urlscan.io logo urlscan.io
SecurityTrails logo

www.zerotaxservice.com Open in urlscan Pro
160.153.136.3  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.zerotaxservice.com/
Submission: On February 15 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 18 HTTP transactions. The main IP is 160.153.136.3, located in Amsterdam, Netherlands and belongs to GODADDY, DE. The main domain is www.zerotaxservice.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on February 15th 2021. Valid for: a year.
This is the only time www.zerotaxservice.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 160.153.136.3 20773 (GODADDY)
2 2a00:1450:400... 15169 (GOOGLE)
11 2.17.185.233 16625 (AKAMAI-AS)
2 2a00:1450:400... 15169 (GOOGLE)
1 23.37.42.16 16625 (AKAMAI-AS)
18 6
2    160.153.136.3 (Amsterdam, Netherlands)

ASN20773 (GODADDY, DE)
PTR: ip-160-153-136-3.ip.secureserver.net
www.zerotaxservice.com
2    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
11    2.17.185.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-17-185-233.deploy.static.akamaitechnologies.com
img1.wsimg.com
nebula.wsimg.com
2    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    23.37.42.16 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-16.deploy.static.akamaitechnologies.com
img.secureserver.net
Domain Requested by
6 img1.wsimg.com www.zerotaxservice.com
img1.wsimg.com
5 nebula.wsimg.com www.zerotaxservice.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com www.zerotaxservice.com
2 www.zerotaxservice.com
1 img.secureserver.net
18 6

This site contains links to these domains. Also see Links.

Domain
clients.zerotaxservice.com
www.godaddy.com
Subject Issuer Validity Valid
zerotaxservice.com
Go Daddy Secure Certificate Authority - G2		 2021-02-15 -
2022-03-19		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.wsimg.com
Starfield Secure Certificate Authority - G2		 2020-09-22 -
2021-10-24		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-01-26 -
2021-04-20		 3 months crt.sh
*.secureserver.net
Starfield Secure Certificate Authority - G2		 2019-10-22 -
2021-10-22		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://www.zerotaxservice.com/
Frame ID: 0D4A6F26E1F79BC80B872DA2B5E48A5F
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

18
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

151 kB
Transfer

314 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.zerotaxservice.com/ 		17 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.zerotaxservice.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.136.3 Amsterdam, Netherlands, ASN20773 (GODADDY, DE),
Reverse DNS
ip-160-153-136-3.ip.secureserver.net
Software
DPS/1.11.1 /
Resource Hash
074e82b0aca27de5e65b09a49b5af5f41fba0f7aca82e07fac248fd64555c960
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'

Request headers

:method
GET
:authority
www.zerotaxservice.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

link
<https://www.zerotaxservice.com/site.css?v=>; rel=preload; as=style,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://img2.wsimg.com>; rel=preconnect; crossorigin,<https://img4.wsimg.com>; rel=preconnect; crossorigin,<https://nebula.wsimg.com>; rel=preconnect; crossorigin
cache-control
public, max-age=60, s-maxage=300
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=utf-8
vary
Accept-Encoding
content-encoding
gzip
server
DPS/1.11.1
x-siteid
4000
set-cookie
dps_site_id=4000; path=/; secure
etag
fb783b21526b7baa23a834f69575acca
date
Mon, 15 Feb 2021 13:18:33 GMT
site.css
www.zerotaxservice.com/ 		27 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.zerotaxservice.com/site.css?v=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
160.153.136.3 Amsterdam, Netherlands, ASN20773 (GODADDY, DE),
Reverse DNS
ip-160-153-136-3.ip.secureserver.net
Software
DPS/1.11.1 /
Resource Hash
5db3a095b0c4c9a77333451574a1fda558819b745cf8e2a5799e645a7ce5a5e3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'

Request headers

Referer
https://www.zerotaxservice.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
content-encoding
gzip
server
DPS/1.11.1
etag
75da4fb210cdb325f5db4bf7f375415a
x-siteid
4000
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=60, s-maxage=300
date
Mon, 15 Feb 2021 13:18:33 GMT
link
<https://www.zerotaxservice.com/site.css?v=>; rel=preload; as=style,<https://fonts.googleapis.com>; rel=preconnect; crossorigin,<https://fonts.gstatic.com>; rel=preconnect; crossorigin,<https://img1.wsimg.com>; rel=preconnect; crossorigin,<https://img2.wsimg.com>; rel=preconnect; crossorigin,<https://img4.wsimg.com>; rel=preconnect; crossorigin,<https://nebula.wsimg.com>; rel=preconnect; crossorigin
css
fonts.googleapis.com/ 		17 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Fredericka+the+Great|Allura|Amatic+SC|Arizonia|Averia+Sans+Libre|Cabin+Sketch|Francois+One|Jacques+Francois+Shadow|Josefin+Slab|Kaushan+Script|Love+Ya+Like+A+Sister|Merriweather|Offside|Open+Sans|Open+Sans+Condensed|Oswald|Over+the+Rainbow|Pacifico|Romanesco|Sacramento|Seaweed+Script|Special+Elite
Requested by
Host: www.zerotaxservice.com
URL: https://www.zerotaxservice.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9cf8799c46fed494f438d28f73897bebe9b1dea1be511dd60c33df731a8a3dae
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.zerotaxservice.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 15 Feb 2021 13:18:33 GMT
server
ESF
date
Mon, 15 Feb 2021 13:18:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Feb 2021 13:18:33 GMT
css
fonts.googleapis.com/ 		11 KB
913 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Arimo:400,700|Open+Sans:400,600,700
Requested by
Host: www.zerotaxservice.com
URL: https://www.zerotaxservice.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3f3b0e77978f76240e5b4a2374c2dc5e4d7878378bfe7787ce0e95e06587e34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.zerotaxservice.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 15 Feb 2021 13:18:33 GMT
server
ESF
date
Mon, 15 Feb 2021 13:18:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 15 Feb 2021 13:18:33 GMT
duel.js
img1.wsimg.com/starfield/duel/v2.5.8/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/starfield/duel/v2.5.8/duel.js?appid=O3BkA5J1
Requested by
Host: www.zerotaxservice.com
URL: https://www.zerotaxservice.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-185-233.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1ca2faaa4a7ba86c934c337dcb47ebd521dd5721a9f62302ef36f074c1a4c8d8

Request headers

Referer
https://www.zerotaxservice.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Feb 2021 13:18:33 GMT
content-encoding
gzip
last-modified
Thu, 14 Jan 2016 20:03:53 GMT
etag
"6e4534b164fd11:0"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
15038
expires
Tue, 15 Feb 2022 13:18:33 GMT
5e731d2f4285e22112075356087efc4f
nebula.wsimg.com/ 		24 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nebula.wsimg.com/5e731d2f4285e22112075356087efc4f?AccessKeyId=0B19D55F58AA9BE98CA9&disposition=0&alloworigin=1
Requested by
Host: www.zerotaxservice.com
URL: https://www.zerotaxservice.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-185-233.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
936d25c558054ab1a607995a1e0b404bea90e0018f5b5854cbd36b61d4755727

Request headers

Referer
https://www.zerotaxservice.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Feb 2021 13:18:33 GMT
content-encoding
gzip
x-cloud-object-key
5e731d2f4285e22112075356087efc4f
x-cloud-acl
public-read
x-cloud-bucket-name
resources
x-cloud-object-name
resources/114d36c9-35f0-4c57-a8c2-db4ebfbde86c-cropped-ZEROTAX QRcode.JPG
x-cloud-public-bucket
[]
x-cloud-version
ac540df0e86c78d1db9ff112cce22a90
content-length
17105
x-cloud-meta
x-cloud-bucket-key
0ab24189625b1a5d62a51b57791c317c
last-modified
Thu, 31 Dec 2020 03:28:07 GMT
server
Apache
etag
aa989738289131a86695bb32e36d4763
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
must-revalidate, max-age=31536000
x-cloud-request-id
GDND7D7D0099A828694EA392C33893BC
created-date
Thu, 31 Dec 2020 03:28:07 GMT
fe264ebea09fb247b55654a1dbb00530
nebula.wsimg.com/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nebula.wsimg.com/fe264ebea09fb247b55654a1dbb00530?AccessKeyId=0B19D55F58AA9BE98CA9&disposition=0&alloworigin=1
Requested by
Host: www.zerotaxservice.com
URL: https://www.zerotaxservice.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-185-233.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fddc96ce5bee83ea8bc2e80246ebe87f8d752dfe3500ed2ce6ab53512dac445b

Request headers

Referer
https://www.zerotaxservice.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Feb 2021 13:18:33 GMT
content-encoding
gzip
x-cloud-object-key
fe264ebea09fb247b55654a1dbb00530
x-cloud-acl
public-read
x-cloud-bucket-name
resources
x-cloud-object-name
resources/32325845-5310-4b7e-b27b-6fdaae1d65aa-cropped-zerotaxlogo.jpg
x-cloud-public-bucket
[]
x-cloud-version
dc06837a3ad7dc71393270d188a32ace
content-length
5482
x-cloud-meta
x-cloud-bucket-key
0ab24189625b1a5d62a51b57791c317c
last-modified
Sun, 01 Jan 2016 23:41:15 GMT
server
Apache
etag
662f7688306c76c412e0de8fac44fb68
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
must-revalidate, max-age=31536000
x-cloud-request-id
GDN2CA0D0CB9AAE5F6E105677E3F59C3
created-date
Sun, 01 Jan 2016 23:41:15 GMT
59edfd70ef393c397781cdfa35bb9ecc
nebula.wsimg.com/ 		46 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nebula.wsimg.com/59edfd70ef393c397781cdfa35bb9ecc?AccessKeyId=0B19D55F58AA9BE98CA9&disposition=0&alloworigin=1
Requested by
Host: www.zerotaxservice.com
URL: https://www.zerotaxservice.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-185-233.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a00b798380f08100be797ba6e3614c7bc10db28585f27685cb0e6261e80744ac

Request headers

Referer
https://www.zerotaxservice.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Feb 2021 13:18:34 GMT
content-encoding
gzip
x-cloud-object-key
59edfd70ef393c397781cdfa35bb9ecc
x-cloud-acl
public-read
x-cloud-bucket-name
resources
x-cloud-object-name
resources/c4b8cff7-066c-41b3-a167-4c400b946f1f-cropped-ZEROTAXAPP.JPG
x-cloud-public-bucket
[]
x-cloud-version
c450513e4e86bcd0e59e820b3ba52429
content-length
33966
x-cloud-meta
x-cloud-bucket-key
0ab24189625b1a5d62a51b57791c317c
last-modified
Thu, 31 Dec 2020 10:13:17 GMT
server
Apache
etag
e585b66eb2366fb8957841180e4a75f1
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
must-revalidate, max-age=31536000
x-cloud-request-id
GDN82437D516938069522DA9ADCF0A56
created-date
Thu, 31 Dec 2020 10:13:17 GMT
80af0e2c139deff9f62de75f2f12f0e2
nebula.wsimg.com/ 		660 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nebula.wsimg.com/80af0e2c139deff9f62de75f2f12f0e2?AccessKeyId=0B19D55F58AA9BE98CA9&disposition=0&alloworigin=1
Requested by
Host: www.zerotaxservice.com
URL: https://www.zerotaxservice.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-185-233.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
214011094612f2f1a8d4933f2669893b625ace5367c15c1f990aac020c3169ee

Request headers

Referer
https://www.zerotaxservice.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Feb 2021 13:18:33 GMT
content-encoding
gzip
x-cloud-object-key
80af0e2c139deff9f62de75f2f12f0e2
x-cloud-acl
public-read
x-cloud-bucket-name
resources
x-cloud-object-name
resources/b266db04-3f18-493c-a338-39b64d5ea513-cropped-tel.png
x-cloud-public-bucket
[]
x-cloud-version
35c9abf234ed6cc15979bafff7245a71
content-length
683
x-cloud-meta
x-cloud-bucket-key
0ab24189625b1a5d62a51b57791c317c
last-modified
Mon, 02 Jan 2017 00:32:45 GMT
server
Apache
etag
e6c5960418be8716ec197841bbd873c5
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
must-revalidate, max-age=31536000
x-cloud-request-id
GDN407C249F332C03BF23E7916EA51A9
created-date
Mon, 02 Jan 2017 00:32:45 GMT
94a3f93db4db74c5a253936ea772e3b2
nebula.wsimg.com/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nebula.wsimg.com/94a3f93db4db74c5a253936ea772e3b2?AccessKeyId=0B19D55F58AA9BE98CA9&disposition=0&alloworigin=1
Requested by
Host: www.zerotaxservice.com
URL: https://www.zerotaxservice.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-185-233.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2714f5f83522a0bd90533b6254460f29bd6ecde846765d0f57efb68716032a1d

Request headers

Referer
https://www.zerotaxservice.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Feb 2021 13:18:33 GMT
content-encoding
gzip
x-cloud-object-key
94a3f93db4db74c5a253936ea772e3b2
x-cloud-acl
public-read
x-cloud-bucket-name
resources
x-cloud-object-name
resources/03c60220-deed-49d6-8618-5bfbf3c0091f-cropped-tax-time.jpg
x-cloud-public-bucket
[]
x-cloud-version
711fff0338e027de0f7e3ad3be832d08
content-length
4552
x-cloud-meta
x-cloud-bucket-key
0ab24189625b1a5d62a51b57791c317c
last-modified
Mon, 02 Jan 2017 00:34:48 GMT
server
Apache
etag
8e536354205c7be35c4af400c2f8786c
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
must-revalidate, max-age=31536000
x-cloud-request-id
GDN3237CFEE61097EF862A80756CB0FA
created-date
Mon, 02 Jan 2017 00:34:48 GMT
tcc_l.combined.1.0.5.min.js
img1.wsimg.com/tcc/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/tcc/tcc_l.combined.1.0.5.min.js
Requested by
Host: www.zerotaxservice.com
URL: https://www.zerotaxservice.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-185-233.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
d774beebaea68f3e3be399e441d6f5bf073ce036a8cce8a90b444c60d2985f04

Request headers

Referer
https://www.zerotaxservice.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Feb 2021 13:18:33 GMT
content-encoding
gzip
last-modified
Tue, 24 Nov 2015 21:28:14 GMT
etag
"02b9e6ff26d11:0"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
2157
expires
Tue, 15 Feb 2022 13:18:33 GMT
jq.js
img1.wsimg.com/wst/v7/WSB7_J_20201223_0633_WSB-18759_2919/v2/libs/jquery/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/wst/v7/WSB7_J_20201223_0633_WSB-18759_2919/v2/libs/jquery/jq.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/starfield/duel/v2.5.8/duel.js?appid=O3BkA5J1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-185-233.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4cf203e638014174f96a22eef8411dafc7e8c900160433acdb3f0396fa85b2f8

Request headers

Referer
https://www.zerotaxservice.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Feb 2021 13:18:33 GMT
content-encoding
gzip
last-modified
Wed, 23 Dec 2020 13:49:48 GMT
etag
"2179ff7a32d9d61:0"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
33456
expires
Tue, 15 Feb 2022 13:18:33 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/gif
TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYySUhiCXAA.woff
fonts.gstatic.com/s/oswald/v36/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v36/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiYySUhiCXAA.woff
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fredericka+the+Great|Allura|Amatic+SC|Arizonia|Averia+Sans+Libre|Cabin+Sketch|Francois+One|Jacques+Francois+Shadow|Josefin+Slab|Kaushan+Script|Love+Ya+Like+A+Sister|Merriweather|Offside|Open+Sans|Open+Sans+Condensed|Oswald|Over+the+Rainbow|Pacifico|Romanesco|Sacramento|Seaweed+Script|Special+Elite
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b810957ff3f3c7c207fbb3b24a0c9370f2b23bc94e7acfebceefa0d2976ac99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.zerotaxservice.com
Referer
https://fonts.googleapis.com/css?family=Fredericka+the+Great|Allura|Amatic+SC|Arizonia|Averia+Sans+Libre|Cabin+Sketch|Francois+One|Jacques+Francois+Shadow|Josefin+Slab|Kaushan+Script|Love+Ya+Like+A+Sister|Merriweather|Offside|Open+Sans|Open+Sans+Condensed|Oswald|Over+the+Rainbow|Pacifico|Romanesco|Sacramento|Seaweed+Script|Special+Elite
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 08 Feb 2021 17:21:23 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 20:33:12 GMT
server
sffe
age
590230
content-type
font/woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12672
x-xss-protection
0
expires
Tue, 08 Feb 2022 17:21:23 GMT
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fredericka+the+Great|Allura|Amatic+SC|Arizonia|Averia+Sans+Libre|Cabin+Sketch|Francois+One|Jacques+Francois+Shadow|Josefin+Slab|Kaushan+Script|Love+Ya+Like+A+Sister|Merriweather|Offside|Open+Sans|Open+Sans+Condensed|Oswald|Over+the+Rainbow|Pacifico|Romanesco|Sacramento|Seaweed+Script|Special+Elite
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.zerotaxservice.com
Referer
https://fonts.googleapis.com/css?family=Fredericka+the+Great|Allura|Amatic+SC|Arizonia|Averia+Sans+Libre|Cabin+Sketch|Francois+One|Jacques+Francois+Shadow|Josefin+Slab|Kaushan+Script|Love+Ya+Like+A+Sister|Merriweather|Offside|Open+Sans|Open+Sans+Condensed|Oswald|Over+the+Rainbow|Pacifico|Romanesco|Sacramento|Seaweed+Script|Special+Elite
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 10 Feb 2021 22:00:39 GMT
x-content-type-options
nosniff
last-modified
Tue, 15 Sep 2020 18:09:28 GMT
server
sffe
age
400674
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9132
x-xss-protection
0
expires
Thu, 10 Feb 2022 22:00:39 GMT
cookiemanager.js
img1.wsimg.com/wst/v7/WSB7_J_20201223_0633_WSB-18759_2919/v2/common/cookiemanager/ 		552 B
569 B 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/wst/v7/WSB7_J_20201223_0633_WSB-18759_2919/v2/common/cookiemanager/cookiemanager.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/starfield/duel/v2.5.8/duel.js?appid=O3BkA5J1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-185-233.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3e1adba2cfbb91f080da970318299e5ecfcbf0cca6e5bbe8543822d34d06d8e3

Request headers

Referer
https://www.zerotaxservice.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Feb 2021 13:18:33 GMT
content-encoding
gzip
last-modified
Wed, 23 Dec 2020 13:42:55 GMT
etag
"da804a8431d9d61:0"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
355
expires
Tue, 15 Feb 2022 13:18:33 GMT
iebackground.js
img1.wsimg.com/wst/v7/WSB7_J_20201223_0633_WSB-18759_2919/v2/designer/iebackground/ 		1 KB
816 B 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/wst/v7/WSB7_J_20201223_0633_WSB-18759_2919/v2/designer/iebackground/iebackground.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/starfield/duel/v2.5.8/duel.js?appid=O3BkA5J1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-185-233.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
cf0450afe6f75037853e4eefdcf6d54e8d0ffe34a10b635dc703db2f8f2e85bd

Request headers

Referer
https://www.zerotaxservice.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Feb 2021 13:18:33 GMT
content-encoding
gzip
last-modified
Wed, 23 Dec 2020 13:43:34 GMT
etag
"b40fa9b31d9d61:0"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
603
expires
Tue, 15 Feb 2022 13:18:33 GMT
util.window.js
img1.wsimg.com/wst/v7/WSB7_J_20201223_0633_WSB-18759_2919/v2/common/util/ 		111 B
328 B 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/wst/v7/WSB7_J_20201223_0633_WSB-18759_2919/v2/common/util/util.window.js
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/starfield/duel/v2.5.8/duel.js?appid=O3BkA5J1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.17.185.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-17-185-233.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0a76f5945828a2b4977a1758cdb53eed66e558fcbd27e50601225c4ec1b846a0

Request headers

Referer
https://www.zerotaxservice.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 15 Feb 2021 13:18:33 GMT
content-encoding
gzip
last-modified
Wed, 23 Dec 2020 13:42:59 GMT
etag
"e35bb28631d9d61:0"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
115
expires
Tue, 15 Feb 2022 13:18:33 GMT
event
img.secureserver.net/t/1/tl/ 		43 B
643 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.secureserver.net/t/1/tl/event?cts=1613395113613&ap=WSBv7&ds=4000&tce=1613395113311&tcs=1613395113185&tdc=1613395114915&tdclee=1613395113614&tdcles=1613395113614&tdi=1613395113614&tdl=1613395113385&tdle=1613395113185&tdls=1613395113178&tfs=1613395113178&tns=1613395113177&trqs=1613395113311&tre=1613395113382&trps=1613395113382&tles=1613395114915&tlee=1613395114917&dh=www.zerotaxservice.com&dp=%2F&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&feedtype=perf&z=1630267899
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.42.16 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-16.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.zerotaxservice.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Date
Mon, 15 Feb 2021 13:18:35 GMT
X-Frame-Options
DENY
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.zerotaxservice.com, *
Access-Control-Max-Age
1000
Cache-Control
private
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
43
X-XSS-Protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| $sf object| $sfConfig string| p object| curl function| require function| define function| tccl_dpsid object| _trfd object| true object| tcp function| $ function| jQuery

1 Cookies

Domain/Path Name / Value
www.zerotaxservice.com/ Name: dps_site_id
Value: 4000

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
img.secureserver.net
img1.wsimg.com
nebula.wsimg.com
www.zerotaxservice.com
160.153.136.3
2.17.185.233
23.37.42.16
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2003
074e82b0aca27de5e65b09a49b5af5f41fba0f7aca82e07fac248fd64555c960
0a76f5945828a2b4977a1758cdb53eed66e558fcbd27e50601225c4ec1b846a0
1ca2faaa4a7ba86c934c337dcb47ebd521dd5721a9f62302ef36f074c1a4c8d8
214011094612f2f1a8d4933f2669893b625ace5367c15c1f990aac020c3169ee
2714f5f83522a0bd90533b6254460f29bd6ecde846765d0f57efb68716032a1d
3e1adba2cfbb91f080da970318299e5ecfcbf0cca6e5bbe8543822d34d06d8e3
4cf203e638014174f96a22eef8411dafc7e8c900160433acdb3f0396fa85b2f8
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
5db3a095b0c4c9a77333451574a1fda558819b745cf8e2a5799e645a7ce5a5e3
6b810957ff3f3c7c207fbb3b24a0c9370f2b23bc94e7acfebceefa0d2976ac99
936d25c558054ab1a607995a1e0b404bea90e0018f5b5854cbd36b61d4755727
9cf8799c46fed494f438d28f73897bebe9b1dea1be511dd60c33df731a8a3dae
a00b798380f08100be797ba6e3614c7bc10db28585f27685cb0e6261e80744ac
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
cf0450afe6f75037853e4eefdcf6d54e8d0ffe34a10b635dc703db2f8f2e85bd
d774beebaea68f3e3be399e441d6f5bf073ce036a8cce8a90b444c60d2985f04
e3f3b0e77978f76240e5b4a2374c2dc5e4d7878378bfe7787ce0e95e06587e34
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fddc96ce5bee83ea8bc2e80246ebe87f8d752dfe3500ed2ce6ab53512dac445b