urlscan.io logo urlscan.io
SecurityTrails logo

www.cleanslatetaxrelief.com Open in urlscan Pro
172.81.118.28  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.cleanslatetaxrelief.com/index.php?offer_id=818&aff_id=1933&sub1=821358&sub2=690300384&sub3=&transaction_id=1025706fdc5f2...
Submission: On June 01 via manual — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 7 domains to perform 31 HTTP transactions. The main IP is 172.81.118.28, located in United States and belongs to IMH-IAD, US. The main domain is www.cleanslatetaxrelief.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on April 21st 2022. Valid for: 3 months.
This is the only time www.cleanslatetaxrelief.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

5    172.81.118.28 (United States)

ASN54641 (IMH-IAD, US)
PTR: ded5652.inmotionhosting.com
www.cleanslatetaxrelief.com
2    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
14    2600:9000:2182:ba00:1:e725:7500:21 (United States)

ASN16509 (AMAZON-02, US)
dhozj507pfmqc.cloudfront.net
1    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    34.236.58.236 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-58-236.compute-1.amazonaws.com
api.trustedform.com
2    2600:9000:2315:2400:1c:7f1a:6680:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.trustedform.com
Apex Domain
Subdomains		 Transfer
14 cloudfront.net
dhozj507pfmqc.cloudfront.net
288 KB
5 trustedform.com
api.trustedform.com — Cisco Umbrella Rank: 20992
cdn.trustedform.com — Cisco Umbrella Rank: 23028
41 KB
5 cleanslatetaxrelief.com
www.cleanslatetaxrelief.com
174 KB
3 gstatic.com
fonts.gstatic.com
47 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 42
ajax.googleapis.com — Cisco Umbrella Rank: 277
36 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 206
82 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 624
33 KB
31 7
Domain Requested by
14 dhozj507pfmqc.cloudfront.net www.cleanslatetaxrelief.com
cdn.trustedform.com
5 www.cleanslatetaxrelief.com www.cleanslatetaxrelief.com
3 api.trustedform.com 1 redirects api.trustedform.com
cdn.trustedform.com
3 fonts.gstatic.com fonts.googleapis.com
2 cdn.trustedform.com www.cleanslatetaxrelief.com
api.trustedform.com
2 cdnjs.cloudflare.com www.cleanslatetaxrelief.com
cdnjs.cloudflare.com
1 ajax.googleapis.com www.cleanslatetaxrelief.com
1 code.jquery.com www.cleanslatetaxrelief.com
1 fonts.googleapis.com www.cleanslatetaxrelief.com
31 9

This site contains no links.

Subject Issuer Validity Valid
cleanslatetaxrelief.com
cPanel, Inc. Certification Authority		 2022-04-21 -
2022-07-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-09 -
2022-08-01		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-04 -
2022-07-27		 3 months crt.sh
*.trustedform.com
Amazon		 2021-10-12 -
2022-11-09		 a year crt.sh
cdn.trustedform.com
Amazon		 2022-04-14 -
2023-05-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.cleanslatetaxrelief.com/index.php?offer_id=818&aff_id=1933&sub1=821358&sub2=690300384&sub3=&transaction_id=1025706fdc5f290d81a67b8f970230
Frame ID: 256B4BE7EDC3BFE36C6E85BAFD8B8E28
Requests: 32 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Clean Slate Tax Relief

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

31
Requests

97 %
HTTPS

78 %
IPv6

7
Domains

9
Subdomains

10
IPs

3
Countries

710 kB
Transfer

938 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16541054059530.16264166994117213 HTTP 301
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16541054059530.16264166994117213

31 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
www.cleanslatetaxrelief.com/ 		10 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.cleanslatetaxrelief.com/index.php?offer_id=818&aff_id=1933&sub1=821358&sub2=690300384&sub3=&transaction_id=1025706fdc5f290d81a67b8f970230
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.81.118.28 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS
ded5652.inmotionhosting.com
Software
Apache /
Resource Hash
8103d727729df1244523e4e135cff230487e1d1b57da04e602a45c4e7f023dd4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 01 Jun 2022 17:43:25 GMT
Keep-Alive
timeout=5, max=100
Server
Apache
Transfer-Encoding
chunked
bootstrap.min.css
www.cleanslatetaxrelief.com/css/ 		118 KB
119 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cleanslatetaxrelief.com/css/bootstrap.min.css
Requested by
Host: www.cleanslatetaxrelief.com
URL: https://www.cleanslatetaxrelief.com/index.php?offer_id=818&aff_id=1933&sub1=821358&sub2=690300384&sub3=&transaction_id=1025706fdc5f290d81a67b8f970230
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.81.118.28 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS
ded5652.inmotionhosting.com
Software
Apache /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cleanslatetaxrelief.com/index.php?offer_id=818&aff_id=1933&sub1=821358&sub2=690300384&sub3=&transaction_id=1025706fdc5f290d81a67b8f970230
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 17:43:25 GMT
Last-Modified
Thu, 07 Nov 2019 19:27:43 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
121200
style.css
www.cleanslatetaxrelief.com/css/ 		5 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cleanslatetaxrelief.com/css/style.css
Requested by
Host: www.cleanslatetaxrelief.com
URL: https://www.cleanslatetaxrelief.com/index.php?offer_id=818&aff_id=1933&sub1=821358&sub2=690300384&sub3=&transaction_id=1025706fdc5f290d81a67b8f970230
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.81.118.28 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS
ded5652.inmotionhosting.com
Software
Apache /
Resource Hash
af01de7e0de3163643db9485d238030d9bce466aa63b9136bbd29eb8ad990bcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cleanslatetaxrelief.com/index.php?offer_id=818&aff_id=1933&sub1=821358&sub2=690300384&sub3=&transaction_id=1025706fdc5f290d81a67b8f970230
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 17:43:25 GMT
Last-Modified
Fri, 08 Nov 2019 02:54:41 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
5437
media.css
www.cleanslatetaxrelief.com/css/ 		3 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.cleanslatetaxrelief.com/css/media.css
Requested by
Host: www.cleanslatetaxrelief.com
URL: https://www.cleanslatetaxrelief.com/index.php?offer_id=818&aff_id=1933&sub1=821358&sub2=690300384&sub3=&transaction_id=1025706fdc5f290d81a67b8f970230
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.81.118.28 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS
ded5652.inmotionhosting.com
Software
Apache /
Resource Hash
f0295d9535d37b43026a81937cc096f5c0901a00377be1a0835cefb2013d2b80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cleanslatetaxrelief.com/index.php?offer_id=818&aff_id=1933&sub1=821358&sub2=690300384&sub3=&transaction_id=1025706fdc5f290d81a67b8f970230
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 17:43:25 GMT
Last-Modified
Fri, 08 Nov 2019 02:41:05 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2980
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.cleanslatetaxrelief.com
URL: https://www.cleanslatetaxrelief.com/index.php?offer_id=818&aff_id=1933&sub1=821358&sub2=690300384&sub3=&transaction_id=1025706fdc5f290d81a67b8f970230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cleanslatetaxrelief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:43:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
598710
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qTc%2ByEclAwmj5T2c1T3jtI9M66Kh1J6gPpY1C754QeagPN8ukZuAdqOAGYv1V%2F6ifHYnzEQWZmTtdJmHIs0IQnulxi5E9zdwg5Srb1DPBc7eJJeMcj3PJND1CfvprMsJHeKrtWPyyCJptat1I3Z%2B8SRs"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7149c060ac6d9299-FRA
expires
Mon, 22 May 2023 17:43:25 GMT
css
fonts.googleapis.com/ 		25 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&display=swap
Requested by
Host: www.cleanslatetaxrelief.com
URL: https://www.cleanslatetaxrelief.com/index.php?offer_id=818&aff_id=1933&sub1=821358&sub2=690300384&sub3=&transaction_id=1025706fdc5f290d81a67b8f970230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cb8727801989fbf422ff64272f21ef334b61234bf018cf78a9a3465e534264b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cleanslatetaxrelief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 15:43:29 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 01 Jun 2022 17:43:25 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 01 Jun 2022 17:43:25 GMT
jquery-latest.min.js
code.jquery.com/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-latest.min.js
Requested by
Host: www.cleanslatetaxrelief.com
URL: https://www.cleanslatetaxrelief.com/index.php?offer_id=818&aff_id=1933&sub1=821358&sub2=690300384&sub3=&transaction_id=1025706fdc5f290d81a67b8f970230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cleanslatetaxrelief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:43:25 GMT
content-encoding
gzip
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
etag
W/"28feccc0-1762a"
vary
Accept-Encoding
x-hw
1654105405.dop109.fr8.t,1654105405.cds057.fr8.hn,1654105405.cds106.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
33202
clean-state-tax-relief-logo.jpg
dhozj507pfmqc.cloudfront.net/sites/1035/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dhozj507pfmqc.cloudfront.net/sites/1035/images/clean-state-tax-relief-logo.jpg
Requested by
Host: www.cleanslatetaxrelief.com
URL: https://www.cleanslatetaxrelief.com/index.php?offer_id=818&aff_id=1933&sub1=821358&sub2=690300384&sub3=&transaction_id=1025706fdc5f290d81a67b8f970230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:ba00:1:e725:7500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
74a3830b85cd4e1946688ac569ea5c685948e67336dcb94410977b7c9e828012

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cleanslatetaxrelief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:43:26 GMT
via
1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
last-modified
Thu, 07 Nov 2019 19:26:39 GMT
server
Apache
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
10724
x-amz-cf-id
UPGUJTH0FrCGguY_owQAlrmgWtQnKaqUtPNk73yDW4OM9HAKWsQpMg==
accredited-logo.jpg
dhozj507pfmqc.cloudfront.net/sites/1035/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dhozj507pfmqc.cloudfront.net/sites/1035/images/accredited-logo.jpg
Requested by
Host: www.cleanslatetaxrelief.com
URL: https://www.cleanslatetaxrelief.com/index.php?offer_id=818&aff_id=1933&sub1=821358&sub2=690300384&sub3=&transaction_id=1025706fdc5f290d81a67b8f970230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:ba00:1:e725:7500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
6b620320e40fd95612100b9685d1e32ea4afcfff588fa9ad0064a34ffbb0ea9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cleanslatetaxrelief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:43:26 GMT
via
1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
last-modified
Thu, 07 Nov 2019 19:26:39 GMT
server
Apache
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
6713
x-amz-cf-id
YA80DRLULKzvUUplUVd18RMDpDa66WaaPniMloKhI-n5vR41lJ00-g==
as-seen-on-logo.jpg
dhozj507pfmqc.cloudfront.net/sites/1035/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dhozj507pfmqc.cloudfront.net/sites/1035/images/as-seen-on-logo.jpg
Requested by
Host: www.cleanslatetaxrelief.com
URL: https://www.cleanslatetaxrelief.com/index.php?offer_id=818&aff_id=1933&sub1=821358&sub2=690300384&sub3=&transaction_id=1025706fdc5f290d81a67b8f970230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:ba00:1:e725:7500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
0ffdd47e1244d5b1b082061ab77379a3db9ea85347df3b4f4342a28ff7724468

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cleanslatetaxrelief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:43:26 GMT
via
1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
last-modified
Thu, 07 Nov 2019 19:26:39 GMT
server
Apache
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
13433
x-amz-cf-id
qqTEX7Q6jk2UjxzK9WeChbGYe4vk0eX8ewrM9_UuD8IvFqzF0ZlGaQ==
resolve-badge-bg.png
dhozj507pfmqc.cloudfront.net/sites/1035/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dhozj507pfmqc.cloudfront.net/sites/1035/images/resolve-badge-bg.png
Requested by
Host: www.cleanslatetaxrelief.com
URL: https://www.cleanslatetaxrelief.com/index.php?offer_id=818&aff_id=1933&sub1=821358&sub2=690300384&sub3=&transaction_id=1025706fdc5f290d81a67b8f970230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:ba00:1:e725:7500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
799adc723360008be0a0274eac64b042a0d90e1e31ad13f322d206ba68277032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cleanslatetaxrelief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:43:26 GMT
via
1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
last-modified
Thu, 07 Nov 2019 19:26:39 GMT
server
Apache
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
20632
x-amz-cf-id
mADSwAqve-70A2DOPyqrgk3djDVLM6zWXcU2yzFnaJ0ennOO6HaxuA==
tax-program-bg.jpg
dhozj507pfmqc.cloudfront.net/sites/1035/images/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dhozj507pfmqc.cloudfront.net/sites/1035/images/tax-program-bg.jpg
Requested by
Host: www.cleanslatetaxrelief.com
URL: https://www.cleanslatetaxrelief.com/index.php?offer_id=818&aff_id=1933&sub1=821358&sub2=690300384&sub3=&transaction_id=1025706fdc5f290d81a67b8f970230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:ba00:1:e725:7500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
052e44a101ae4f976eb30e19d3d2054bbc3e4acf2232075d904252874fd0700a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cleanslatetaxrelief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:43:26 GMT
via
1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
last-modified
Thu, 07 Nov 2019 19:26:40 GMT
server
Apache
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
57982
x-amz-cf-id
uP4HOG5Fz0vArb-r1FFB6J0IVVRVeei6Pnyy54fF9ZAM8JPUbQqyQw==
bar-bg.jpg
dhozj507pfmqc.cloudfront.net/sites/1035/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dhozj507pfmqc.cloudfront.net/sites/1035/images/bar-bg.jpg
Requested by
Host: www.cleanslatetaxrelief.com
URL: https://www.cleanslatetaxrelief.com/index.php?offer_id=818&aff_id=1933&sub1=821358&sub2=690300384&sub3=&transaction_id=1025706fdc5f290d81a67b8f970230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:ba00:1:e725:7500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
f684b7b90cb78ef2ac58b18f628a6490fbfb42813d03719fe16f30513d5eab9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cleanslatetaxrelief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:43:26 GMT
via
1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
last-modified
Thu, 07 Nov 2019 19:26:39 GMT
server
Apache
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
1212
x-amz-cf-id
nIILDs32q6xC8TkzSi-DsJgj3nozOSjrvCd9rUyvJP47JVUOTM7VqQ==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: www.cleanslatetaxrelief.com
URL: https://www.cleanslatetaxrelief.com/index.php?offer_id=818&aff_id=1933&sub1=821358&sub2=690300384&sub3=&transaction_id=1025706fdc5f290d81a67b8f970230
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cleanslatetaxrelief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 16:32:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
436270
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 27 May 2023 16:32:15 GMT
bootstrap.min.js
www.cleanslatetaxrelief.com/js/ 		36 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cleanslatetaxrelief.com/js/bootstrap.min.js
Requested by
Host: www.cleanslatetaxrelief.com
URL: https://www.cleanslatetaxrelief.com/index.php?offer_id=818&aff_id=1933&sub1=821358&sub2=690300384&sub3=&transaction_id=1025706fdc5f290d81a67b8f970230
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.81.118.28 , United States, ASN54641 (IMH-IAD, US),
Reverse DNS
ded5652.inmotionhosting.com
Software
Apache /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cleanslatetaxrelief.com/index.php?offer_id=818&aff_id=1933&sub1=821358&sub2=690300384&sub3=&transaction_id=1025706fdc5f290d81a67b8f970230
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date
Wed, 01 Jun 2022 17:43:25 GMT
Last-Modified
Thu, 07 Nov 2019 19:27:47 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
37045
body-bg.jpg
dhozj507pfmqc.cloudfront.net/sites/1035/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dhozj507pfmqc.cloudfront.net/sites/1035/images/body-bg.jpg
Requested by
Host: www.cleanslatetaxrelief.com
URL: https://www.cleanslatetaxrelief.com/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:ba00:1:e725:7500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
008b8abfc172c2baade5378d302983236070af538ac73aa8d0937a0594a53454

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cleanslatetaxrelief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:43:26 GMT
via
1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
last-modified
Thu, 07 Nov 2019 19:26:39 GMT
server
Apache
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
1522
x-amz-cf-id
7-7QeUELpn-b8zxFOiycncFC45rP-8FAcjbdv7YlOGie-ZQ3y-yTAg==
welcome-bg.jpg
dhozj507pfmqc.cloudfront.net/sites/1035/images/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dhozj507pfmqc.cloudfront.net/sites/1035/images/welcome-bg.jpg
Requested by
Host: www.cleanslatetaxrelief.com
URL: https://www.cleanslatetaxrelief.com/css/style.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:ba00:1:e725:7500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
0f91bf742fec99f3feb4164da4928391f607187e7d220b5b875ba5f602a57e78

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cleanslatetaxrelief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:43:26 GMT
via
1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
last-modified
Thu, 07 Nov 2019 19:26:40 GMT
server
Apache
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
67304
x-amz-cf-id
y-biI-gtiuR-tV-Hws1asSGSq4Aiu7oNpoXn9PX70rVRcql4AA5cJw==
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cleanslatetaxrelief.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 11:07:47 GMT
x-content-type-options
nosniff
age
196538
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 May 2023 11:07:47 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cleanslatetaxrelief.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 19:06:05 GMT
x-content-type-options
nosniff
age
167840
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15752
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 May 2023 19:06:05 GMT
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://www.cleanslatetaxrelief.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:43:25 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
685197
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AP6psC46YkvJE5KXCOq10v2h8ZsXLNeJjv9TzW1%2F2xfiI6t9FQOckmFSZHWrq%2BxqH3WIyMGtu6E6qJ0bRMwOXxzfXCxxI0uLu%2FbtvTvq%2F2n6hwXRigkrdEDFgUgyY1CFoEP7PaKdvoITq8jF4lRxZztp"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7149c0629d409018-FRA
expires
Mon, 22 May 2023 17:43:25 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,100i,300,300i,400,400i,500,500i,700,700i,900,900i&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.cleanslatetaxrelief.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Mon, 30 May 2022 12:43:04 GMT
x-content-type-options
nosniff
age
190821
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 30 May 2023 12:43:04 GMT
bootstrap.js
cdn.trustedform.com/
Redirect Chain
  • https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16541054059530.16264166994117213
  • https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16541054059530.16264166994117213
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16541054059530.16264166994117213
Requested by
Host: www.cleanslatetaxrelief.com
URL: https://www.cleanslatetaxrelief.com/index.php?offer_id=818&aff_id=1933&sub1=821358&sub2=690300384&sub3=&transaction_id=1025706fdc5f290d81a67b8f970230
Protocol
H2
Server
2600:9000:2315:2400:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c98c65185f0c687986fab5e2b66b56d7f89b896d1aa7dae48ccb466ee58ef46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cleanslatetaxrelief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:43:27 GMT
content-encoding
gzip
last-modified
Tue, 10 May 2022 15:11:25 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-P2
etag
W/"af2c721f28d4f08f6dd1e2d1538d6d5e"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 b17dca9c320b96e12b996848d121ffe4.cloudfront.net (CloudFront)
x-amz-version-id
M4BYxzuwDsSLMzNpxHSURX978fUhoR5T
x-amz-cf-id
YbDsDO8XfLAYfS2W_Xw1SDTaB6WA43UEJhdGl-zBxTvEFxUK_FzV2g==

Redirect headers

location
https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16541054059530.16264166994117213
date
Wed, 01 Jun 2022 17:43:26 GMT
server
awselb/2.0
content-length
134
content-type
text/html
certs
api.trustedform.com/ 		475 B
686 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16541054059530.16264166994117213
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.58.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-58-236.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
a25f13722a51b62b24e44e612846fc8a1e5d00090c54381f8b2ec76dee54a2d4

Request headers

Referer
https://www.cleanslatetaxrelief.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 01 Jun 2022 17:43:26 GMT
server
Cowboy
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
content-length
475
trustedform-1.8.26.js
cdn.trustedform.com/ 		97 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.trustedform.com/trustedform-1.8.26.js
Requested by
Host: api.trustedform.com
URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16541054059530.16264166994117213
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:2400:1c:7f1a:6680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
33da22f0d9d8386d0028f02a1f0052807daae08d3d6f14eb47e7262735d9b98b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cleanslatetaxrelief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-amz-version-id
YhD1w8vOtRO5jDnJaxxF8bLdiuVEBdVt
content-encoding
gzip
last-modified
Tue, 10 May 2022 15:11:25 GMT
server
AmazonS3
age
29
etag
W/"d9aa7fe810084b856ea5e1fed26caefa"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 b17dca9c320b96e12b996848d121ffe4.cloudfront.net (CloudFront)
date
Wed, 01 Jun 2022 17:42:59 GMT
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
Id0h_C647QkwcfCpsgQvaVE2SdRztAfDIcUfh7NS-iB3zjj1OR_0MQ==
snapshot
api.trustedform.com/certs/4dca90ede24a1070e38553ecfcb5063f0f75badc/ 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.trustedform.com/certs/4dca90ede24a1070e38553ecfcb5063f0f75badc/snapshot
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.236.58.236 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-236-58-236.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.cleanslatetaxrelief.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 01 Jun 2022 17:43:27 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
Cowboy
access-control-expose-headers
clean-state-tax-relief-logo.jpg
dhozj507pfmqc.cloudfront.net/sites/1035/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dhozj507pfmqc.cloudfront.net/sites/1035/images/clean-state-tax-relief-logo.jpg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:ba00:1:e725:7500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
74a3830b85cd4e1946688ac569ea5c685948e67336dcb94410977b7c9e828012

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cleanslatetaxrelief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:43:26 GMT
via
1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
last-modified
Thu, 07 Nov 2019 19:26:39 GMT
server
Apache
age
1
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
10724
x-amz-cf-id
NUl6WILpa3D8mfBHfcTfWGkr-XMp_lK7S8NTS4A964hRSmhoVd0sgQ==
accredited-logo.jpg
dhozj507pfmqc.cloudfront.net/sites/1035/images/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dhozj507pfmqc.cloudfront.net/sites/1035/images/accredited-logo.jpg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:ba00:1:e725:7500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
6b620320e40fd95612100b9685d1e32ea4afcfff588fa9ad0064a34ffbb0ea9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cleanslatetaxrelief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:43:26 GMT
via
1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
last-modified
Thu, 07 Nov 2019 19:26:39 GMT
server
Apache
age
1
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
6713
x-amz-cf-id
d3Sk-bYbTXAX8j5w2aZznJO7izA8CLAcX8adbWDeYdsKx4YhrodBqg==
as-seen-on-logo.jpg
dhozj507pfmqc.cloudfront.net/sites/1035/images/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dhozj507pfmqc.cloudfront.net/sites/1035/images/as-seen-on-logo.jpg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:ba00:1:e725:7500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
0ffdd47e1244d5b1b082061ab77379a3db9ea85347df3b4f4342a28ff7724468

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cleanslatetaxrelief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:43:26 GMT
via
1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
last-modified
Thu, 07 Nov 2019 19:26:39 GMT
server
Apache
age
1
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
13433
x-amz-cf-id
yJL3MYp-HWLBLTqMY7ms80oOYw3aTB9nlaXzJ9g6o75zbbqNIIsmrw==
resolve-badge-bg.png
dhozj507pfmqc.cloudfront.net/sites/1035/images/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dhozj507pfmqc.cloudfront.net/sites/1035/images/resolve-badge-bg.png
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:ba00:1:e725:7500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
799adc723360008be0a0274eac64b042a0d90e1e31ad13f322d206ba68277032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cleanslatetaxrelief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:43:26 GMT
via
1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
last-modified
Thu, 07 Nov 2019 19:26:39 GMT
server
Apache
age
1
x-cache
Hit from cloudfront
content-type
image/png
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
20632
x-amz-cf-id
Rwm91aVt50r0YVi8zdqHjmGnkQEc-yKcvbOAyQY2pMr6LLVbhnFAcw==
tax-program-bg.jpg
dhozj507pfmqc.cloudfront.net/sites/1035/images/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dhozj507pfmqc.cloudfront.net/sites/1035/images/tax-program-bg.jpg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:ba00:1:e725:7500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
052e44a101ae4f976eb30e19d3d2054bbc3e4acf2232075d904252874fd0700a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cleanslatetaxrelief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:43:26 GMT
via
1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
last-modified
Thu, 07 Nov 2019 19:26:40 GMT
server
Apache
age
1
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
57982
x-amz-cf-id
uASrdGXCuN6UDE6_AKN4jqr82y9XkDBmvdsTN3HPApH49yXSvpugHQ==
bar-bg.jpg
dhozj507pfmqc.cloudfront.net/sites/1035/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dhozj507pfmqc.cloudfront.net/sites/1035/images/bar-bg.jpg
Requested by
Host: cdn.trustedform.com
URL: https://cdn.trustedform.com/trustedform-1.8.26.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:ba00:1:e725:7500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
f684b7b90cb78ef2ac58b18f628a6490fbfb42813d03719fe16f30513d5eab9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.cleanslatetaxrelief.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Wed, 01 Jun 2022 17:43:26 GMT
via
1.1 4ecd74dda94d7576e134fcdf16df8128.cloudfront.net (CloudFront)
last-modified
Thu, 07 Nov 2019 19:26:39 GMT
server
Apache
age
1
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
1212
x-amz-cf-id
YNEZFb-ec0KagLbk6nVv7jAD7-PtuA4Y6oATzAwtc1YclOcnLzDzwA==
truncated
/ 		10 KB
10 KB 		Other
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type
text/javascript

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| autoTab function| startPage function| $ function| jQuery object| jQuery112400020113719491194892 object| trustedForm function| trustedFormStartRecording function| trustedFormStopRecording object| regeneratorRuntime

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.trustedform.com
cdn.trustedform.com
cdnjs.cloudflare.com
code.jquery.com
dhozj507pfmqc.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
www.cleanslatetaxrelief.com
172.81.118.28
2001:4de0:ac18::1:a:3b
2600:9000:2182:ba00:1:e725:7500:21
2600:9000:2315:2400:1c:7f1a:6680:93a1
2606:4700::6811:180e
2a00:1450:4001:80e::200a
2a00:1450:4001:811::200a
2a00:1450:4001:82f::2003
34.236.58.236
008b8abfc172c2baade5378d302983236070af538ac73aa8d0937a0594a53454
052e44a101ae4f976eb30e19d3d2054bbc3e4acf2232075d904252874fd0700a
0f91bf742fec99f3feb4164da4928391f607187e7d220b5b875ba5f602a57e78
0ffdd47e1244d5b1b082061ab77379a3db9ea85347df3b4f4342a28ff7724468
33da22f0d9d8386d0028f02a1f0052807daae08d3d6f14eb47e7262735d9b98b
3c98c65185f0c687986fab5e2b66b56d7f89b896d1aa7dae48ccb466ee58ef46
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6b620320e40fd95612100b9685d1e32ea4afcfff588fa9ad0064a34ffbb0ea9b
74a3830b85cd4e1946688ac569ea5c685948e67336dcb94410977b7c9e828012
799adc723360008be0a0274eac64b042a0d90e1e31ad13f322d206ba68277032
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
8103d727729df1244523e4e135cff230487e1d1b57da04e602a45c4e7f023dd4
a25f13722a51b62b24e44e612846fc8a1e5d00090c54381f8b2ec76dee54a2d4
af01de7e0de3163643db9485d238030d9bce466aa63b9136bbd29eb8ad990bcd
cb8727801989fbf422ff64272f21ef334b61234bf018cf78a9a3465e534264b2
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eed633a8002069e13f06351bfe014d0132941a0882144ccee95cdacfa403b954
f0295d9535d37b43026a81937cc096f5c0901a00377be1a0835cefb2013d2b80
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f684b7b90cb78ef2ac58b18f628a6490fbfb42813d03719fe16f30513d5eab9e
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c