michigan.taxovertake.com Open in urlscan Pro
54.173.134.161 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.michigan.taxovertake.com/
Effective URL:
https://michigan.taxovertake.com/
Submission: On June 24 via api (June 24th 2024, 12:37:40 pm UTC) from US — Scanned from DE

Summary HTTP 11 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 11 HTTP transactions. The main IP is 54.173.134.161, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is michigan.taxovertake.com.
TLS certificate: Issued by E6 on June 14th 2024. Valid for: 3 months.

This is the only time michigan.taxovertake.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	54.173.134.161 54.173.134.161	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
4	2600:9000:211... 2600:9000:211e:dc00:16:61cf:4000:21	16509 (AMAZON-02) (AMAZON-02)
11	4

5 54.173.134.161 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-134-161.compute-1.amazonaws.com

www.michigan.taxovertake.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
michigan.taxovertake.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:211e:dc00:16:61cf:4000:21 (United States)

ASN16509 (AMAZON-02, US)

dlbf54swf3l6o.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	taxovertake.com 1 redirects www.michigan.taxovertake.com michigan.taxovertake.com	734 KB
4	cloudfront.net dlbf54swf3l6o.cloudfront.net	319 KB
2	youtube.com www.youtube.com — Cisco Umbrella Rank: 96	12 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	1 KB
11	4

	Domain	Requested by
4	dlbf54swf3l6o.cloudfront.net	michigan.taxovertake.com
4	michigan.taxovertake.com	michigan.taxovertake.com
2	www.youtube.com	michigan.taxovertake.com www.youtube.com
1	fonts.googleapis.com	michigan.taxovertake.com
1	www.michigan.taxovertake.com	1 redirects
11	5

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
vimeo.com
www.linkedin.com
realestatewealthnetwork.com

Subject Issuer	Validity	Valid
michigan.taxovertake.com E6	`2024-06-14` - `2024-09-12`	3 months	crt.sh
*.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://michigan.taxovertake.com/
Frame ID: C039505DE7B33C7464F7B565C0F3EA31
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

We Buy Michigan Houses | Michigan Home Taxes | Stop Foreclosure Taxes

Page URL History Show full URLs

https://www.michigan.taxovertake.com/ HTTP 301
http://michigan.taxovertake.com/ HTTP 307
https://michigan.taxovertake.com/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Page Statistics

11
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

1067 kB
Transfer

13273 kB
Size

4
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/ThreeTInvest

Search URL Search Domain Scan URL

URL: https://twitter.com/TalentsLlc

Search URL Search Domain Scan URL

URL: https://vimeo.com/threetalentsinvestments

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/in/threetalentsinvestmentsllc/

Search URL Search Domain Scan URL

URL: https://realestatewealthnetwork.com/
Title: Real Estate Wealth Network

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.michigan.taxovertake.com/ HTTP 301
http://michigan.taxovertake.com/ HTTP 307
https://michigan.taxovertake.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
michigan.taxovertake.com/
Redirect Chain

https://www.michigan.taxovertake.com/
http://michigan.taxovertake.com/
https://michigan.taxovertake.com/

35 KB
9 KB

157ms
156ms

Document
text/html

54.173.134.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://michigan.taxovertake.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.173.134.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-173-134-161.compute-1.amazonaws.com

Software

openresty /

Resource Hash

e87c6762990815f500767b1b4de445495585e809c6d21dc6d91a7c993728c236

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-headers: *
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-security-policy: frame-ancestors 'self';
content-type: text/html; charset=UTF-8
date: Mon, 24 Jun 2024 12:37:33 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: openresty
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-served-by: michigan.taxovertake.com

Redirect headers

Location: https://michigan.taxovertake.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 styles1.css
michigan.taxovertake.com/assets/ 517 KB
72 KB 102ms
95ms Stylesheet
text/css 54.173.134.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://michigan.taxovertake.com/assets/styles1.css?cache=20240624083733
Requested by: Host: michigan.taxovertake.com
URL: https://michigan.taxovertake.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.173.134.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-134-161.compute-1.amazonaws.com
Software: openresty /
Resource Hash: db5fb11cdf5ccb26a7679c23aa343eed6b5a517450dc805919d1948c9f81d4c7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://michigan.taxovertake.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Mon, 24 Jun 2024 12:37:34 GMT
content-encoding: gzip
last-modified: Wed, 15 May 2024 17:01:34 GMT
server: openresty
etag: W/"6644ea6e-813f7"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000, public,no-transform
x-served-by: michigan.taxovertake.com

GET
H2 200 iframe_api Show response
www.youtube.com/ 993 B
2 KB 93ms
39ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: michigan.taxovertake.com
URL: https://michigan.taxovertake.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

26f32cff4659c1340820bbd6bb5550d2fa30cede9f97c16350a555c4226f5651

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://michigan.taxovertake.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 12:37:34 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-encoding: br
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: SAMEORIGIN
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type: text/javascript; charset=utf-8
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control: private, max-age=0
origin-trial: AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
expires: Mon, 24 Jun 2024 12:37:34 GMT

GET
H2 200 scripts1.js Show response
michigan.taxovertake.com/assets/ 2 MB
651 KB 189ms
185ms Script
application/javascript 54.173.134.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://michigan.taxovertake.com/assets/scripts1.js?cache=20240624083733
Requested by: Host: michigan.taxovertake.com
URL: https://michigan.taxovertake.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.173.134.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-173-134-161.compute-1.amazonaws.com
Software: openresty /
Resource Hash: 7b4f62ce1dfaeffac8f7c756078a66f3c7b7c901b61718b4c9cbc13a8ac92600

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://michigan.taxovertake.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Thu, 31 Dec 2037 23:55:55 GMT
date: Mon, 24 Jun 2024 12:37:34 GMT
content-encoding: gzip
last-modified: Mon, 10 Jun 2024 15:12:47 GMT
server: openresty
etag: W/"666717ef-2732d5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000, public,no-transform
x-served-by: michigan.taxovertake.com

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 40ms
18ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700&display=swap

Requested by

Host: michigan.taxovertake.com
URL: https://michigan.taxovertake.com/assets/styles1.css?cache=20240624083733

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://michigan.taxovertake.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Mon, 24 Jun 2024 12:37:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 24 Jun 2024 12:07:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Jun 2024 12:37:34 GMT

GET
H2 200 www-widgetapi.js Show response
www.youtube.com/s/player/61b3b5e4/www-widgetapi.vflset/ 31 KB
11 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/61b3b5e4/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56c989ad68e2d657ec33446633534c0d2b3ee0aeaa1cbe4ef8a21a1e9a5c3b99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://michigan.taxovertake.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 07:43:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17640
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10459
x-xss-protection: 0
last-modified: Mon, 24 Jun 2024 04:16:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 24 Jun 2025 07:43:34 GMT

GET
H2 200 fa-brands-400.woff2
dlbf54swf3l6o.cloudfront.net/assets/Font-Awesome-5/webfonts/ 75 KB
75 KB 54ms
11ms Font
font/woff2 2600:9000:211e:dc00:16:61cf:4000:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dlbf54swf3l6o.cloudfront.net/assets/Font-Awesome-5/webfonts/fa-brands-400.woff2
Requested by: Host: michigan.taxovertake.com
URL: https://michigan.taxovertake.com/assets/styles1.css?cache=20240624083733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:dc00:16:61cf:4000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcc6afbc327c5fdd7e8137f7cfca1144a76a24b83d338cdb782bbf4c1bae8cbb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://michigan.taxovertake.com/
Origin: https://michigan.taxovertake.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 01:02:03 GMT
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
last-modified: Fri, 03 Dec 2021 15:29:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 41731
etag: "174b41f65f8234795a2caaa56e1488b4"
x-cache: Hit from cloudfront
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
accept-ranges: bytes
content-length: 76740
x-amz-cf-id: RPrk4rHkpF89c7_k3YDw0B7W7DAIDU1gq9mGVMN9LLgLuSiJf1wu_A==

GET
H2 200 Ubuntu-Regular.ttf
dlbf54swf3l6o.cloudfront.net/google-fonts/ufl/ubuntu/ 344 KB
167 KB 62ms
20ms Font
font/ttf 2600:9000:211e:dc00:16:61cf:4000:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dlbf54swf3l6o.cloudfront.net/google-fonts/ufl/ubuntu/Ubuntu-Regular.ttf
Requested by: Host: michigan.taxovertake.com
URL: https://michigan.taxovertake.com/assets/styles1.css?cache=20240624083733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:dc00:16:61cf:4000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3128df86a31805618436d0ae5651ba4285d0c9de0a39057d025f64ee33bceb64

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://michigan.taxovertake.com/
Origin: https://michigan.taxovertake.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 18:37:45 GMT
content-encoding: gzip
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
last-modified: Wed, 06 Oct 2021 20:43:26 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 64790
etag: W/"b3488e8486d2b4e3a0666997f91c7ed9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: font/ttf
access-control-allow-origin: *
access-control-expose-headers: *
x-amz-cf-id: B8127hs_9tzR2NVB0IMybP6cUi_u9yBPbGqYqd2EdIg115y3R5C0uA==

GET
H2 200 fa-solid-900.woff2
dlbf54swf3l6o.cloudfront.net/assets/Font-Awesome-5/webfonts/ 76 KB
77 KB 74ms
32ms Font
font/woff2 2600:9000:211e:dc00:16:61cf:4000:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dlbf54swf3l6o.cloudfront.net/assets/Font-Awesome-5/webfonts/fa-solid-900.woff2
Requested by: Host: michigan.taxovertake.com
URL: https://michigan.taxovertake.com/assets/styles1.css?cache=20240624083733
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:dc00:16:61cf:4000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d0e6c7f6b40b62c10c929739ed76b0adbd9a08591aa95697b6f802c4dc4824f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://michigan.taxovertake.com/
Origin: https://michigan.taxovertake.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 18:37:45 GMT
via: 1.1 1c12254585d1d316d9380549d59e3c80.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 64790
x-cache: Hit from cloudfront
content-length: 78260
last-modified: Fri, 03 Dec 2021 15:29:55 GMT
server: AmazonS3
etag: "750fbaeb93c1a30557f34d1c5ed7e2ea"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: Ut5xxNsD9YO6FJWs5bZcgfNh99DZZtFCGVhm5TG8yq2oz7R2ct7XKg==

GET
H2 206 template1_hero.mp4
dlbf54swf3l6o.cloudfront.net/videos/stock/ 9 MB
0 37ms
14ms Media
video/mp4 2600:9000:211e:dc00:16:61cf:4000:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dlbf54swf3l6o.cloudfront.net/videos/stock/template1_hero.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:dc00:16:61cf:4000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Referer: https://michigan.taxovertake.com/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 23 Jun 2024 23:09:19 GMT
via: 1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
last-modified: Wed, 20 Oct 2021 19:55:01 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
age: 48497
etag: "eac16f9cce676a8eb26d540a6c3c7ee5-2"
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: video/mp4
Content-Range: bytes 0-27032958/27032959
accept-ranges: bytes
x-amz-cf-id: OdUTNjufXh739e28o17Mr6MyDh0NvHOH-8361TUy9a38xcWOI0oTDw==
Content-Length: 27032959

GET
H2 404 favicon.ico
michigan.taxovertake.com/ 4 KB
1 KB 106ms
106ms Other
text/html 54.173.134.161
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://michigan.taxovertake.com/favicon.ico

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.173.134.161 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-173-134-161.compute-1.amazonaws.com

Software

openresty /

Resource Hash

7c29a83b2ffc2d8a548a785611bb25c46e77ef1870daea0953b617e931818001

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://michigan.taxovertake.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 24 Jun 2024 12:37:35 GMT
content-security-policy: frame-ancestors 'self';
content-encoding: gzip
server: openresty
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
michigan.taxovertake.com/	1969-12-31 23:59:59	Name: CLIENTDOMAIN Value: 7tlvcqdtne39u9g2s01hbepuo1
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: REDCDFAXxgI
.youtube.com/	1970-01-21 01:53:04	Name: VISITOR_INFO1_LIVE Value: OFPMGZTg0-g
.youtube.com/	1970-01-21 01:53:04	Name: VISITOR_PRIVACY_METADATA Value: CgJERRIEEgAgFw%3D%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://michigan.taxovertake.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self';
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dlbf54swf3l6o.cloudfront.net
fonts.googleapis.com
michigan.taxovertake.com
www.michigan.taxovertake.com
www.youtube.com
2600:9000:211e:dc00:16:61cf:4000:21
2a00:1450:4001:81c::200a
2a00:1450:4001:827::200e
54.173.134.161
1d0e6c7f6b40b62c10c929739ed76b0adbd9a08591aa95697b6f802c4dc4824f
26f32cff4659c1340820bbd6bb5550d2fa30cede9f97c16350a555c4226f5651
3128df86a31805618436d0ae5651ba4285d0c9de0a39057d025f64ee33bceb64
56c989ad68e2d657ec33446633534c0d2b3ee0aeaa1cbe4ef8a21a1e9a5c3b99
7b4f62ce1dfaeffac8f7c756078a66f3c7b7c901b61718b4c9cbc13a8ac92600
7c29a83b2ffc2d8a548a785611bb25c46e77ef1870daea0953b617e931818001
af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690
bcc6afbc327c5fdd7e8137f7cfca1144a76a24b83d338cdb782bbf4c1bae8cbb
db5fb11cdf5ccb26a7679c23aa343eed6b5a517450dc805919d1948c9f81d4c7
e87c6762990815f500767b1b4de445495585e809c6d21dc6d91a7c993728c236

michigan.taxovertake.com Open in urlscan Pro 54.173.134.161 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

75 %IPv6

4 Domains

5 Subdomains

4 IPs

2 Countries

1067 kBTransfer

13273 kBSize

4 Cookies

5 Outgoing links

Page URL History

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

4 Cookies

1 Console Messages

Security Headers

Indicators

michigan.taxovertake.com Open in urlscan Pro
54.173.134.161 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

75 %
IPv6

4
Domains

5
Subdomains

4
IPs

2
Countries

1067 kB
Transfer

13273 kB
Size

4
Cookies

11 HTTP transactions
0 data transactions