urlscan.io logo urlscan.io
SecurityTrails logo

www.kaveririvers.com Open in urlscan Pro
66.96.147.118  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://car.aghayev.com/wp-admin/includes/zucuby.php
Effective URL: https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
Submission: On March 26 via manual from IE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 5 countries across 5 domains to perform 19 HTTP transactions. The main IP is 66.96.147.118, located in Burlington, United States and belongs to BIZLAND-SD - The Endurance International Group, Inc., US. The main domain is www.kaveririvers.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on January 30th 2019. Valid for: 3 months.
This is the only time www.kaveririvers.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: UK Government (Government)

Domain & IP information

IP Address AS Autonomous System
1 94.23.50.119 16276 (OVH)
1 66.96.147.118 29873 (BIZLAND-SD)
13 104.111.230.165 16625 (AKAMAI-AS)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
2 34.232.10.201 14618 (AMAZON-AES)
19 7
1    94.23.50.119 (France)

ASN16276 (OVH, FR)
PTR: ks3329740.kimsufi.com
car.aghayev.com
1    66.96.147.118 (Burlington, United States)

ASN29873 (BIZLAND-SD - The Endurance International Group, Inc., US)
PTR: 118.147.96.66.static.eigbox.net
www.kaveririvers.com
13    104.111.230.165 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-230-165.deploy.static.akamaitechnologies.com
www.tax.service.gov.uk
1    2a02:26f0:6c00:181::13b8 (European Union)

ASN20940 (AKAMAI-ASN1, US)
cdn.optimizely.com
1    2a00:1450:4001:821::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    34.232.10.201 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-232-10-201.compute-1.amazonaws.com
errors.client.optimizely.com
Domain Requested by
13 www.tax.service.gov.uk www.kaveririvers.com
2 errors.client.optimizely.com cdn.optimizely.com
1 www.google-analytics.com www.kaveririvers.com
1 cdn.optimizely.com www.kaveririvers.com
1 www.kaveririvers.com
1 car.aghayev.com
19 6

This site contains links to these domains. Also see Links.

Domain
www.gov.uk
www.nationalarchives.gov.uk
Subject Issuer Validity Valid
*.kaveririvers.com
Let's Encrypt Authority X3		 2019-01-30 -
2019-04-30		 3 months crt.sh
online.hmrc.gov.uk
DigiCert SHA2 Extended Validation Server CA		 2019-03-11 -
2021-04-16		 2 years crt.sh
cdn.optimizely.com
DigiCert ECC Secure Server CA		 2018-11-24 -
2020-02-23		 a year crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
errors.client.optimizely.com
DigiCert SHA2 High Assurance Server CA		 2018-09-24 -
2020-09-28		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
Frame ID: 57B21B23E07CB975F71852448BFFDC92
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://car.aghayev.com/wp-admin/includes/zucuby.php Page URL
  2. https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /Debian/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • script /modernizr(?:-([\d.]*[\d]))?.*\.js/i
  • env /^Modernizr$/i
Overall confidence: 100%
Detected patterns
  • script /optimizely\.com.*\.js/i
  • env /^optimizely$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

19
Requests

95 %
HTTPS

33 %
IPv6

5
Domains

6
Subdomains

7
IPs

5
Countries

482 kB
Transfer

1394 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://car.aghayev.com/wp-admin/includes/zucuby.php Page URL
  2. https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
zucuby.php
car.aghayev.com/wp-admin/includes/ 		146 B
427 B 		Document
General
Check archive.org
Download Go to
Full URL
http://car.aghayev.com/wp-admin/includes/zucuby.php
Protocol
HTTP/1.1
Server
94.23.50.119 , France, ASN16276 (OVH, FR),
Reverse DNS
ks3329740.kimsufi.com
Software
Apache/2.2.22 (Debian) / PHP/5.5.30-1~dotdeb+7.1
Resource Hash
ef6e63063faa11b7bc8abe39eb71b726350be188cab5658cd7856ac05b9f75da

Request headers

Host
car.aghayev.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 26 Mar 2019 14:47:06 GMT
Server
Apache/2.2.22 (Debian)
X-Powered-By
PHP/5.5.30-1~dotdeb+7.1
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
151
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html
Primary Request index.htm
www.kaveririvers.com/wp-includes/Requests/taxreturn/ 		14 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.96.147.118 Burlington, United States, ASN29873 (BIZLAND-SD - The Endurance International Group, Inc., US),
Reverse DNS
118.147.96.66.static.eigbox.net
Software
Apache/2 /
Resource Hash
1b0a8c3f48fba3c40a2f7580661467b7869ad168db46d0f055b91bdbaccba552

Request headers

Host
www.kaveririvers.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://car.aghayev.com/wp-admin/includes/zucuby.php
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://car.aghayev.com/wp-admin/includes/zucuby.php

Response headers

Date
Tue, 26 Mar 2019 14:53:17 GMT
Content-Type
text/html
Content-Length
14761
Connection
keep-alive
Keep-Alive
timeout=30
Server
Apache/2
Last-Modified
Mon, 18 Mar 2019 13:42:58 GMT
ETag
"39a9-5845e90ff5c80"
Accept-Ranges
bytes
Cache-Control
max-age=3600
Expires
Tue, 26 Mar 2019 15:53:17 GMT
govuk-template.css
www.tax.service.gov.uk/template/assets/stylesheets/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tax.service.gov.uk/template/assets/stylesheets/govuk-template.css
Requested by
Host: www.kaveririvers.com
URL: https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.165 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-230-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b56c2a21817362aeb9546f6a99f114c1df75afcce86762413b285a94c128e6dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
x-amz-request-id
2BB4D4197AA5D503
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
4366
x-amz-id-2
gbvJXZ+nQdsxhrHHVSaAPJB2fhxyhSaS/ug8OE6sg4CHea/nEISl6LSjHPRuFMM0wAR5LEhObjc=
Last-Modified
Tue, 30 Oct 2018 10:51:20 GMT
Date
Tue, 26 Mar 2019 14:53:18 GMT
X-Frame-Options
DENY
Content-Type
text/css
X-XSS-Protection
1; mode=block
Cache-Control
max-age=1877
ETag
"8b1874e022c4792c580fa0e7f9105c3c"
X-Robots-Tag
noindex, nofollow
Expires
Tue, 26 Mar 2019 15:24:35 GMT
fonts.css
www.tax.service.gov.uk/template/assets/stylesheets/ 		267 KB
196 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tax.service.gov.uk/template/assets/stylesheets/fonts.css
Requested by
Host: www.kaveririvers.com
URL: https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.165 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-230-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6813a04aa7ebe09726eda5fdd9c4abf1c5f151335adf0ad90474a5fe316e87ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
x-amz-request-id
EA823456876B4886
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
200197
x-amz-id-2
ZeCRohstDr+ZL2vIl4tcRKD2EG7tuaeY9rQoZMdQMKFb3xmWO7qf9jKwK0kpj/rdX8J4vCJpkHM=
Last-Modified
Tue, 30 Oct 2018 10:51:20 GMT
Date
Tue, 26 Mar 2019 14:53:18 GMT
X-Frame-Options
DENY
Content-Type
text/css
X-XSS-Protection
1; mode=block
Cache-Control
max-age=2293
ETag
"acaaac228246dd0eb9d5c1d9046094f7"
X-Robots-Tag
noindex, nofollow
Expires
Tue, 26 Mar 2019 15:31:31 GMT
govuk-template-print.css
www.tax.service.gov.uk/template/assets/stylesheets/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tax.service.gov.uk/template/assets/stylesheets/govuk-template-print.css
Requested by
Host: www.kaveririvers.com
URL: https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.165 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-230-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5bb990686d6668df3f9d5208b10fa83d2f5d55820b442be13542a3dfbd3e361a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
x-amz-request-id
26AA5C30E6A2766C
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
675
x-amz-id-2
bfbzL0/ci20wTDl1WddhcNev1rcgdDKTXm6B5mYG79hwZtw/0pAmkEDcXYtY/xa18wuF/x6aub8=
Last-Modified
Tue, 30 Oct 2018 10:51:20 GMT
Date
Tue, 26 Mar 2019 14:53:18 GMT
X-Frame-Options
DENY
Content-Type
text/css
X-XSS-Protection
1; mode=block
Cache-Control
max-age=1741
ETag
"6652f6207c256a26f0987cfd09c6be57"
X-Robots-Tag
noindex, nofollow
Expires
Tue, 26 Mar 2019 15:22:19 GMT
application.min.css
www.tax.service.gov.uk/assets/3.2.2/stylesheets/ 		295 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tax.service.gov.uk/assets/3.2.2/stylesheets/application.min.css
Requested by
Host: www.kaveririvers.com
URL: https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.165 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-230-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9444d24fe8d33beaad6f107500230eca394eb2fcf3538cf423ecdcfca86fdd97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 16 Feb 2018 17:26:48 GMT
x-amz-request-id
A6126FBAE72ABE14
ETag
"86486ebb970bc7485307bf786b2c7064"
X-Frame-Options
SAMEORIGIN
Content-Type
text/css
Cache-Control
public, max-age=19546687
Date
Tue, 26 Mar 2019 14:53:18 GMT
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Vary
Accept-Encoding
Content-Length
50217
x-amz-id-2
m/xl5E4NTWQ8Mm2kIeFC3LE81bMXDyBNGCAtjOFAnnjt2zTkKKVnSmA8MhzUCLvQQD0uri2wvrg=
11766650496.js
cdn.optimizely.com/js/ 		258 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.optimizely.com/js/11766650496.js
Requested by
Host: www.kaveririvers.com
URL: https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:181::13b8 , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
810bfafd7fe085671e5804996adfdf58dd1e9c80bc5065fc2357bda13f2969c6
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-meta-pci_enabled
False
x-amz-version-id
3Dd0oFKc..ltIEvfFYWgEUqLHpy0yzfD
content-encoding
gzip
x-amz-request-id
57CCF5E01855E443
status
200
access-control-max-age
86400
date
Tue, 26 Mar 2019 14:53:18 GMT
x-amz-replication-status
COMPLETED
server-timing
cdn;desc="AkamaiION";dur=0,rtt;desc="5";dur=0,cdnip;desc="2a02:26f0:6c00:181::13b8";dur=0,cdnmap;desc="";dur=0,proto;desc="h2";dur=0
strict-transport-security
max-age=15768000
content-length
80571
x-amz-id-2
9jNSkZ6cTpApoHUU9pntSZjBB/C8OQDAYRn77Fy8zoD0aHupNlkRWvufC6fuC+ofF0R9G2GF0tg=
last-modified
Wed, 20 Feb 2019 10:33:15 GMT
server
AmazonS3
etag
"43a65bb34ae083718d0fbf9ffc825ef6"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
x-amz-meta-revision
cache-control
max-age=120
x-amz-meta-revision
204
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
*
modernizr.js
www.tax.service.gov.uk/assets/3.2.2/javascripts/vendor/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tax.service.gov.uk/assets/3.2.2/javascripts/vendor/modernizr.js
Requested by
Host: www.kaveririvers.com
URL: https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.165 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-230-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b8198664c7122b1f0665685587937e28e9f137fd05e05448a13fd8f0d40b10bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 16 Feb 2018 17:26:48 GMT
x-amz-request-id
9A1476A83B1C54A6
ETag
"3e2888947e249739685ea752f2855601"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
public, max-age=19546711
Date
Tue, 26 Mar 2019 14:53:18 GMT
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Vary
Accept-Encoding
Content-Length
3868
x-amz-id-2
9xejKo+fkGm1P7gBPjyZYROqcoxAbW83bxoOkzVfMKgaiLRa8Jy9qjl7QI1UqokKK4DgONxBxsM=
styles.css
www.tax.service.gov.uk/pay/assets/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.tax.service.gov.uk/pay/assets/css/styles.css
Requested by
Host: www.kaveririvers.com
URL: https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.165 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-230-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6911a6f4c9747d594da555245dcf405f352da234f60271d6415b7af9c683f9b7
Security Headers
Name Value
Content-Security-Policy ZGVmYXVsdC1zcmMgJ3NlbGYnICd1bnNhZmUtaW5saW5lJyB3d3cuZ29vZ2xlLWFuYWx5dGljcy5jb20gY2RuLm9wdGltaXplbHkuY29tIDExNzY2NjUwNDk2LmxvZy5vcHRpbWl6ZWx5LmNvbSBkYXRhOiAqLm9wdGltaXplbHkuY29tIG9wdGltaXplbHkuczMuYW1hem9uYXdzLmNvbTogOyBmcmFtZS1zcmMgaHR0cHM6Ly9wcC5lcGhhcGF5Lm5ldA==
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy
ZGVmYXVsdC1zcmMgJ3NlbGYnICd1bnNhZmUtaW5saW5lJyB3d3cuZ29vZ2xlLWFuYWx5dGljcy5jb20gY2RuLm9wdGltaXplbHkuY29tIDExNzY2NjUwNDk2LmxvZy5vcHRpbWl6ZWx5LmNvbSBkYXRhOiAqLm9wdGltaXplbHkuY29tIG9wdGltaXplbHkuczMuYW1hem9uYXdzLmNvbTogOyBmcmFtZS1zcmMgaHR0cHM6Ly9wcC5lcGhhcGF5Lm5ldA==
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Connection
keep-alive
Content-Length
467
X-XSS-Protection
1; mode=block
Last-Modified
Mon, 25 Mar 2019 15:30:12 GMT
X-Frame-Options
SAMEORIGIN
Date
Tue, 26 Mar 2019 14:53:18 GMT
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000;
Content-Type
text/css; charset=utf-8
Cache-Control
public, max-age=2859
ETag
"386b1a0f0a6d9308f233ba8565f2f7dc49bc4826"
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
button.js
www.tax.service.gov.uk/pay/assets/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tax.service.gov.uk/pay/assets/js/button.js
Requested by
Host: www.kaveririvers.com
URL: https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.165 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-230-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
8861a596b7b7f779d239419e1d7529313bfdcd7a52d30de10f8d288fa5f3ad03
Security Headers
Name Value
Content-Security-Policy ZGVmYXVsdC1zcmMgJ3NlbGYnICd1bnNhZmUtaW5saW5lJyB3d3cuZ29vZ2xlLWFuYWx5dGljcy5jb20gY2RuLm9wdGltaXplbHkuY29tIDExNzY2NjUwNDk2LmxvZy5vcHRpbWl6ZWx5LmNvbSBkYXRhOiAqLm9wdGltaXplbHkuY29tIG9wdGltaXplbHkuczMuYW1hem9uYXdzLmNvbTogOyBmcmFtZS1zcmMgaHR0cHM6Ly9wcC5lcGhhcGF5Lm5ldA==
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy
ZGVmYXVsdC1zcmMgJ3NlbGYnICd1bnNhZmUtaW5saW5lJyB3d3cuZ29vZ2xlLWFuYWx5dGljcy5jb20gY2RuLm9wdGltaXplbHkuY29tIDExNzY2NjUwNDk2LmxvZy5vcHRpbWl6ZWx5LmNvbSBkYXRhOiAqLm9wdGltaXplbHkuY29tIG9wdGltaXplbHkuczMuYW1hem9uYXdzLmNvbTogOyBmcmFtZS1zcmMgaHR0cHM6Ly9wcC5lcGhhcGF5Lm5ldA==
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Connection
keep-alive
Content-Length
605
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 12 Mar 2019 14:27:52 GMT
X-Frame-Options
SAMEORIGIN
Date
Tue, 26 Mar 2019 14:53:18 GMT
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000;
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=318
ETag
"fd4f5ec99ade139c6f1903fdd6f42b0374732086"
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
gov.uk_logotype_crown.png
www.tax.service.gov.uk/template/assets/images/ 		780 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tax.service.gov.uk/template/assets/images/gov.uk_logotype_crown.png
Requested by
Host: www.kaveririvers.com
URL: https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.165 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-230-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
14b98db97bbd6cb1f33935d3e0d973fa68ca0c38fb5762b033423ceffe9e16f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000;
X-Content-Type-Options
nosniff
Last-Modified
Tue, 30 Oct 2018 10:51:20 GMT
x-amz-request-id
048564086EA6F1E4
ETag
"7a0ea44ffc50dac67b82f0f70639d2ff"
X-Frame-Options
DENY
Content-Type
image/png
X-XSS-Protection
1; mode=block
Cache-Control
max-age=627
Date
Tue, 26 Mar 2019 14:53:18 GMT
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
780
x-amz-id-2
ZELC3XxEtEd5iDFbyYGGcEMWW6T5OtAooSTzdWkl+xG5vyGIgXnoop2wk6EljCX0ytVzpEfni6o=
Expires
Tue, 26 Mar 2019 15:03:45 GMT
open-government-licence_2x.png
www.tax.service.gov.uk/template/assets/images/ 		504 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tax.service.gov.uk/template/assets/images/open-government-licence_2x.png
Requested by
Host: www.kaveririvers.com
URL: https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.165 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-230-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dcbca9026a39b5e4cc536b2f842bd173148b018c7ce369a5930558f4de0e23b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000;
X-Content-Type-Options
nosniff
Last-Modified
Tue, 30 Oct 2018 10:51:20 GMT
x-amz-request-id
774AB1F053F09B82
ETag
"77b25839a24ed3ac7fab794efd278532"
X-Frame-Options
DENY
Content-Type
image/png
X-XSS-Protection
1; mode=block
Cache-Control
max-age=3515
Date
Tue, 26 Mar 2019 14:53:18 GMT
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
504
x-amz-id-2
6Q1wThVg1u27yv2N6qnx/U3ActlNPzMqyIQKxCTN5xZwL8gxtGFXVKzAyrRvvDaTSw0sblQ9mSc=
Expires
Tue, 26 Mar 2019 15:51:53 GMT
application.min.js
www.tax.service.gov.uk/assets/3.2.2/javascripts/ 		312 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tax.service.gov.uk/assets/3.2.2/javascripts/application.min.js
Requested by
Host: www.kaveririvers.com
URL: https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.165 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-230-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7c7286c342fd3aae10f99fca75c4d4ef86ec483ac15a8f3b75fa81acba9743a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000;
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Fri, 16 Feb 2018 17:26:48 GMT
x-amz-request-id
45ACE8B2C14C850D
ETag
"13330a2e43445d482f327c60323bb916"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
public, max-age=19546629
Date
Tue, 26 Mar 2019 14:53:18 GMT
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Vary
Accept-Encoding
Content-Length
103510
x-amz-id-2
PS94zwbmxEvfSBduFUGlLPh6h54chrVauwy6DlIqrJxAAp406mOPFP/JynCEeMU6liy7OmlVsHc=
ga-events.js
www.tax.service.gov.uk/pay/assets/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tax.service.gov.uk/pay/assets/js/ga-events.js
Requested by
Host: www.kaveririvers.com
URL: https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.165 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-230-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d46a70b9dd6abd18a8a7209cd9f05578273fd4736fd85b97e1a41930542dbc04
Security Headers
Name Value
Content-Security-Policy ZGVmYXVsdC1zcmMgJ3NlbGYnICd1bnNhZmUtaW5saW5lJyB3d3cuZ29vZ2xlLWFuYWx5dGljcy5jb20gY2RuLm9wdGltaXplbHkuY29tIDExNzY2NjUwNDk2LmxvZy5vcHRpbWl6ZWx5LmNvbSBkYXRhOiAqLm9wdGltaXplbHkuY29tIG9wdGltaXplbHkuczMuYW1hem9uYXdzLmNvbTogOyBmcmFtZS1zcmMgaHR0cHM6Ly9wcC5lcGhhcGF5Lm5ldA==
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy
ZGVmYXVsdC1zcmMgJ3NlbGYnICd1bnNhZmUtaW5saW5lJyB3d3cuZ29vZ2xlLWFuYWx5dGljcy5jb20gY2RuLm9wdGltaXplbHkuY29tIDExNzY2NjUwNDk2LmxvZy5vcHRpbWl6ZWx5LmNvbSBkYXRhOiAqLm9wdGltaXplbHkuY29tIG9wdGltaXplbHkuczMuYW1hem9uYXdzLmNvbTogOyBmcmFtZS1zcmMgaHR0cHM6Ly9wcC5lcGhhcGF5Lm5ldA==
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Connection
keep-alive
Content-Length
873
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 12 Mar 2019 14:27:52 GMT
X-Frame-Options
SAMEORIGIN
Date
Tue, 26 Mar 2019 14:53:18 GMT
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000;
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=823
ETag
"c74bb7c506f0fc2f5e6bf4f488450eeea8e9e579"
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
disclosure.js
www.tax.service.gov.uk/pay/assets/js/ 		215 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.tax.service.gov.uk/pay/assets/js/disclosure.js
Requested by
Host: www.kaveririvers.com
URL: https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.165 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-230-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
040977abb83151a38fc12546cbf7db9ad3ead25bce0998aaf26b69b1643e0faa
Security Headers
Name Value
Content-Security-Policy ZGVmYXVsdC1zcmMgJ3NlbGYnICd1bnNhZmUtaW5saW5lJyB3d3cuZ29vZ2xlLWFuYWx5dGljcy5jb20gY2RuLm9wdGltaXplbHkuY29tIDExNzY2NjUwNDk2LmxvZy5vcHRpbWl6ZWx5LmNvbSBkYXRhOiAqLm9wdGltaXplbHkuY29tIG9wdGltaXplbHkuczMuYW1hem9uYXdzLmNvbTogOyBmcmFtZS1zcmMgaHR0cHM6Ly9wcC5lcGhhcGF5Lm5ldA==
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Security-Policy
ZGVmYXVsdC1zcmMgJ3NlbGYnICd1bnNhZmUtaW5saW5lJyB3d3cuZ29vZ2xlLWFuYWx5dGljcy5jb20gY2RuLm9wdGltaXplbHkuY29tIDExNzY2NjUwNDk2LmxvZy5vcHRpbWl6ZWx5LmNvbSBkYXRhOiAqLm9wdGltaXplbHkuY29tIG9wdGltaXplbHkuczMuYW1hem9uYXdzLmNvbTogOyBmcmFtZS1zcmMgaHR0cHM6Ly9wcC5lcGhhcGF5Lm5ldA==
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Connection
keep-alive
Content-Length
167
X-XSS-Protection
1; mode=block
Last-Modified
Tue, 12 Mar 2019 14:27:52 GMT
X-Frame-Options
SAMEORIGIN
Date
Tue, 26 Mar 2019 14:53:18 GMT
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000;
Content-Type
application/javascript; charset=utf-8
Cache-Control
public, max-age=833
ETag
"8d1db903ab8148aef75ff2163dab28f635804ef8"
Accept-Ranges
bytes
X-Robots-Tag
noindex, nofollow
truncated
/ 		94 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
048b93884a1b51d20f2a3140541d450cb6b82c6c2cf69128ea1d09fdd9699f30

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://www.kaveririvers.com

Response headers

Content-Type
application/font-woff
govuk-crest.png
www.tax.service.gov.uk/template/assets/stylesheets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.tax.service.gov.uk/template/assets/stylesheets/images/govuk-crest.png
Requested by
Host: www.kaveririvers.com
URL: https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.111.230.165 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a104-111-230-165.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.tax.service.gov.uk/template/assets/stylesheets/govuk-template.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000;
X-Content-Type-Options
nosniff
Last-Modified
Tue, 30 Oct 2018 10:51:20 GMT
x-amz-request-id
474629887FC1589B
ETag
"bcd5768bd7721641ee71ba103bb38900"
X-Frame-Options
DENY
Content-Type
image/png
X-XSS-Protection
1; mode=block
Cache-Control
max-age=3298
Date
Tue, 26 Mar 2019 14:53:18 GMT
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
3584
x-amz-id-2
Mv+q4AK6yoXatSjlN/1IXPgs9Po7ghVPnjyK7HB10QgQ2DUt0XEaBPc9SOg6c6YorHIbTufP9Hg=
Expires
Tue, 26 Mar 2019 15:48:16 GMT
truncated
/ 		71 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
01c73d5dd84423dd2fc30aabd1de09a86b36b6de9e2e240d954c09cbb1d97aba

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin
https://www.kaveririvers.com

Response headers

Content-Type
application/font-woff
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.kaveririvers.com
URL: https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
3982
date
Tue, 26 Mar 2019 13:46:56 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17543
expires
Tue, 26 Mar 2019 15:46:56 GMT
log
errors.client.optimizely.com/ 		13 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://errors.client.optimizely.com/log
Requested by
Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/11766650496.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.10.201 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-232-10-201.compute-1.amazonaws.com
Software
/
Resource Hash
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12

Request headers

Access-Control-Request-Method
POST
Origin
https://www.kaveririvers.com
Referer
https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers
content-type

Response headers

Date
Tue, 26 Mar 2019 14:53:23 GMT
Allow
POST,OPTIONS
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
https://www.kaveririvers.com
Access-Control-Max-Age
1800
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Requested-With,Content-Type,Accept,Origin
Content-Length
13
log
errors.client.optimizely.com/ 		0
246 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://errors.client.optimizely.com/log
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.10.201 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-232-10-201.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.kaveririvers.com/wp-includes/Requests/taxreturn/index.htm
Origin
https://www.kaveririvers.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
https://www.kaveririvers.com
Access-Control-Expose-Headers
Access-Control-Allow-Credentials
true
Connection
keep-alive
Date
Tue, 26 Mar 2019 14:53:23 GMT
Content-Type
text/plain

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: UK Government (Government)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask undefined| _ object| html5 object| Modernizr function| roleButtonKeypress string| ssoUrl object| _gaq function| $ function| jQuery object| GOVUK object| JSON3 function| Mdtpdf object| Base64 function| onYouTubeIframeAPIReady object| jQuery11240687876660260351 string| GoogleAnalyticsObject function| ga object| optimizely object| google_tag_data object| gaplugins object| gaGlobal

2 Cookies

Domain/Path Name / Value
.kaveririvers.com/ Name: mdtpdf
Value: eyJ2ZXJzaW9uIjoxLCJ1c2VyQWdlbnQiOiJNb3ppbGxhLzUuMCAoTWFjaW50b3NoOyBJbnRlbCBNYWMgT1MgWCAxMF8xM181KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvNjcuMC4zMzk2Ljg3IFNhZmFyaS81MzcuMzYiLCJsYW5ndWFnZSI6ImVuLVVTIiwiY29sb3JEZXB0aCI6MjQsInJlc29sdXRpb24iOiIxMjAweDE2MDAiLCJ0aW1lem9uZSI6MCwiY2xpZW50U2lkZVRpbWVzdGFtcCI6MTU1MzYxMTk5ODI5MCwic2Vzc2lvblN0b3JhZ2UiOnRydWUsImxvY2FsU3RvcmFnZSI6ZmFsc2UsImluZGV4ZWREQiI6dHJ1ZSwicGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJkb05vdFRyYWNrIjpmYWxzZSwibnVtYmVyT2ZQbHVnaW5zIjowLCJwbHVnaW5zIjpbXX0=
www.kaveririvers.com/ Name: seen_cookie_message
Value: yes

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

car.aghayev.com
cdn.optimizely.com
errors.client.optimizely.com
www.google-analytics.com
www.kaveririvers.com
www.tax.service.gov.uk
104.111.230.165
2a00:1450:4001:821::200e
2a02:26f0:6c00:181::13b8
34.232.10.201
66.96.147.118
94.23.50.119
01c73d5dd84423dd2fc30aabd1de09a86b36b6de9e2e240d954c09cbb1d97aba
040977abb83151a38fc12546cbf7db9ad3ead25bce0998aaf26b69b1643e0faa
048b93884a1b51d20f2a3140541d450cb6b82c6c2cf69128ea1d09fdd9699f30
14b98db97bbd6cb1f33935d3e0d973fa68ca0c38fb5762b033423ceffe9e16f6
16f1efa415bfdd7abcf8fdd76cc05ae6fa66ffdfdc730368ecea89ecfe5c3a12
1b0a8c3f48fba3c40a2f7580661467b7869ad168db46d0f055b91bdbaccba552
2dcbca9026a39b5e4cc536b2f842bd173148b018c7ce369a5930558f4de0e23b
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
5bb990686d6668df3f9d5208b10fa83d2f5d55820b442be13542a3dfbd3e361a
6813a04aa7ebe09726eda5fdd9c4abf1c5f151335adf0ad90474a5fe316e87ed
6911a6f4c9747d594da555245dcf405f352da234f60271d6415b7af9c683f9b7
7c7286c342fd3aae10f99fca75c4d4ef86ec483ac15a8f3b75fa81acba9743a7
810bfafd7fe085671e5804996adfdf58dd1e9c80bc5065fc2357bda13f2969c6
8861a596b7b7f779d239419e1d7529313bfdcd7a52d30de10f8d288fa5f3ad03
9444d24fe8d33beaad6f107500230eca394eb2fcf3538cf423ecdcfca86fdd97
b56c2a21817362aeb9546f6a99f114c1df75afcce86762413b285a94c128e6dd
b8198664c7122b1f0665685587937e28e9f137fd05e05448a13fd8f0d40b10bd
bb9e22aff7881b895c2ceb41d9340804451c474b883f09fe1b4026e76456f44b
d46a70b9dd6abd18a8a7209cd9f05578273fd4736fd85b97e1a41930542dbc04
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef6e63063faa11b7bc8abe39eb71b726350be188cab5658cd7856ac05b9f75da