security-scanner.easytaxagent.xyz Open in urlscan Pro
172.67.191.204 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://security-scanner.easytaxagent.xyz/
Submission: On November 28 via automatic, source certstream-suspicious (November 28th 2024, 5:09:45 pm UTC) — Scanned from DE

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 1 countries across 4 domains to perform 11 HTTP transactions. The main IP is 172.67.191.204, located in United States and belongs to CLOUDFLARENET, US. The main domain is security-scanner.easytaxagent.xyz.
TLS certificate: Issued by WE1 on November 28th 2024. Valid for: 3 months.

This is the only time security-scanner.easytaxagent.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	172.67.191.204 172.67.191.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.245.46.115 18.245.46.115	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY)
4	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6812:1d77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	6

4 172.67.191.204 (United States)

ASN13335 (CLOUDFLARENET, US)

security-scanner.easytaxagent.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.46.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-46-115.fra56.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.0.176 (San Francisco, United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1d77 (United States)

ASN13335 (CLOUDFLARENET, US)

lottie.host	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	stripe.com js.stripe.com — Cisco Umbrella Rank: 1073	181 KB
4	easytaxagent.xyz security-scanner.easytaxagent.xyz	201 KB
1	lottie.host lottie.host — Cisco Umbrella Rank: 52193	33 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	451 KB
11	4

	Domain	Requested by
5	js.stripe.com	security-scanner.easytaxagent.xyz js.stripe.com
4	security-scanner.easytaxagent.xyz	security-scanner.easytaxagent.xyz
1	lottie.host	security-scanner.easytaxagent.xyz
1	cdn.jsdelivr.net	security-scanner.easytaxagent.xyz
11	4

This site contains no links.

Subject Issuer	Validity	Valid
security-scanner.easytaxagent.xyz WE1	`2024-11-28` - `2025-02-26`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-10-30` - `2025-02-06`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
lottie.host WE1	`2024-10-14` - `2025-01-12`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://security-scanner.easytaxagent.xyz/
Frame ID: 4C0301A743BAAB83F449AE168D00F269
Requests: 9 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-ae30c43fd523949e39262b9598e36df8.html
Frame ID: 1D215143286108B6BFA35F4916BA61D2
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-094b08e1bb3b918a6b2ef0109896e480.html
Frame ID: F97331547F6591CA5A2513E2B9EBF6C0
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/link-modal-inner-3c5c89e80af42c303601dc3d46fda692.html
Frame ID: 70F40D2C1DFF829F70C019335C43FED4
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-862b0db1981594665fc9d8d01564b64a.html
Frame ID: 3E5901C28717BE333A682EAE0214458A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Easy Tax Agent

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

11
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

4
Subdomains

6
IPs

1
Countries

865 kB
Transfer

2749 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
security-scanner.easytaxagent.xyz/ 390 B
921 B 157ms
93ms Document
text/html 172.67.191.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://security-scanner.easytaxagent.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.191.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb7b663c0872410be3d815344807c73bd8cb016d67ec2acf012394888e50e753

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8e9bf7963abbd271-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 28 Nov 2024 17:09:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZEfY22iK4LNUY3BkfL36jLBphdLYpEKfIEE8tLZdmbVQx2LApMe5vdrt2XGI4KTkEEMzewfjbIY3t%2BwFFZxII0p5JF6pl9exKP%2BnnMU2guc9AfHTIitj%2F4BhYpriy7dkvEYHfpQxjY2hB24XuvJgWtyBDr4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=7423&min_rtt=6258&rtt_var=2728&sent=14&recv=11&lost=0&retrans=0&sent_bytes=4247&recv_bytes=4547&delivery_rate=876&cwnd=12000&unsent_bytes=0&cid=ec8ea445feb9b2c0&ts=96&x=1" cfHdrFlush;dur=0
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H3 200 index-C8BAQXQA.js Show response
security-scanner.easytaxagent.xyz/assets/ 859 KB
193 KB 47ms
46ms Script
application/javascript 172.67.191.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://security-scanner.easytaxagent.xyz/assets/index-C8BAQXQA.js

Requested by

Host: security-scanner.easytaxagent.xyz
URL: https://security-scanner.easytaxagent.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.191.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b220e5669064d155fa897de02aa480ffc55baa3d0c0d52b4e5c0825372b0cc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://security-scanner.easytaxagent.xyz
Referer: https://security-scanner.easytaxagent.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"ea7c269b78b9779ab93c5c759b1af75f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eQ1Zupuj3TmQG9zizQYgw7Mgo3R4QVD5P5vELTtrqJSnslEhZPePRZv6buYRICYytH%2FYOsUTK6GrRYxvB2a2xAIJmAX9QFd5%2FX4m6YdAWAbs1y0zz5C598R01t3R%2BZpRcVNBHs7y141jTvhXeSfensqITgA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8045&min_rtt=6258&rtt_var=3289&sent=17&recv=13&lost=0&retrans=0&sent_bytes=5238&recv_bytes=4944&delivery_rate=78086&cwnd=12000&unsent_bytes=0&cid=ec8ea445feb9b2c0&ts=157&x=1", cfHdrFlush;dur=0
date: Thu, 28 Nov 2024 17:09:41 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e9bf796ecebd271-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 v3 Show response
js.stripe.com/ 690 KB
181 KB 89ms
10ms Script
text/javascript 18.245.46.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: security-scanner.easytaxagent.xyz
URL: https://security-scanner.easytaxagent.xyz/assets/index-C8BAQXQA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.46.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-46-115.fra56.r.cloudfront.net

Software

Cloudfront /

Resource Hash

74fe0204038008fc63b7f5e2cdc404a8d1d4c6398efa9290486931d2941ad0fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://security-scanner.easytaxagent.xyz/

Response headers

content-encoding: br
etag: W/"ef9b31b63c137d83689e6da09b39a6f0"
age: 54
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
x-cache: Hit from cloudfront
x-amz-cf-id: rMHEfayH9fcGvEnnCzLHVIDGwFMCK5i6D3OVNYJDL99G6C7PR1iHGg==
date: Thu, 28 Nov 2024 17:08:48 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 26 Nov 2024 21:44:41 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31556926; includeSubDomains; preload
cache-control: max-age=60
timing-allow-origin: *
via: 1.1 827d4b9f3280fc9410e1e1ce54fbedda.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA56-P9
server: Cloudfront

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5036b03e41bdca4f75572012702411b08d0dbab8bad592b0fc09ddf2fb1c56a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 250 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3e30bc4874dbc71c0bbeed170eeba90a2a6ce78e73989f637e068509461d607

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H3 200 amex-D0KF3JUc.svg
security-scanner.easytaxagent.xyz/assets/ 5 KB
3 KB 195ms
194ms Image
image/svg+xml 172.67.191.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://security-scanner.easytaxagent.xyz/assets/amex-D0KF3JUc.svg

Requested by

Host: security-scanner.easytaxagent.xyz
URL: https://security-scanner.easytaxagent.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.191.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51aafa4967acb06c992d200f666de447d3e5d2ab6068651698f9866954871c3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://security-scanner.easytaxagent.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"2a8a5a6c53c8c075d78afc20a4087c59"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NQF5HKRpNuTCvDXgx9I1ejOB4qs6MZ8S5llkTx6rJyTXweTE7nXKsGuh6Wq8vSpMzBGFD9WvJDCMpbJmJpUzcpsRUPUAC86bg2eKE5lTX1EduSpYGngnVEahQ24YtpDbRuHdl4ph8xeYxqkiqzyF4ZWiMR8%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7744&min_rtt=5987&rtt_var=2083&sent=188&recv=68&lost=0&retrans=0&sent_bytes=207807&recv_bytes=7690&delivery_rate=6427844&cwnd=76800&unsent_bytes=0&cid=ec8ea445feb9b2c0&ts=580&x=1", cfHdrFlush;dur=0
date: Thu, 28 Nov 2024 17:09:42 GMT
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e9bf7989992d271-FRA
access-control-allow-origin: *
server: cloudflare

GET
H2 200 dotlottie-player.wasm Show response
cdn.jsdelivr.net/npm/@lottiefiles/dotlottie-web@0.38.0/dist/ 1 MB
451 KB 71ms
31ms Fetch
application/wasm 2a04:4e42:600::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@lottiefiles/dotlottie-web@0.38.0/dist/dotlottie-player.wasm

Requested by

Host: security-scanner.easytaxagent.xyz
URL: https://security-scanner.easytaxagent.xyz/assets/index-C8BAQXQA.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1fa4cbdbfb498178449bb86ec04400c780ca174d19667305b0f3e27f8aee58c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://security-scanner.easytaxagent.xyz/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"11de55-7VunmxLQO5TfotUzlF5lv057Nqs"
age: 124611
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT
date: Thu, 28 Nov 2024 17:09:41 GMT
content-type: application/wasm
x-served-by: cache-fra-eddf8230026-FRA
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 460740
x-jsd-version: 0.38.0

GET
H2 200 controller-with-preconnect-ae30c43fd523949e39262b9598e36df8.html
js.stripe.com/v3/ Frame 1D21 0
0 49ms
7ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-with-preconnect-ae30c43fd523949e39262b9598e36df8.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://security-scanner.easytaxagent.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 39
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 402
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 28 Nov 2024 17:09:41 GMT
etag: "ae30c43fd523949e39262b9598e36df8"
last-modified: Tue, 26 Nov 2024 21:03:10 GMT
origin-agent-cluster: ?1
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 13
x-content-type-options: nosniff
x-request-id: 24d61264-73a3-4209-b3e1-3eb6659d34c3
x-served-by: cache-fra-eddf8230041-FRA

GET
H2 200 elements-inner-card-094b08e1bb3b918a6b2ef0109896e480.html
js.stripe.com/v3/ Frame F973 0
0 10ms
9ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/elements-inner-card-094b08e1bb3b918a6b2ef0109896e480.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://security-scanner.easytaxagent.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 158581
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 514
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com https://files.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 28 Nov 2024 17:09:41 GMT
etag: "094b08e1bb3b918a6b2ef0109896e480"
last-modified: Tue, 26 Nov 2024 21:03:11 GMT
origin-agent-cluster: ?1
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2480
x-content-type-options: nosniff
x-request-id: 71d102de-3db5-4df9-934d-68bb5840d1ea
x-served-by: cache-fra-eddf8230041-FRA

GET
H2 200 9unK6FhAIV.lottie Show response
lottie.host/647ce511-f2b3-464b-86a4-50a5236fd156/ 32 KB
33 KB 527ms
455ms Fetch
application/zip 2606:4700::6812:1d77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lottie.host/647ce511-f2b3-464b-86a4-50a5236fd156/9unK6FhAIV.lottie
Requested by: Host: security-scanner.easytaxagent.xyz
URL: https://security-scanner.easytaxagent.xyz/assets/index-C8BAQXQA.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1d77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 157e3dd8ed8c4d2491f79cdbab37332790786bc6dbee2ceeb884cfbc0e0d7198

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://security-scanner.easytaxagent.xyz/

Response headers

access-control-max-age: 1800
cf-cache-status: DYNAMIC
etag: "88036a99e1378aef723e3f1f3b5cfb35"
x-amz-version-id: KnDcIUAc9N.Qu2QLDXIlqxaRsnpk12E0
access-control-allow-methods: GET, PUT, POST
x-cache: Miss from cloudfront
x-amz-cf-id: UuHjQHV_7fm-wiYsDuQRfL4L8QXClxcEV2Oh6_7baob1LxeAugmIUw==
date: Thu, 28 Nov 2024 17:09:42 GMT
content-type: application/zip
last-modified: Fri, 22 Nov 2024 02:16:34 GMT
vary: Origin
via: 1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
cf-ray: 8e9bf79a3f65bc03-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 33009
x-amz-cf-pop: FRA60-P1
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 link-modal-inner-3c5c89e80af42c303601dc3d46fda692.html
js.stripe.com/v3/ Frame 70F4 0
0 9ms
8ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/link-modal-inner-3c5c89e80af42c303601dc3d46fda692.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://errors.stripe.com https://api.stripe.com https://merchant-ui-api.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com https://checkout.link.com; img-src 'self' https://js.stripe.com https://q.stripe.com https://b.stripecdn.com; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://security-scanner.easytaxagent.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 10
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=60, stale-while-revalidate=900
content-encoding: br
content-length: 455
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://errors.stripe.com https://api.stripe.com https://merchant-ui-api.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com https://checkout.link.com; img-src 'self' https://js.stripe.com https://q.stripe.com https://b.stripecdn.com; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://errors.stripe.com https://api.stripe.com https://merchant-ui-api.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com https://checkout.link.com; img-src 'self' https://js.stripe.com https://q.stripe.com https://b.stripecdn.com; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 28 Nov 2024 17:09:42 GMT
etag: "3c5c89e80af42c303601dc3d46fda692"
last-modified: Tue, 26 Nov 2024 21:03:24 GMT
origin-agent-cluster: ?1
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: 0bcf5508-3856-4377-a0f5-22623bda0702
x-served-by: cache-fra-eddf8230094-FRA

GET
H3 200 favicon.ico
security-scanner.easytaxagent.xyz/ 15 KB
3 KB 46ms
46ms Other
image/vnd.microsoft.icon 172.67.191.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://security-scanner.easytaxagent.xyz/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.191.204 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7582734fb352a631e9175938568c481923a88ff30c796a1224f90d63892dd45a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://security-scanner.easytaxagent.xyz/

Response headers

content-encoding: gzip
cf-cache-status: MISS
etag: W/"c0def450e0cf55bb72cc9f0390ba7468"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DnDsll5upMeX0Q9ruflIoVsdUKNr%2F9E3iEXNpFis7c%2BCa1wsvk3tpNO6yCgDB0JaOeUrizH9EozQ7x7b6Z%2FmPZPE%2BbctzFn3aLWtptCfWvNfzJGPVExgPBxk28TvuFcVVn6qZ4E5yTvXtVR%2BeE%2Bjk4phXeg%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7837&min_rtt=5987&rtt_var=1749&sent=192&recv=70&lost=0&retrans=0&sent_bytes=211147&recv_bytes=8105&delivery_rate=16786&cwnd=76800&unsent_bytes=0&cid=ec8ea445feb9b2c0&ts=1192&x=1", cfHdrFlush;dur=0
date: Thu, 28 Nov 2024 17:09:42 GMT
content-type: image/vnd.microsoft.icon
vary: Accept-Encoding
cache-control: public, max-age=14400, must-revalidate
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
cf-ray: 8e9bf79d5e89d271-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 hcaptcha-invisible-862b0db1981594665fc9d8d01564b64a.html
js.stripe.com/v3/ Frame 3E59 0
0 7ms
7ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/hcaptcha-invisible-862b0db1981594665fc9d8d01564b64a.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

QUIC, , AES_256_GCM

Server

151.101.0.176 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-c9CaNu0Ao/y74nxXQJvBiP2xmSOG2ojT9DPS0AX1P6k='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 158594
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control: max-age=31536000
content-encoding: br
content-length: 23922
content-security-policy: base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-c9CaNu0Ao/y74nxXQJvBiP2xmSOG2ojT9DPS0AX1P6k='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 28 Nov 2024 17:09:43 GMT
etag: "7d3281b4598bbd05c7f2de51559b3c57"
last-modified: Tue, 26 Nov 2024 21:03:24 GMT
origin-agent-cluster: ?1
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 4360
x-content-type-options: nosniff
x-request-id: 10dd27b0-1160-4ebf-9cb7-2402169cd6e8
x-served-by: cache-fra-eddf8230094-FRA

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			api2.hcaptcha.com/	1970-01-21 01:20:15	Name: __cflb Value: 0H28vk2VKwPbLoawFj9mU2fhedYxxWRD1N5vC9eou9o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
js.stripe.com
lottie.host
security-scanner.easytaxagent.xyz
151.101.0.176
172.67.191.204
18.245.46.115
2606:4700::6812:1d77
2a04:4e42:600::485
157e3dd8ed8c4d2491f79cdbab37332790786bc6dbee2ceeb884cfbc0e0d7198
1fa4cbdbfb498178449bb86ec04400c780ca174d19667305b0f3e27f8aee58c2
51aafa4967acb06c992d200f666de447d3e5d2ab6068651698f9866954871c3d
74fe0204038008fc63b7f5e2cdc404a8d1d4c6398efa9290486931d2941ad0fb
7582734fb352a631e9175938568c481923a88ff30c796a1224f90d63892dd45a
8b220e5669064d155fa897de02aa480ffc55baa3d0c0d52b4e5c0825372b0cc9
cb7b663c0872410be3d815344807c73bd8cb016d67ec2acf012394888e50e753
d5036b03e41bdca4f75572012702411b08d0dbab8bad592b0fc09ddf2fb1c56a
e3e30bc4874dbc71c0bbeed170eeba90a2a6ce78e73989f637e068509461d607

security-scanner.easytaxagent.xyz Open in urlscan Pro 172.67.191.204 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

40 %IPv6

4 Domains

4 Subdomains

6 IPs

1 Countries

865 kBTransfer

2749 kBSize

1 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

1 Cookies

Security Headers

Indicators

security-scanner.easytaxagent.xyz Open in urlscan Pro
172.67.191.204 Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

4
Subdomains

6
IPs

1
Countries

865 kB
Transfer

2749 kB
Size

1
Cookies

11 HTTP transactions
2 data transactions