headers Referer https://www.ustaxdefense.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers date Mon, 27 Sep 2021 22:55:25 GMT server Cowboy content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers cache-control max-age=0, private, must-revalidate access-control-allow-credentials true content-length 475
GET H2	200	trustedform-1.5.8.js Show response cdn.trustedform.com/	82 KB 29 KB	9ms 8ms	Script application/javascript	99.86.4.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.trustedform.com/trustedform-1.5.8.js Requested by Host: api.trustedform.com URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16327833244400.33312318715596123 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.4.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-4-53.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash `2325fcd937bca9732281e9f4f8960d8fb5aed726265ceb609a77f50cd7039148` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers x-amz-version-id srRHaEKZoYw77hmUBlWTeIw_odvirpEk content-encoding gzip last-modified Wed, 01 Sep 2021 19:52:13 GMT server AmazonS3 age 21 etag W/"0ea185cf3ab4939007594db03e431e63" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront) date Mon, 27 Sep 2021 22:55:24 GMT x-amz-cf-pop FRA6-C1 x-amz-cf-id TtXGK75OR_knCGB4QYcNZbbe9sx7YLFtspMw962TxeORbRxOFhnIKA==
POST H2	204	snapshot Show response api.trustedform.com/certs/456719d72deea23fc5d900988d2107dd4ae31ac7/	0 159 B	95ms 94ms	XHR text/plain	44.194.208.110 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.trustedform.com/certs/456719d72deea23fc5d900988d2107dd4ae31ac7/snapshot Requested by Host: cdn.trustedform.com URL: https://cdn.trustedform.com/trustedform-1.5.8.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.194.208.110 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-194-208-110.compute-1.amazonaws.com Software Cowboy / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://www.ustaxdefense.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Mon, 27 Sep 2021 22:55:25 GMT cache-control max-age=0, private, must-revalidate access-control-allow-credentials true server Cowboy access-control-expose-headers
GET H2	200	us-tax-defense-logo.jpg dhozj507pfmqc.cloudfront.net/sites/1002/images/	33 KB 33 KB	10ms 9ms	Image image/jpeg	65.9.58.86 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dhozj507pfmqc.cloudfront.net/sites/1002/images/us-tax-defense-logo.jpg Requested by Host: cdn.trustedform.com URL: https://cdn.trustedform.com/trustedform-1.5.8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.58.86 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash `e7ef5da3c7f69950571db2adc0d8ced92038a5901e0097dd789b54d9de1adfcc` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 27 Sep 2021 17:12:18 GMT via 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2017 22:04:07 GMT server Apache age 20587 x-edge-origin-shield-skipped 0 content-type image/jpeg x-cache Hit from cloudfront x-amz-cf-pop FRA56-C1 accept-ranges bytes content-length 33750 x-amz-cf-id 1CX304-aHu4VueJlvgsVN7YPeDzh4PG3N78e0cRbon4aNLbMEfTGbQ==
GET H2	200	top-right-logos.png dhozj507pfmqc.cloudfront.net/sites/1002/images/	12 KB 12 KB	11ms 10ms	Image image/png	65.9.58.86 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dhozj507pfmqc.cloudfront.net/sites/1002/images/top-right-logos.png Requested by Host: cdn.trustedform.com URL: https://cdn.trustedform.com/trustedform-1.5.8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.58.86 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash `ad014ff719a6356c0f09bada37ae5d43c836c939938275e943bd27ffcb363d6e` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 27 Sep 2021 19:03:03 GMT via 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront) last-modified Wed, 24 Jul 2019 15:38:26 GMT server Apache age 13942 x-edge-origin-shield-skipped 0 content-type image/png x-cache Hit from cloudfront x-amz-cf-pop FRA56-C1 accept-ranges bytes content-length 12249 x-amz-cf-id 2k-Fu-nDEZKnEHSDPfHloaqFxAwZSDUeooBnPL1My7AKQeQJ-_qxxA==
GET H2	200	seen-on-bg.jpg dhozj507pfmqc.cloudfront.net/sites/1002/images/	12 KB 12 KB	10ms 10ms	Image image/jpeg	65.9.58.86 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dhozj507pfmqc.cloudfront.net/sites/1002/images/seen-on-bg.jpg Requested by Host: cdn.trustedform.com URL: https://cdn.trustedform.com/trustedform-1.5.8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.58.86 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash `64bc06c9dc8775903f678cf5602492761161ee981315c188a53200ced5f1442b` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 27 Sep 2021 19:03:03 GMT via 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2017 22:04:06 GMT server Apache age 13942 x-edge-origin-shield-skipped 0 content-type image/jpeg x-cache Hit from cloudfront x-amz-cf-pop FRA56-C1 accept-ranges bytes content-length 12252 x-amz-cf-id 7tutMWMw6Lnet6jaHSi4TX94zDQ8TxPLMSaXzX9JSTSRG05RL6UEbg==
GET H2	200	welcome-left-bg.png dhozj507pfmqc.cloudfront.net/sites/1002/images/	157 KB 158 KB	11ms 10ms	Image image/png	65.9.58.86 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dhozj507pfmqc.cloudfront.net/sites/1002/images/welcome-left-bg.png Requested by Host: cdn.trustedform.com URL: https://cdn.trustedform.com/trustedform-1.5.8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.58.86 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash `de30344e9a5cff6eeb3a4a95fc67158b3b0cf28ede574c109bbec94b564472bf` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 27 Sep 2021 19:03:03 GMT via 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2017 22:04:09 GMT server Apache age 13942 x-edge-origin-shield-skipped 0 content-type image/png x-cache Hit from cloudfront x-amz-cf-pop FRA56-C1 accept-ranges bytes content-length 161081 x-amz-cf-id M-qdX3ADM3uZ-GifW2plgZW255VjAh5sB8FFM6_g7DxoV4A1uVf3CQ==
GET H2	200	evaluation-normal-button.jpg dhozj507pfmqc.cloudfront.net/sites/1002/images/	8 KB 8 KB	10ms 10ms	Image image/jpeg	65.9.58.86 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dhozj507pfmqc.cloudfront.net/sites/1002/images/evaluation-normal-button.jpg Requested by Host: cdn.trustedform.com URL: https://cdn.trustedform.com/trustedform-1.5.8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 65.9.58.86 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash `0b730aa72b4d84271ea7be37cd849e6e54f6fe7eacf5e2c5a993f5e8b65a3ce0` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Mon, 27 Sep 2021 19:03:03 GMT via 1.1 fdd677a35b242f0199586a71e2f6859f.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2017 22:04:03 GMT server Apache age 13942 x-edge-origin-shield-skipped 0 content-type image/jpeg x-cache Hit from cloudfront x-amz-cf-pop FRA56-C1 accept-ranges bytes content-length 8051 x-amz-cf-id JPEhiRs1C6X4RQJ4gMHzTW4C8jaJEQrcAvDHSV5DgBQAwZqJpyQoGw==
POST H2	204	fingerprints Show response api.trustedform.com/certs/456719d72deea23fc5d900988d2107dd4ae31ac7/	0 159 B	94ms 93ms	XHR text/plain	44.194.208.110 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.trustedform.com/certs/456719d72deea23fc5d900988d2107dd4ae31ac7/fingerprints Requested by Host: cdn.trustedform.com URL: https://cdn.trustedform.com/trustedform-1.5.8.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.194.208.110 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-194-208-110.compute-1.amazonaws.com Software Cowboy / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://www.ustaxdefense.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Mon, 27 Sep 2021 22:55:25 GMT cache-control max-age=0, private, must-revalidate access-control-allow-credentials true server Cowboy access-control-expose-headers

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bit.ly/	1970-01-20 01:52:15	Name: _bit Value: l8rmTk-b2f253331523804c92-00t
			.antongsand.com/	1969-12-31 23:59:59	Name: uid10452 Value: 660115517-20210927185523-b8809ddaf2f2a7291c2eb3f9b98d94bf-

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.trustedform.com
bit.ly
cdn.trustedform.com
code.jquery.com
dhozj507pfmqc.cloudfront.net
go.nerdingout11.com
www.antongsand.com
www.ustaxdefense.org
103.109.36.226
172.81.118.28
44.194.208.110
54.72.240.173
65.9.58.86
67.199.248.10
69.16.175.42
69.197.143.251
99.86.4.53
0b730aa72b4d84271ea7be37cd849e6e54f6fe7eacf5e2c5a993f5e8b65a3ce0
216f31d03ced35bd38c606cda5aa23c7fd78688679aec98d19a24cbf7c8912ed
2325fcd937bca9732281e9f4f8960d8fb5aed726265ceb609a77f50cd7039148
2a00b72a8e9f429d50921f6bdc64e407d5eaac580d48d473264bc7c63f911e1e
3d4219ba46c268a82d95117635a50aca746eec89f71d967955ce3ad640d03e05
3f60cdedb71d6480a9425a3de601c7a0b61933913e24104f874f8c931a1e384e
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
54db141f62decc2eff9a8fbd6f4abbc168930c87248c5dd15927e2b807b59602
64bc06c9dc8775903f678cf5602492761161ee981315c188a53200ced5f1442b
9f74593149adc21c135cc88bba9dfb21d71504ae0f2f558e0f2fe227ff98b380
a7c84e0797c80785d8123860ed09e1f09efe26488e255475d9ef37f897f0ce43
ad014ff719a6356c0f09bada37ae5d43c836c939938275e943bd27ffcb363d6e
c12fb1ffb25512f21f3968513de41011ff6c7f71d86bd39bbead4f8884b89baa
c66a78f08a25909a6be6a4b762217eb7a176dd7f5ae7bb20c5807510411b591d
ca182edc7135b49762bccd4e05d417abc9168b2ede7433e6f5ab412fa3d4cc8a
d5d1706afe013adca66defa792ca52bf29be3877c25a8354d20004a2c873c5bf
de30344e9a5cff6eeb3a4a95fc67158b3b0cf28ede574c109bbec94b564472bf
e04902cb8d591b22813f665be2bc146ece30400643efea6f12efc056edad981a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5fede04dcf930dd6b36df204b17b3e52738af0636544c17dc0461634c267608
e7ef5da3c7f69950571db2adc0d8ced92038a5901e0097dd789b54d9de1adfcc
ec14c2b971443ca7322f04a1b65dc70974ad71f470d4726cea33d482a86215a2

www.ustaxdefense.org Open in urlscan Pro 172.81.118.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

29 Requests

97 %HTTPS

0 %IPv6

7 Domains

8 Subdomains

6 IPs

3 Countries

992 kBTransfer

1106 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ustaxdefense.org Open in urlscan Pro
172.81.118.28 Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

97 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

6
IPs

3
Countries

992 kB
Transfer

1106 kB
Size

2
Cookies

29 HTTP transactions
0 data transactions