newrez.taxwallet.io Open in urlscan Pro
20.119.128.5 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://newrez.taxwallet.io/
Submission: On July 15 via automatic, source certstream-suspicious (July 15th 2024, 3:03:43 am UTC) — Scanned from CA

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 14 HTTP transactions. The main IP is 20.119.128.5, located in Boydton, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is newrez.taxwallet.io.
TLS certificate: Issued by R11 on June 11th 2024. Valid for: 3 months.

This is the only time newrez.taxwallet.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	20.119.128.5 20.119.128.5	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.31.95 142.250.31.95	15169 (GOOGLE) (GOOGLE)
4	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	20.72.97.235 20.72.97.235	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	35.71.178.224 35.71.178.224	16509 (AMAZON-02) (AMAZON-02)
14	6

4 20.119.128.5 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

newrez.taxwallet.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.31.95 (United States)

ASN15169 (GOOGLE, US)
PTR: bj-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.72.97.235 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

apim-taxwallet.azure-api.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.178.224 (United States)

ASN16509 (AMAZON-02, US)
PTR: a71a8df23b4ece90e.awsglobalaccelerator.com

chl.okta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2086 ekr.zdassets.com — Cisco Umbrella Rank: 2490	343 KB
4	taxwallet.io newrez.taxwallet.io	2 MB
2	okta.com chl.okta.com — Cisco Umbrella Rank: 261651	450 B
2	azure-api.net apim-taxwallet.azure-api.net	550 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 74	2 KB
14	5

	Domain	Requested by
4	static.zdassets.com	newrez.taxwallet.io static.zdassets.com
4	newrez.taxwallet.io	newrez.taxwallet.io
2	chl.okta.com	newrez.taxwallet.io
2	apim-taxwallet.azure-api.net	newrez.taxwallet.io
1	ekr.zdassets.com	static.zdassets.com
1	fonts.googleapis.com	newrez.taxwallet.io
14	6

This site contains no links.

Subject Issuer	Validity	Valid
newrez.taxwallet.io R11	`2024-06-11` - `2024-09-09`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-24` - `2024-09-16`	3 months	crt.sh
zdassets.com E6	`2024-06-29` - `2024-09-27`	3 months	crt.sh
apim-taxwallet.azure-api.net Microsoft Azure RSA TLS Issuing CA 03	`2024-05-22` - `2025-05-17`	a year	crt.sh
*.okta.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-12` - `2025-03-14`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://newrez.taxwallet.io/
Frame ID: EAB89E58BE061C49945B0BF992AE8AE6
Requests: 9 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-10f1ab3.js
Frame ID: 33995CAC6B2167CBA6C791B7C8A10D78
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Halcyon - Tax Wallet

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

14
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

2277 kB
Transfer

6876 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
newrez.taxwallet.io/ 1 KB
3 KB 509ms
90ms Document
text/html 20.119.128.5
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://newrez.taxwallet.io/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.119.128.5 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

a4bb6462b01cccac0d933139de6e7549d7224ab367d450ed9fc60704792eccfe

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob:;script-src-elem 'unsafe-inline' 'self' https://editor.unlayer.com https://static.zdassets.com https://widget-mediator.zopim.com wss://widget-mediator.zopim.com; frame-src 'self' https://editor.unlayer.com blob: data:;img-src 'self' blob: data: https://publicassetstwprod.blob.core.windows.net/ blob: data: https://sttwirsdataprod.blob.core.windows.net/ https://sttwirsdataqa.blob.core.windows.net/; connect-src 'self' https://.okta.com/ https://.taxwallet.io/ https://login.microsoftonline.com/ https://halcyonstillwaterhelp.zendesk.com/* https://apimtw-taxwallet-prod.azure-api.net/ https://apim-taxwallet.azure-api.net/ https://widget-mediator.zopim.com https://taxwallet-idupload.azure-api.net/ https://taxwallet-idupload-prod.azure-api.net/api-tw-idupload/v1/ https://halcyonstillwaterhelp.zendesk.com/api/v2/requests https://ekr.zdassets.com;font-src 'self' https://fonts.gstatic.com/; object-src 'self';base-uri 'self';style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/ worker-src 'self' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 815
Content-Security-Policy: default-src 'self' 'unsafe-inline' blob:;script-src-elem 'unsafe-inline' 'self' https://editor.unlayer.com https://static.zdassets.com https://widget-mediator.zopim.com wss://widget-mediator.zopim.com; frame-src 'self' https://editor.unlayer.com blob: data:;img-src 'self' blob: data: https://publicassetstwprod.blob.core.windows.net/ blob: data: https://sttwirsdataprod.blob.core.windows.net/ https://sttwirsdataqa.blob.core.windows.net/; connect-src 'self' https://*.okta.com/ https://*.taxwallet.io/ https://login.microsoftonline.com/ https://halcyonstillwaterhelp.zendesk.com/* https://apimtw-taxwallet-prod.azure-api.net/ https://apim-taxwallet.azure-api.net/ https://widget-mediator.zopim.com https://taxwallet-idupload.azure-api.net/ https://taxwallet-idupload-prod.azure-api.net/api-tw-idupload/v1/ https://halcyonstillwaterhelp.zendesk.com/api/v2/requests https://ekr.zdassets.com;font-src 'self' https://fonts.gstatic.com/; object-src 'self';base-uri 'self';style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/ worker-src 'self' 'unsafe-inline' blob:
Content-Type: text/html
Date: Mon, 15 Jul 2024 03:03:36 GMT
ETag: "0592a31bccbda1:0"
Expect-CT: max-age=86400, enforce
Last-Modified: Mon, 01 Jul 2024 13:40:10 GMT
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Referrer-Policy: strict-origin-when-cross-origin
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-XSS-Protection: 1; mode=block

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
2 KB 154ms
59ms Stylesheet
text/css 142.250.31.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open%20Sans&display=swap

Requested by

Host: newrez.taxwallet.io
URL: https://newrez.taxwallet.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.31.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bj-in-f95.1e100.net

Software

ESF /

Resource Hash

12eebba255ce6f856459cab6b183b507be0417a322f46faf7dd71b3c4b0eec27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://newrez.taxwallet.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 Jul 2024 03:03:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32/mr
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 Jul 2024 01:51:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 Jul 2024 03:03:36 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 158ms
43ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=f16a41f2-97a4-4af7-8659-d90d2d49692d

Requested by

Host: newrez.taxwallet.io
URL: https://newrez.taxwallet.io/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://newrez.taxwallet.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 03:03:36 GMT
x-amz-version-id: sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 1XEFSGR91PCDXE6F
age: 49
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: OAeeKDeTQpE8kek846C2mhvc59K+Z8qN+9Jm6dRF1kaXHTO36LS+00rAD/gc+KXlg4dFiT2mbVo=
last-modified: Mon, 15 Jan 2024 02:56:11 GMT
server: cloudflare
etag: W/"c0053b411b753138af468db1bd3b19f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6lRK1PYyNzffPk3YGVmjAqlcOv%2FvI7G7dgzgqsqbsg0apQRrQmRVwdVrptLeubXNREEbp8iDj7FZhwIrv7RsKYcSAnecvdhfCzO3MP%2Bk12y6e7wJF1RgVQiZTtd5oKBZM4IUzcs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=3600, s-maxage=60
access-control-max-age: 0
cf-ray: 8a3685368cd7ac64-YYZ
access-control-allow-headers: *

GET
H/1.1 200
OK index.ac4079cb.js Show response
newrez.taxwallet.io/assets/ 5 MB
2 MB 128ms
128ms Script
application/x-javascript 20.119.128.5
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://newrez.taxwallet.io/assets/index.ac4079cb.js

Requested by

Host: newrez.taxwallet.io
URL: https://newrez.taxwallet.io/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.119.128.5 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

470f8f84d745864b30f0f75e80e08d1e9f99492c53fc9538a09db59b57692652

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob:;script-src-elem 'unsafe-inline' 'self' https://editor.unlayer.com https://static.zdassets.com https://widget-mediator.zopim.com wss://widget-mediator.zopim.com; frame-src 'self' https://editor.unlayer.com blob: data:;img-src 'self' blob: data: https://publicassetstwprod.blob.core.windows.net/ blob: data: https://sttwirsdataprod.blob.core.windows.net/ https://sttwirsdataqa.blob.core.windows.net/; connect-src 'self' https://.okta.com/ https://.taxwallet.io/ https://login.microsoftonline.com/ https://halcyonstillwaterhelp.zendesk.com/* https://apimtw-taxwallet-prod.azure-api.net/ https://apim-taxwallet.azure-api.net/ https://widget-mediator.zopim.com https://taxwallet-idupload.azure-api.net/ https://taxwallet-idupload-prod.azure-api.net/api-tw-idupload/v1/ https://halcyonstillwaterhelp.zendesk.com/api/v2/requests https://ekr.zdassets.com;font-src 'self' https://fonts.gstatic.com/; object-src 'self';base-uri 'self';style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/ worker-src 'self' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newrez.taxwallet.io/
Origin: https://newrez.taxwallet.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Jul 2024 03:03:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: default-src 'self' 'unsafe-inline' blob:;script-src-elem 'unsafe-inline' 'self' https://editor.unlayer.com https://static.zdassets.com https://widget-mediator.zopim.com wss://widget-mediator.zopim.com; frame-src 'self' https://editor.unlayer.com blob: data:;img-src 'self' blob: data: https://publicassetstwprod.blob.core.windows.net/ blob: data: https://sttwirsdataprod.blob.core.windows.net/ https://sttwirsdataqa.blob.core.windows.net/; connect-src 'self' https://*.okta.com/ https://*.taxwallet.io/ https://login.microsoftonline.com/ https://halcyonstillwaterhelp.zendesk.com/* https://apimtw-taxwallet-prod.azure-api.net/ https://apim-taxwallet.azure-api.net/ https://widget-mediator.zopim.com https://taxwallet-idupload.azure-api.net/ https://taxwallet-idupload-prod.azure-api.net/api-tw-idupload/v1/ https://halcyonstillwaterhelp.zendesk.com/api/v2/requests https://ekr.zdassets.com;font-src 'self' https://fonts.gstatic.com/; object-src 'self';base-uri 'self';style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/ worker-src 'self' 'unsafe-inline' blob:
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 01 Jul 2024 13:40:10 GMT
ETag: "0592a31bccbda1:0"
Expect-CT: max-age=86400, enforce
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges: bytes

GET
H/1.1 200
OK index.ca0ad7d1.css
newrez.taxwallet.io/assets/ 614 KB
121 KB 1067ms
82ms Stylesheet
text/css 20.119.128.5
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://newrez.taxwallet.io/assets/index.ca0ad7d1.css

Requested by

Host: newrez.taxwallet.io
URL: https://newrez.taxwallet.io/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.119.128.5 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

379704eab8558405778c606dfd3aa4edc2efe6ce673456f69b742fe744932dcf

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob:;script-src-elem 'unsafe-inline' 'self' https://editor.unlayer.com https://static.zdassets.com https://widget-mediator.zopim.com wss://widget-mediator.zopim.com; frame-src 'self' https://editor.unlayer.com blob: data:;img-src 'self' blob: data: https://publicassetstwprod.blob.core.windows.net/ blob: data: https://sttwirsdataprod.blob.core.windows.net/ https://sttwirsdataqa.blob.core.windows.net/; connect-src 'self' https://.okta.com/ https://.taxwallet.io/ https://login.microsoftonline.com/ https://halcyonstillwaterhelp.zendesk.com/* https://apimtw-taxwallet-prod.azure-api.net/ https://apim-taxwallet.azure-api.net/ https://widget-mediator.zopim.com https://taxwallet-idupload.azure-api.net/ https://taxwallet-idupload-prod.azure-api.net/api-tw-idupload/v1/ https://halcyonstillwaterhelp.zendesk.com/api/v2/requests https://ekr.zdassets.com;font-src 'self' https://fonts.gstatic.com/; object-src 'self';base-uri 'self';style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/ worker-src 'self' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newrez.taxwallet.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Jul 2024 03:03:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Permitted-Cross-Domain-Policies: none
Content-Security-Policy: default-src 'self' 'unsafe-inline' blob:;script-src-elem 'unsafe-inline' 'self' https://editor.unlayer.com https://static.zdassets.com https://widget-mediator.zopim.com wss://widget-mediator.zopim.com; frame-src 'self' https://editor.unlayer.com blob: data:;img-src 'self' blob: data: https://publicassetstwprod.blob.core.windows.net/ blob: data: https://sttwirsdataprod.blob.core.windows.net/ https://sttwirsdataqa.blob.core.windows.net/; connect-src 'self' https://*.okta.com/ https://*.taxwallet.io/ https://login.microsoftonline.com/ https://halcyonstillwaterhelp.zendesk.com/* https://apimtw-taxwallet-prod.azure-api.net/ https://apim-taxwallet.azure-api.net/ https://widget-mediator.zopim.com https://taxwallet-idupload.azure-api.net/ https://taxwallet-idupload-prod.azure-api.net/api-tw-idupload/v1/ https://halcyonstillwaterhelp.zendesk.com/api/v2/requests https://ekr.zdassets.com;font-src 'self' https://fonts.gstatic.com/; object-src 'self';base-uri 'self';style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/ worker-src 'self' 'unsafe-inline' blob:
Transfer-Encoding: chunked
X-XSS-Protection: 1; mode=block
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Mon, 01 Jul 2024 13:40:10 GMT
ETag: "0592a31bccbda1:0"
Expect-CT: max-age=86400, enforce
Vary: Accept-Encoding
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges: bytes

GET
H2 200 f16a41f2-97a4-4af7-8659-d90d2d49692d Show response
ekr.zdassets.com/compose/ 1 KB
1 KB 197ms
119ms Fetch
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/f16a41f2-97a4-4af7-8659-d90d2d49692d

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f16a41f2-97a4-4af7-8659-d90d2d49692d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

508e7318c46c84d9fd9b56ba90d4493c246088ccd77bdb06009239e3a56dfda9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newrez.taxwallet.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 03:03:36 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 8a18a039cec21762-SEA, 8a18a039cec21762-SEA
x-runtime: 0.004333
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"508e7318c46c84d9fd9b56ba90d4493c"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sZisnzx44gGOO2lNJDaiS476RAILUyyiqjq5nhnoCs5IXYKRzgnQ4udNlwIls33KwDldgOEYgqDTqZ2AsmV4jnXD4FcnuhrSJ9E6KZmEwyGb3jeIsXhUKhm5h2Qqcn170dM%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 8a3685375886aa95-YYZ

GET
H2 200 web-widget-main-10f1ab3.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 3399 972 KB
278 KB 43ms
43ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-10f1ab3.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=f16a41f2-97a4-4af7-8659-d90d2d49692d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

333101dc7e6ac41496b84ab4e6c449a2b83349c7d4218cc211af3f74a17c311f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 03:03:37 GMT
x-amz-version-id: g.EH4x2WBR8m0OIfWsbIjZd8WVlSed1A
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: FQ7KD78D06DN5973
age: 6930
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: sOvRoI+ZdFh51O93Qz4qfk4mmo5DQOg2aG1e/U8Lf3Ptl3KN4+5ObF+ZbkClEA6IYzFbi6i8Ob57iW4Inm8apHRjNDU/WkCO
last-modified: Thu, 04 Jul 2024 12:37:48 GMT
server: cloudflare
etag: W/"7d73ba663f8cf418cf05e529589ac7af"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sb2ZI%2Bosc2rBJvJmxIuNWmEkf848lEMWejClTZgm2BRXNFyR%2FsgjrGTmoWCL0YOBVbf8Hfwcgm4VuEoVKnVQSJcIcroBTUWEQtKheKZ51lSPKB3VZGf5U2Dv1j5zTqL%2Fch7eTrw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 8a3685383eacac64-YYZ
access-control-allow-headers: *
expires: Fri, 04 Jul 2025 12:37:47 GMT

GET
H2 200 en-us-json-10f1ab3.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 3399 25 KB
6 KB 38ms
37ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-10f1ab3.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-10f1ab3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 03:03:37 GMT
x-amz-version-id: H2_.sS9bWR.piM2oq07fnCUbJK1mFJJH
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: HGJ1RV9F5V0SRV52
age: 322075
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: J5X5aAFeRQlShee91RFHhKNraJunraECdIcmBdXCU1iisIxBX6LSL09RcSkjCB22Pn1VpVCbO7Q=
last-modified: Thu, 04 Jul 2024 12:37:49 GMT
server: cloudflare
etag: W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ziZR61Qd6n7uQfAICW0kHwIcThDD2D0LRMfg4feZ1EIyBvvZ0TAtFFzp09AIVcBVB9caTL%2FNL6sR9HtxGzv5etQm5pwLIM3OCHJOU91DQnUjyPd7C1TLVsq6mbVkAkEKordTlZA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 8a368539b853ac64-YYZ
access-control-allow-headers: *
expires: Fri, 04 Jul 2025 12:37:48 GMT

GET
H2 200 web-widget-chat-sdk-10f1ab3.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 3399 216 KB
53 KB 44ms
44ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-10f1ab3.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-10f1ab3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8caa3b3ec2630f77a22e865988f01fc8e76abb8ca6c288910b93db0d0b806162

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 15 Jul 2024 03:03:37 GMT
x-amz-version-id: OAA7Ijfe1b0FAyqq0BG7rtGOthZGm6KT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: HGJEVYP29AGQK78C
age: 322075
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: EeO7gTpcuyKSmVJljdrfDJ4Ip3vXE+u9XVkF/ZodahjiBXovjw7sWkic6zZ1wN3Eb5f+Mn1SPC2AREOWm3KOQr/CQ7GJ1kZD
last-modified: Thu, 04 Jul 2024 12:37:47 GMT
server: cloudflare
etag: W/"bf7f24c006f934261d7ff732b528402b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LDcJfL%2FlSXIefb%2BnnPN0zcFFKvwYcpB2ZvQpgyksAtfUb8rUZn6U1VaYLXolxJKWiHMio5R9B0wW%2FWK4jkZTMhoYcBOwcUcaCjMenEbsYzvXzuInnLhSf5dwcBbY8w8rC3Vcw5k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 8a36853a08b7ac64-YYZ
access-control-allow-headers: *
expires: Fri, 04 Jul 2025 12:37:46 GMT

OPTIONS
H/1.1 200
OK configuration
apim-taxwallet.azure-api.net/transcripts/institutions/ Frame 0
0 389ms
46ms Preflight 20.72.97.235
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://apim-taxwallet.azure-api.net/transcripts/institutions/configuration?subdomain=newrez
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 20.72.97.235 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,ocp-apim-subscription-key
Access-Control-Request-Method: GET
Origin: https://newrez.taxwallet.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,ocp-apim-subscription-key
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 300
Content-Length: 0
Date: Mon, 15 Jul 2024 03:03:38 GMT
Request-Context: appId=cid-v1:a901ce3d-1f67-4a72-a1f3-2dc8ab73f654

GET
H/1.1 200
OK configuration Show response
apim-taxwallet.azure-api.net/transcripts/institutions/ 122 B
550 B 419ms
419ms XHR
application/json 20.72.97.235
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://apim-taxwallet.azure-api.net/transcripts/institutions/configuration?subdomain=newrez

Requested by

Host: newrez.taxwallet.io
URL: https://newrez.taxwallet.io/assets/index.ac4079cb.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.72.97.235 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

36a6f678ddd72d11a43fd3baa112e1762559cb3d5cd6435262d6da48407993c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: application/json, text/plain, */*
Referer: https://newrez.taxwallet.io/
Authorization: Bearer null
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Ocp-Apim-Subscription-Key: 736af9cdc0dd45d5b62ed85f61f49ae3

Response headers

Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
Date: Mon, 15 Jul 2024 03:03:38 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Request-Context: appId=cid-v1:a901ce3d-1f67-4a72-a1f3-2dc8ab73f654

GET
H/1.1 200
OK favicon.svg
newrez.taxwallet.io/ 5 KB
7 KB 51ms
50ms Other
image/svg+xml 20.119.128.5
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://newrez.taxwallet.io/favicon.svg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

20.119.128.5 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

6a4c9d77cf69f5bbf96ac3a79afe8733facb5f2e552433a0ab5bf333df8a35ad

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob:;script-src-elem 'unsafe-inline' 'self' https://editor.unlayer.com https://static.zdassets.com https://widget-mediator.zopim.com wss://widget-mediator.zopim.com; frame-src 'self' https://editor.unlayer.com blob: data:;img-src 'self' blob: data: https://publicassetstwprod.blob.core.windows.net/ blob: data: https://sttwirsdataprod.blob.core.windows.net/ https://sttwirsdataqa.blob.core.windows.net/; connect-src 'self' https://.okta.com/ https://.taxwallet.io/ https://login.microsoftonline.com/ https://halcyonstillwaterhelp.zendesk.com/* https://apimtw-taxwallet-prod.azure-api.net/ https://apim-taxwallet.azure-api.net/ https://widget-mediator.zopim.com https://taxwallet-idupload.azure-api.net/ https://taxwallet-idupload-prod.azure-api.net/api-tw-idupload/v1/ https://halcyonstillwaterhelp.zendesk.com/api/v2/requests https://ekr.zdassets.com;font-src 'self' https://fonts.gstatic.com/; object-src 'self';base-uri 'self';style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/ worker-src 'self' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://newrez.taxwallet.io/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Mon, 15 Jul 2024 03:03:37 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src 'self' 'unsafe-inline' blob:;script-src-elem 'unsafe-inline' 'self' https://editor.unlayer.com https://static.zdassets.com https://widget-mediator.zopim.com wss://widget-mediator.zopim.com; frame-src 'self' https://editor.unlayer.com blob: data:;img-src 'self' blob: data: https://publicassetstwprod.blob.core.windows.net/ blob: data: https://sttwirsdataprod.blob.core.windows.net/ https://sttwirsdataqa.blob.core.windows.net/; connect-src 'self' https://*.okta.com/ https://*.taxwallet.io/ https://login.microsoftonline.com/ https://halcyonstillwaterhelp.zendesk.com/* https://apimtw-taxwallet-prod.azure-api.net/ https://apim-taxwallet.azure-api.net/ https://widget-mediator.zopim.com https://taxwallet-idupload.azure-api.net/ https://taxwallet-idupload-prod.azure-api.net/api-tw-idupload/v1/ https://halcyonstillwaterhelp.zendesk.com/api/v2/requests https://ekr.zdassets.com;font-src 'self' https://fonts.gstatic.com/; object-src 'self';base-uri 'self';style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/ worker-src 'self' 'unsafe-inline' blob:
Last-Modified: Mon, 01 Jul 2024 13:32:42 GMT
Referrer-Policy: strict-origin-when-cross-origin
X-Permitted-Cross-Domain-Policies: none
ETag: "0f92226bbcbda1:0"
Expect-CT: max-age=86400, enforce
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml
Permissions-Policy: accelerometer=(self), camera=(self), geolocation=(self), gyroscope=(self), magnetometer=(self), microphone=(self), payment=(self), usb=(self)
Accept-Ranges: bytes
Content-Length: 5154
X-XSS-Protection: 1; mode=block

GET
H2 403 openid-configuration Show response
chl.okta.com/.well-known/ 178 B
450 B 99ms
99ms Fetch
application/json 35.71.178.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://chl.okta.com/.well-known/openid-configuration

Requested by

Host: newrez.taxwallet.io
URL: https://newrez.taxwallet.io/assets/index.ac4079cb.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.71.178.224 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a71a8df23b4ece90e.awsglobalaccelerator.com

Software

nginx /

Resource Hash

9bf8e23a3166377ffd882602e8cecb9b0d9f2234ca64c5cb9fcbb9af86c2933e

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://newrez.taxwallet.io/
X-Okta-User-Agent-Extended: okta-auth-js/7.5.1 @okta/okta-react/6.7.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

x-okta-request-id: 9a1d02e4d75e08526702a8896c0c77d5
date: Mon, 15 Jul 2024 03:03:39 GMT
strict-transport-security: max-age=315360000; includeSubDomains
x-content-type-options: nosniff
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://newrez.taxwallet.io
access-control-allow-credentials: true

OPTIONS
H2 200 openid-configuration
chl.okta.com/.well-known/ Frame 0
0 391ms
91ms Preflight
application/octet-stream 35.71.178.224
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://chl.okta.com/.well-known/openid-configuration

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.71.178.224 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a71a8df23b4ece90e.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-okta-user-agent-extended
Access-Control-Request-Method: GET
Origin: https://newrez.taxwallet.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-okta-user-agent-extended
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://newrez.taxwallet.io
access-control-max-age: 3600
content-length: 0
content-type: application/octet-stream
date: Mon, 15 Jul 2024 03:03:39 GMT
server: nginx
strict-transport-security: max-age=315360000; includeSubDomains
vary: Origin
x-okta-request-id: 746dc03473bd4d4ecc322e302a5c105c

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://newrez.taxwallet.io/ Message: The Content-Security-Policy directive 'style-src' contains 'worker-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://static.zdassets.com/ekr/snippet.js?key=f16a41f2-97a4-4af7-8659-d90d2d49692d Message: The Content-Security-Policy directive 'style-src' contains 'worker-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://static.zdassets.com/ekr/snippet.js?key=f16a41f2-97a4-4af7-8659-d90d2d49692d Message: The Content-Security-Policy directive 'style-src' contains 'worker-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-10f1ab3.js(Line 1) Message: Refused to connect to 'https://halcyonstillwaterhelp.zendesk.com/embeddable/config' because it violates the following Content Security Policy directive: "connect-src 'self' https://.okta.com/ https://.taxwallet.io/ https://login.microsoftonline.com/ https://halcyonstillwaterhelp.zendesk.com/* https://apimtw-taxwallet-prod.azure-api.net/ https://apim-taxwallet.azure-api.net/ https://widget-mediator.zopim.com https://taxwallet-idupload.azure-api.net/ https://taxwallet-idupload-prod.azure-api.net/api-tw-idupload/v1/ https://halcyonstillwaterhelp.zendesk.com/api/v2/requests https://ekr.zdassets.com".
javascript	error	URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-10f1ab3.js(Line 1) Message: Refused to connect to 'https://halcyonstillwaterhelp.zendesk.com/embeddable/config' because it violates the document's Content Security Policy.
security	error	URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-10f1ab3.js(Line 1) Message: The Content-Security-Policy directive 'style-src' contains 'worker-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-10f1ab3.js(Line 1) Message: The Content-Security-Policy directive 'style-src' contains 'worker-src' as a source expression. Did you want to add it as a directive and forget a semicolon?
security	error	URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-10f1ab3.js(Line 1) Message: Refused to connect to 'wss://widget-mediator.zopim.com/s/W/ws/fHbPOXHU4fsOAPY-/c/1721012617353' because it violates the following Content Security Policy directive: "connect-src 'self' https://.okta.com/ https://.taxwallet.io/ https://login.microsoftonline.com/ https://halcyonstillwaterhelp.zendesk.com/* https://apimtw-taxwallet-prod.azure-api.net/ https://apim-taxwallet.azure-api.net/ https://widget-mediator.zopim.com https://taxwallet-idupload.azure-api.net/ https://taxwallet-idupload-prod.azure-api.net/api-tw-idupload/v1/ https://halcyonstillwaterhelp.zendesk.com/api/v2/requests https://ekr.zdassets.com".
network	error	URL: https://chl.okta.com/.well-known/openid-configuration Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob:;script-src-elem 'unsafe-inline' 'self' https://editor.unlayer.com https://static.zdassets.com https://widget-mediator.zopim.com wss://widget-mediator.zopim.com; frame-src 'self' https://editor.unlayer.com blob: data:;img-src 'self' blob: data: https://publicassetstwprod.blob.core.windows.net/ blob: data: https://sttwirsdataprod.blob.core.windows.net/ https://sttwirsdataqa.blob.core.windows.net/; connect-src 'self' https://.okta.com/ https://.taxwallet.io/ https://login.microsoftonline.com/ https://halcyonstillwaterhelp.zendesk.com/* https://apimtw-taxwallet-prod.azure-api.net/ https://apim-taxwallet.azure-api.net/ https://widget-mediator.zopim.com https://taxwallet-idupload.azure-api.net/ https://taxwallet-idupload-prod.azure-api.net/api-tw-idupload/v1/ https://halcyonstillwaterhelp.zendesk.com/api/v2/requests https://ekr.zdassets.com;font-src 'self' https://fonts.gstatic.com/; object-src 'self';base-uri 'self';style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/ worker-src 'self' 'unsafe-inline' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

apim-taxwallet.azure-api.net
chl.okta.com
ekr.zdassets.com
fonts.googleapis.com
newrez.taxwallet.io
static.zdassets.com
104.18.70.113
104.18.72.113
142.250.31.95
20.119.128.5
20.72.97.235
35.71.178.224
12eebba255ce6f856459cab6b183b507be0417a322f46faf7dd71b3c4b0eec27
333101dc7e6ac41496b84ab4e6c449a2b83349c7d4218cc211af3f74a17c311f
36a6f678ddd72d11a43fd3baa112e1762559cb3d5cd6435262d6da48407993c8
379704eab8558405778c606dfd3aa4edc2efe6ce673456f69b742fe744932dcf
470f8f84d745864b30f0f75e80e08d1e9f99492c53fc9538a09db59b57692652
508e7318c46c84d9fd9b56ba90d4493c246088ccd77bdb06009239e3a56dfda9
6a4c9d77cf69f5bbf96ac3a79afe8733facb5f2e552433a0ab5bf333df8a35ad
8caa3b3ec2630f77a22e865988f01fc8e76abb8ca6c288910b93db0d0b806162
9bf8e23a3166377ffd882602e8cecb9b0d9f2234ca64c5cb9fcbb9af86c2933e
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
a4bb6462b01cccac0d933139de6e7549d7224ab367d450ed9fc60704792eccfe
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f

newrez.taxwallet.io Open in urlscan Pro 20.119.128.5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

0 %IPv6

5 Domains

6 Subdomains

6 IPs

2 Countries

2277 kBTransfer

6876 kBSize

0 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

0 Cookies

9 Console Messages

Security Headers

Indicators

newrez.taxwallet.io Open in urlscan Pro
20.119.128.5 Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

0 %
IPv6

5
Domains

6
Subdomains

6
IPs

2
Countries

2277 kB
Transfer

6876 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions