taxback.allay.co.uk Open in urlscan Pro
3.126.8.154 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://taxback.allay.co.uk/rWAjd2Jwty1L
Submission: On December 02 via manual (December 2nd 2022, 3:20:01 pm UTC) from GB — Scanned from GB

Summary HTTP 13 Redirects Links 2 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 13 HTTP transactions. The main IP is 3.126.8.154, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is taxback.allay.co.uk.
TLS certificate: Issued by R3 on November 29th 2022. Valid for: 3 months.

This is the only time taxback.allay.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
10	3.126.8.154 3.126.8.154		16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200a		15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:180e		13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	151.139.128.10 151.139.128.10		20446 (STACKPATH...) (STACKPATH-CDN)
13	4

10 3.126.8.154 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-8-154.eu-central-1.compute.amazonaws.com

taxback.allay.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.128.10 (United States) 1 redirects

ASN20446 (STACKPATH-CDN, US)
PTR: map3.hwcdn.net

cdn.mouseflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
10	allay.co.uk taxback.allay.co.uk	319 KB
2	mouseflow.com 1 redirects cdn.mouseflow.com — Cisco Umbrella Rank: 6639	17 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 203	6 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	1 KB
13	4

	Domain	Requested by
10	taxback.allay.co.uk	taxback.allay.co.uk
2	cdn.mouseflow.com	1 redirects taxback.allay.co.uk
1	cdnjs.cloudflare.com	taxback.allay.co.uk
1	fonts.googleapis.com	taxback.allay.co.uk
13	4

This site contains links to these domains. Also see Links.

Domain
www.allay.co.uk

Subject Issuer	Validity	Valid
taxback.allay.co.uk R3	`2022-11-29` - `2023-02-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://taxback.allay.co.uk/rWAjd2Jwty1L
Frame ID: 3A2042700E73CD66416DD14A2F2FC561
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Allay

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

CodeIgniter (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Mouse Flow (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.mouseflow\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

13
Requests

92 %
HTTPS

50 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

344 kB
Transfer

689 kB
Size

1
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.allay.co.uk/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.allay.co.uk/terms-conditions/
Title: Terms & Conditions

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://cdn.mouseflow.com/projects/b7b4a0d6-11d7-4ea4-8dd6-4681e59bb4ef.js HTTP 301
https://cdn.mouseflow.com/projects/b7b4a0d6-11d7-4ea4-8dd6-4681e59bb4ef_eu.js

13 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request rWAjd2Jwty1L Show response
taxback.allay.co.uk/ 14 KB
5 KB 1313ms
1152ms Document
text/html 3.126.8.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://taxback.allay.co.uk/rWAjd2Jwty1L
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.126.8.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-8-154.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 87b26abc26ec7b728cc478c0382a09dd65c266c340a7acdd58bc52d136d09870

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 4397
Content-Type: text/html; charset=UTF-8
Date: Fri, 02 Dec 2022 15:19:55 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding,User-Agent

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 159ms
54ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Requested by

Host: taxback.allay.co.uk
URL: https://taxback.allay.co.uk/rWAjd2Jwty1L

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dda36ab0dda2b7ba616e824e0dd455eb222bf9fee24984c74e19df9fa962758e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://taxback.allay.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 02 Dec 2022 15:19:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 02 Dec 2022 14:20:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 02 Dec 2022 15:19:56 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 119ms
43ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: taxback.allay.co.uk
URL: https://taxback.allay.co.uk/rWAjd2Jwty1L

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://taxback.allay.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 15:19:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1376012
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NVT8G4K1z5gQD8W9rpFHWkPyVnLUw%2BAN%2BLqk%2FVlLBXw3s25leUXADWdDOWrWH7hGvDm9UOKgpt7mVuO%2FHZloOp46TkDezHczdJbMi2lTqI1GXz8s5VSQ4JGT%2BDcB4gFhYRBaA7L1lSOPYfzk3SksT9QZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 77350b328c5d76d7-LHR
expires: Wed, 22 Nov 2023 15:19:56 GMT

GET
H/1.1 200
OK style.css
taxback.allay.co.uk/assets/css/ 205 KB
33 KB 52ms
51ms Stylesheet
text/css 3.126.8.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://taxback.allay.co.uk/assets/css/style.css?v=162
Requested by: Host: taxback.allay.co.uk
URL: https://taxback.allay.co.uk/rWAjd2Jwty1L
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.126.8.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-8-154.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: e90842cfc0e9542c5163b022969d37f8dcf0c4b457a6fdfc43259bcdcc3fe561

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://taxback.allay.co.uk/rWAjd2Jwty1L
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 15:19:56 GMT
Content-Encoding: gzip
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=29030400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 33767
Expires: Sat, 02 Dec 2023 15:19:56 GMT

GET
H/1.1 200
OK jquery.min.js Show response
taxback.allay.co.uk/assets/js/ 85 KB
30 KB 140ms
48ms Script
application/javascript 3.126.8.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://taxback.allay.co.uk/assets/js/jquery.min.js
Requested by: Host: taxback.allay.co.uk
URL: https://taxback.allay.co.uk/rWAjd2Jwty1L
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.126.8.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-8-154.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://taxback.allay.co.uk/rWAjd2Jwty1L
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 15:19:56 GMT
Content-Encoding: gzip
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=29030400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 30147
Expires: Sat, 02 Dec 2023 15:19:56 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
taxback.allay.co.uk/assets/js/ 48 KB
13 KB 141ms
47ms Script
application/javascript 3.126.8.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://taxback.allay.co.uk/assets/js/bootstrap.min.js
Requested by: Host: taxback.allay.co.uk
URL: https://taxback.allay.co.uk/rWAjd2Jwty1L
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.126.8.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-8-154.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d711092840be7b4dcb03497457166764177c1ee6edd4379aac31fef677f1b2f0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://taxback.allay.co.uk/rWAjd2Jwty1L
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 15:19:56 GMT
Content-Encoding: gzip
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=29030400
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 13076
Expires: Sat, 02 Dec 2023 15:19:56 GMT

GET
H/1.1 200
OK allay.svg
taxback.allay.co.uk/assets/images/ 5 KB
2 KB 45ms
45ms Image
image/svg+xml 3.126.8.154
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taxback.allay.co.uk/assets/images/allay.svg
Requested by: Host: taxback.allay.co.uk
URL: https://taxback.allay.co.uk/rWAjd2Jwty1L
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.126.8.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-8-154.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 516627a6720d715430c5ed0700fa0e3949d28d81818bb080495a72a66f689724

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://taxback.allay.co.uk/rWAjd2Jwty1L
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 15:19:56 GMT
Content-Encoding: gzip
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Cache-Control: max-age=29030400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1852
Expires: Sat, 02 Dec 2023 15:19:56 GMT

GET
H/1.1 200
OK down-shape.svg
taxback.allay.co.uk/assets/images/ 216 B
563 B 45ms
44ms Image
image/svg+xml 3.126.8.154
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taxback.allay.co.uk/assets/images/down-shape.svg
Requested by: Host: taxback.allay.co.uk
URL: https://taxback.allay.co.uk/assets/css/style.css?v=162
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.126.8.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-8-154.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 1a67c57adb05e660cc6470699935cf92858075ca839c17cc94884580c12b2f1e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://taxback.allay.co.uk/assets/css/style.css?v=162
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 15:19:56 GMT
Content-Encoding: gzip
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding,User-Agent
Content-Type: image/svg+xml
Cache-Control: max-age=29030400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 191
Expires: Sat, 02 Dec 2023 15:19:56 GMT

GET
H/1.1 200
OK Helvetica-Bold.woff2
taxback.allay.co.uk/assets/fonts/ 106 KB
106 KB 45ms
44ms Font
application/octet-stream 3.126.8.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://taxback.allay.co.uk/assets/fonts/Helvetica-Bold.woff2
Requested by: Host: taxback.allay.co.uk
URL: https://taxback.allay.co.uk/assets/css/style.css?v=162
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.126.8.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-8-154.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 6d64e6c05d936b2d3768dc47be745a01a44bdf92102eab0226c27960ba2b7daf

Request headers

Referer: https://taxback.allay.co.uk/assets/css/style.css?v=162
Origin: https://taxback.allay.co.uk
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 15:19:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Vary: User-Agent
Cache-Control: max-age=29030400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 108740
Expires: Sun, 04 Dec 2022 15:19:56 GMT

GET
H/1.1 200
OK ProximaNova-Bold.woff2
taxback.allay.co.uk/assets/fonts/ 26 KB
26 KB 47ms
46ms Font
application/octet-stream 3.126.8.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://taxback.allay.co.uk/assets/fonts/ProximaNova-Bold.woff2
Requested by: Host: taxback.allay.co.uk
URL: https://taxback.allay.co.uk/assets/css/style.css?v=162
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.126.8.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-8-154.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: fbfa829162f30a941f8093b532ad4feb68ef45d0b960f86443c45d33f82af188

Request headers

Referer: https://taxback.allay.co.uk/assets/css/style.css?v=162
Origin: https://taxback.allay.co.uk
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 15:19:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Vary: User-Agent
Cache-Control: max-age=29030400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 26468
Expires: Sun, 04 Dec 2022 15:19:56 GMT

GET
H/1.1 200
OK Helvetica.woff2
taxback.allay.co.uk/assets/fonts/ 102 KB
102 KB 89ms
45ms Font
application/octet-stream 3.126.8.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://taxback.allay.co.uk/assets/fonts/Helvetica.woff2
Requested by: Host: taxback.allay.co.uk
URL: https://taxback.allay.co.uk/assets/css/style.css?v=162
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.126.8.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-8-154.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 3482bef4a6d8e161edff43f8db2def925fc2414fbc63d7d36558fb3e993e42b5

Request headers

Referer: https://taxback.allay.co.uk/assets/css/style.css?v=162
Origin: https://taxback.allay.co.uk
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Date: Fri, 02 Dec 2022 15:19:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Vary: User-Agent
Cache-Control: max-age=29030400, private, must-revalidate
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 104520
Expires: Sun, 04 Dec 2022 15:19:56 GMT

GET
H2

200

b7b4a0d6-11d7-4ea4-8dd6-4681e59bb4ef_eu.js Show response
cdn.mouseflow.com/projects/
Redirect Chain

https://cdn.mouseflow.com/projects/b7b4a0d6-11d7-4ea4-8dd6-4681e59bb4ef.js
https://cdn.mouseflow.com/projects/b7b4a0d6-11d7-4ea4-8dd6-4681e59bb4ef_eu.js

60 KB
17 KB

42ms
42ms

Script
application/javascript

151.139.128.10
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mouseflow.com/projects/b7b4a0d6-11d7-4ea4-8dd6-4681e59bb4ef_eu.js
Requested by: Host: taxback.allay.co.uk
URL: https://taxback.allay.co.uk/rWAjd2Jwty1L
Protocol: H2
Server: 151.139.128.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: map3.hwcdn.net
Software: /
Resource Hash: 5bd7c2ecb1b595ec8a013b94762133ad5e5641f7e3a1cb00156fbe2631945ec3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://taxback.allay.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 15:19:56 GMT
content-encoding: gzip
last-modified: Thu, 01 Dec 2022 13:14:04 GMT
server
etag: "9c2c28c9865d91:0"
x-hw: 1669994396.cds002.lo4.hn,1669994396.cds266.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 17418

Redirect headers

date: Fri, 02 Dec 2022 15:19:56 GMT
x-hw: 1669994396.cds002.lo4.hn,1669994396.cds300.lo4.c
location: https://cdn.mouseflow.com/projects/b7b4a0d6-11d7-4ea4-8dd6-4681e59bb4ef_eu.js
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
x-hw-loc: https://cdn.mouseflow.com/projects/b7b4a0d6-11d7-4ea4-8dd6-4681e59bb4ef.js
content-length: 0

POST
H/1.1 200
OK step-zero-update Show response
taxback.allay.co.uk/ 0
406 B 182ms
163ms XHR
text/html 3.126.8.154
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://taxback.allay.co.uk/step-zero-update
Requested by: Host: taxback.allay.co.uk
URL: https://taxback.allay.co.uk/assets/js/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.126.8.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-8-154.eu-central-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://taxback.allay.co.uk/rWAjd2Jwty1L
X-Requested-With: XMLHttpRequest
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 02 Dec 2022 15:19:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Vary: User-Agent
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5, max=97
Content-Length: 0
Expires: Thu, 19 Nov 1981 08:52:00 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| $ function| jQuery object| bootstrap object| _mfq boolean| mouseflowDisableKeyLogging object| mouseflowHeatmap object| mouseflow

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			taxback.allay.co.uk/	1970-01-20 07:53:21	Name: ci_session Value: 77499vi18ib2kekgroomeg4g8vjf4g3c

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.mouseflow.com
cdnjs.cloudflare.com
fonts.googleapis.com
taxback.allay.co.uk
151.139.128.10
2606:4700::6811:180e
2a00:1450:4001:831::200a
3.126.8.154
1a67c57adb05e660cc6470699935cf92858075ca839c17cc94884580c12b2f1e
3482bef4a6d8e161edff43f8db2def925fc2414fbc63d7d36558fb3e993e42b5
516627a6720d715430c5ed0700fa0e3949d28d81818bb080495a72a66f689724
5bd7c2ecb1b595ec8a013b94762133ad5e5641f7e3a1cb00156fbe2631945ec3
6d64e6c05d936b2d3768dc47be745a01a44bdf92102eab0226c27960ba2b7daf
75b707d8761e2bfbd25fbd661f290a4f7fd11c48e1bf53a36dc6bd8a0034fa35
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
87b26abc26ec7b728cc478c0382a09dd65c266c340a7acdd58bc52d136d09870
d711092840be7b4dcb03497457166764177c1ee6edd4379aac31fef677f1b2f0
dda36ab0dda2b7ba616e824e0dd455eb222bf9fee24984c74e19df9fa962758e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e90842cfc0e9542c5163b022969d37f8dcf0c4b457a6fdfc43259bcdcc3fe561
fbfa829162f30a941f8093b532ad4feb68ef45d0b960f86443c45d33f82af188