www.ustaxdefense.org Open in urlscan Pro
172.81.118.28 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://s3.amazonaws.com/lek3058q9p/QRM8HY2909.html#ZyW!Zomo!Zea/r=W5LHW1CN1GHMW8HMOOWDME12W27OLW0W0W0WPW7MWDWA5W359W5OCNWA
Effective URL:
https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1852&sub1=&sub2=623984778&sub3=&transaction_id=10293a3c2c019113ba5...
Submission: On October 29 via api (October 29th 2021, 6:28:28 am UTC) from BE — Scanned from DE

Summary HTTP 30 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 8 domains to perform 30 HTTP transactions. The main IP is 172.81.118.28, located in Los Angeles, United States and belongs to IMH-IAD, US. The main domain is www.ustaxdefense.org.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 19th 2021. Valid for: 3 months.

This is the only time www.ustaxdefense.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	52.217.78.86 52.217.78.86	16509 (AMAZON-02) (AMAZON-02)
1 1	23.234.217.154 23.234.217.154	35916 (MULTA-ASN1) (MULTA-ASN1)
1	207.142.0.202 207.142.0.202	27229 (WEBHOST-ASN1) (WEBHOST-ASN1)
1 1	52.49.188.37 52.49.188.37	16509 (AMAZON-02) (AMAZON-02)
8	172.81.118.28 172.81.118.28	54641 (IMH-IAD) (IMH-IAD)
1	69.16.175.10 69.16.175.10	20446 (HIGHWINDS3) (HIGHWINDS3)
14	18.66.121.47 18.66.121.47	16509 (AMAZON-02) (AMAZON-02)
1 4	35.172.98.159 35.172.98.159	14618 (AMAZON-AES) (AMAZON-AES)
2	52.222.214.104 52.222.214.104	16509 (AMAZON-02) (AMAZON-02)
30	7

1 52.217.78.86 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.234.217.154 (Canyon Country, United States) 1 redirects

ASN35916 (MULTA-ASN1, US)
PTR: vitalityratio.com

gonelens.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.142.0.202 (United States)

ASN27229 (WEBHOST-ASN1, US)

cosinusline.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.188.37 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-188-37.eu-west-1.compute.amazonaws.com

go.whitehattracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.81.118.28 (Los Angeles, United States)

ASN54641 (IMH-IAD, US)
PTR: ded5652.inmotionhosting.com

www.ustaxdefense.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.10 (Phoenix, United States)

ASN20446 (HIGHWINDS3, US)
PTR: hwcdn.net

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 18.66.121.47 (United States)

ASN16509 (AMAZON-02, US)

dhozj507pfmqc.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.172.98.159 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-98-159.compute-1.amazonaws.com

api.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.214.104 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-104.fra56.r.cloudfront.net

cdn.trustedform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	cloudfront.net dhozj507pfmqc.cloudfront.net	543 KB
8	ustaxdefense.org www.ustaxdefense.org	380 KB
6	trustedform.com 1 redirects api.trustedform.com cdn.trustedform.com	35 KB
1	jquery.com code.jquery.com	33 KB
1	whitehattracking.com 1 redirects go.whitehattracking.com	2 KB
1	cosinusline.com cosinusline.com	526 B
1	gonelens.com 1 redirects gonelens.com	415 B
1	amazonaws.com s3.amazonaws.com	503 B
30	8

	Domain	Requested by
14	dhozj507pfmqc.cloudfront.net	www.ustaxdefense.org cdn.trustedform.com
8	www.ustaxdefense.org	cosinusline.com www.ustaxdefense.org
4	api.trustedform.com	1 redirects api.trustedform.com cdn.trustedform.com
2	cdn.trustedform.com	www.ustaxdefense.org api.trustedform.com
1	code.jquery.com	www.ustaxdefense.org
1	go.whitehattracking.com	1 redirects
1	cosinusline.com	s3.amazonaws.com
1	gonelens.com	1 redirects
1	s3.amazonaws.com
30	9

This site contains no links.

Subject Issuer	Validity	Valid
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
cosinusline.com R3	`2021-10-03` - `2022-01-01`	3 months	crt.sh
ustaxdefense.org cPanel, Inc. Certification Authority	`2021-08-19` - `2021-11-17`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.trustedform.com Amazon	`2021-10-12` - `2022-11-09`	a year	crt.sh
cdn.trustedform.com Amazon	`2021-05-14` - `2022-06-12`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1852&sub1=&sub2=623984778&sub3=&transaction_id=10293a3c2c019113ba5afab65485ce
Frame ID: 60F76CFF47BD935E62695E42D1FF6DB8
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

US TAX DEFENSE

Page URL History Show full URLs

https://s3.amazonaws.com/lek3058q9p/QRM8HY2909.html Page URL
http://gonelens.com/ZyW!Zomo!Zea/r=W5LHW1CN1GHMW8HMOOWDME12W27OLW0W0W0WPW7MWDWA5W359W5OCNWA HTTP 302
https://cosinusline.com/0/0/0/225f2bdd74459f7810d9803458702261/40529_6336852_13/3943_462031592_0_0_0... Page URL
http://go.whitehattracking.com/aff_c?offer_id=662&aff_id=1852&aff_sub2=623984778&source=350609 HTTP 302
https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1852&sub1=&sub2=623984778&sub3=&transaction_id... Page URL

Page Statistics

30
Requests

97 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

7
IPs

2
Countries

992 kB
Transfer

1106 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://s3.amazonaws.com/lek3058q9p/QRM8HY2909.html Page URL
http://gonelens.com/ZyW!Zomo!Zea/r=W5LHW1CN1GHMW8HMOOWDME12W27OLW0W0W0WPW7MWDWA5W359W5OCNWA HTTP 302
https://cosinusline.com/0/0/0/225f2bdd74459f7810d9803458702261/40529_6336852_13/3943_462031592_0_0_0_3970120_25_2167_104439_6336852_10_265/25 Page URL
http://go.whitehattracking.com/aff_c?offer_id=662&aff_id=1852&aff_sub2=623984778&source=350609 HTTP 302
https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1852&sub1=&sub2=623984778&sub3=&transaction_id=10293a3c2c019113ba5afab65485ce Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://gonelens.com/ZyW!Zomo!Zea/r=W5LHW1CN1GHMW8HMOOWDME12W27OLW0W0W0WPW7MWDWA5W359W5OCNWA HTTP 302
https://cosinusline.com/0/0/0/225f2bdd74459f7810d9803458702261/40529_6336852_13/3943_462031592_0_0_0_3970120_25_2167_104439_6336852_10_265/25

Request Chain 18

https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16354889029070.8122839991965636 HTTP 301
https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16354889029070.8122839991965636

30 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	QRM8HY2909.html Show response s3.amazonaws.com/lek3058q9p/	147 B 503 B	395ms 113ms	Document text/html	52.217.78.86 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://s3.amazonaws.com/lek3058q9p/QRM8HY2909.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.217.78.86 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1.amazonaws.com Software AmazonS3 / Resource Hash `974469cfba3e112fde015949458c651778154a22a8798fea08164702d677c5c4` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers x-amz-id-2 K60oxvLv276n3L0SafwpfmZJZN4mQ2ZqRGWTIpTOXT0VcZAeoZe9NL2T0eXjLsLvhkb85Xv/kbk= x-amz-request-id 89RG1MNXFQGFT8MD Date Fri, 29 Oct 2021 06:28:21 GMT Last-Modified Wed, 20 Oct 2021 18:48:40 GMT ETag "3634873cf9caafcfeec67022d4f9ac53" Accept-Ranges bytes Content-Type text/html Server AmazonS3 Content-Length 147
GET H/1.1	200 OK	25 cosinusline.com/0/0/0/225f2bdd74459f7810d9803458702261/40529_6336852_13/3943_462031592_0_0_0_3970120_25_2167_104439_6336852_10_265/ Redirect Chain http://gonelens.com/ZyW!Zomo!Zea/r=W5LHW1CN1GHMW8HMOOWDME12W27OLW0W0W0WPW7MWDWA5W359W5OCNWA https://cosinusline.com/0/0/0/225f2bdd74459f7810d9803458702261/40529_6336852_13/3943_462031592_0_0_0_3970120_25_2167_104439_6336852_10_265/25	157 B 526 B	694ms 317ms	Document text/html	207.142.0.202 WEBHOST-ASN1
General Check archive.org Show headers Download Go to Full URL https://cosinusline.com/0/0/0/225f2bdd74459f7810d9803458702261/40529_6336852_13/3943_462031592_0_0_0_3970120_25_2167_104439_6336852_10_265/25 Requested by Host: s3.amazonaws.com URL: https://s3.amazonaws.com/lek3058q9p/QRM8HY2909.html Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 207.142.0.202 , United States, ASN27229 (WEBHOST-ASN1, US), Reverse DNS Software Apache / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://s3.amazonaws.com/lek3058q9p/QRM8HY2909.html#ZyW!Zomo!Zea/r=W5LHW1CN1GHMW8HMOOWDME12W27OLW0W0W0WPW7MWDWA5W359W5OCNWA Response headers date Fri, 29 Oct 2021 06:28:21 GMT content-type text/html; charset=UTF-8 server Apache content-encoding gzip transfer-encoding chunked vary Accept-Encoding Redirect headers Date Fri, 29 Oct 2021 06:28:20 GMT Server Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16 X-Powered-By PHP/5.4.16 location https://cosinusline.com/0/0/0/225f2bdd74459f7810d9803458702261/40529_6336852_13/3943_462031592_0_0_0_3970120_25_2167_104439_6336852_10_265/25 Content-Length 0 Keep-Alive timeout=5, max=100 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	Primary Request index.php Show response www.ustaxdefense.org/ Redirect Chain http://go.whitehattracking.com/aff_c?offer_id=662&aff_id=1852&aff_sub2=623984778&source=350609 https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1852&sub1=&sub2=623984778&sub3=&transaction_id=10293a3c2c019113ba5afab65485ce	9 KB 9 KB	759ms 101ms	Document text/html	172.81.118.28 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1852&sub1=&sub2=623984778&sub3=&transaction_id=10293a3c2c019113ba5afab65485ce Requested by Host: cosinusline.com URL: https://cosinusline.com/0/0/0/225f2bdd74459f7810d9803458702261/40529_6336852_13/3943_462031592_0_0_0_3970120_25_2167_104439_6336852_10_265/25 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.81.118.28 Los Angeles, United States, ASN54641 (IMH-IAD, US), Reverse DNS ded5652.inmotionhosting.com Software Apache / Resource Hash `27f6a26dd9f8b5e9694e1bd35d4e5a442e4b988f0e6b2721a03420f421990734` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://cosinusline.com/0/0/0/225f2bdd74459f7810d9803458702261/40529_6336852_13/3943_462031592_0_0_0_3970120_25_2167_104439_6336852_10_265/25 Response headers Date Fri, 29 Oct 2021 06:28:22 GMT Server Apache Keep-Alive timeout=5, max=100 Connection Keep-Alive Transfer-Encoding chunked Content-Type text/html; charset=UTF-8 Redirect headers Server nginx Date Fri, 29 Oct 2021 06:28:21 GMT Content-Type text/html; charset=iso-8859-1 Content-Length 340 Connection keep-alive Cache-Control no-cache, no-store, must-revalidate Expires Sat, 26 Jul 1997 05:00:00 GMT Location https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1852&sub1=&sub2=623984778&sub3=&transaction_id=10293a3c2c019113ba5afab65485ce P3p CP="NOI CUR OUR NOR INT" Pragma no-cache Tracking_id 10293a3c2c019113ba5afab65485ce X-Robots-Tag noindex, nofollow Access-Control-Allow-Origin * X-Request-Id 19cc70ba2e6bb104db952caf39a8cbb0 Access-Control-Allow-Headers Tune-SDK-Version
GET H/1.1	200 OK	style.css www.ustaxdefense.org/css/	8 KB 8 KB	94ms 93ms	Stylesheet text/css	172.81.118.28 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://www.ustaxdefense.org/css/style.css Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1852&sub1=&sub2=623984778&sub3=&transaction_id=10293a3c2c019113ba5afab65485ce Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.81.118.28 Los Angeles, United States, ASN54641 (IMH-IAD, US), Reverse DNS ded5652.inmotionhosting.com Software Apache / Resource Hash `3d4219ba46c268a82d95117635a50aca746eec89f71d967955ce3ad640d03e05` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1852&sub1=&sub2=623984778&sub3=&transaction_id=10293a3c2c019113ba5afab65485ce User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Fri, 29 Oct 2021 06:28:22 GMT Last-Modified Wed, 27 Jun 2018 01:43:31 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 8202
GET H/1.1	200 OK	responsive.css www.ustaxdefense.org/css/	6 KB 7 KB	93ms 93ms	Stylesheet text/css	172.81.118.28 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://www.ustaxdefense.org/css/responsive.css Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1852&sub1=&sub2=623984778&sub3=&transaction_id=10293a3c2c019113ba5afab65485ce Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.81.118.28 Los Angeles, United States, ASN54641 (IMH-IAD, US), Reverse DNS ded5652.inmotionhosting.com Software Apache / Resource Hash `3f60cdedb71d6480a9425a3de601c7a0b61933913e24104f874f8c931a1e384e` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1852&sub1=&sub2=623984778&sub3=&transaction_id=10293a3c2c019113ba5afab65485ce User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Fri, 29 Oct 2021 06:28:22 GMT Last-Modified Wed, 27 Jun 2018 01:43:37 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 6548
GET H/1.1	200 OK	button.js Show response www.ustaxdefense.org/js/	1 KB 1 KB	186ms 92ms	Script application/javascript	172.81.118.28 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://www.ustaxdefense.org/js/button.js Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1852&sub1=&sub2=623984778&sub3=&transaction_id=10293a3c2c019113ba5afab65485ce Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.81.118.28 Los Angeles, United States, ASN54641 (IMH-IAD, US), Reverse DNS ded5652.inmotionhosting.com Software Apache / Resource Hash `ec14c2b971443ca7322f04a1b65dc70974ad71f470d4726cea33d482a86215a2` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1852&sub1=&sub2=623984778&sub3=&transaction_id=10293a3c2c019113ba5afab65485ce User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Fri, 29 Oct 2021 06:28:22 GMT Last-Modified Sat, 05 Aug 2017 22:06:37 GMT Server Apache Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 1087
GET H2	200	jquery-latest.min.js Show response code.jquery.com/	94 KB 33 KB	45ms 15ms	Script application/javascript	69.16.175.10 HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-latest.min.js Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1852&sub1=&sub2=623984778&sub3=&transaction_id=10293a3c2c019113ba5afab65485ce Protocol H2 Security TLS 1.3, , AES_128_GCM Server 69.16.175.10 Phoenix, United States, ASN20446 (HIGHWINDS3, US), Reverse DNS hwcdn.net Software nginx / Resource Hash `540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 06:28:22 GMT content-encoding gzip last-modified Fri, 24 Oct 2014 00:16:08 GMT server nginx etag "54499a48-1762a" vary Accept-Encoding x-hw 1635488902.dop248.am5.t,1635488902.cds260.am5.hn,1635488902.cds146.am5.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 33202
GET H2	200	us-tax-defense-logo.jpg dhozj507pfmqc.cloudfront.net/sites/1002/images/	33 KB 33 KB	38ms 10ms	Image image/jpeg	18.66.121.47 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dhozj507pfmqc.cloudfront.net/sites/1002/images/us-tax-defense-logo.jpg Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1852&sub1=&sub2=623984778&sub3=&transaction_id=10293a3c2c019113ba5afab65485ce Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.121.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash `e7ef5da3c7f69950571db2adc0d8ced92038a5901e0097dd789b54d9de1adfcc` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 10:30:02 GMT via 1.1 f884e2c0a4bd6c75faee34aade3f091f.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2017 22:04:07 GMT server Apache age 71899 x-cache Hit from cloudfront content-type image/jpeg x-amz-cf-pop FRA60-P2 accept-ranges bytes content-length 33750 x-amz-cf-id s-piLxdSnpsi1Yx0pdWDS86mF6t907U8-p-eGxb1kaghI6pYhYiSnw==
GET H2	200	top-right-logos.png dhozj507pfmqc.cloudfront.net/sites/1002/images/	12 KB 12 KB	18ms 18ms	Image image/png	18.66.121.47 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dhozj507pfmqc.cloudfront.net/sites/1002/images/top-right-logos.png Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1852&sub1=&sub2=623984778&sub3=&transaction_id=10293a3c2c019113ba5afab65485ce Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.121.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash `ad014ff719a6356c0f09bada37ae5d43c836c939938275e943bd27ffcb363d6e` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 10:30:02 GMT via 1.1 f884e2c0a4bd6c75faee34aade3f091f.cloudfront.net (CloudFront) last-modified Wed, 24 Jul 2019 15:38:26 GMT server Apache age 71900 x-cache Hit from cloudfront content-type image/png x-amz-cf-pop FRA60-P2 accept-ranges bytes content-length 12249 x-amz-cf-id i091mh_wnfEERgtmHU-8YzPKk1etHmaJxZcG6ewuC7h8scJSQ4xPdA==
GET H2	200	seen-on-bg.jpg dhozj507pfmqc.cloudfront.net/sites/1002/images/	12 KB 12 KB	10ms 10ms	Image image/jpeg	18.66.121.47 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dhozj507pfmqc.cloudfront.net/sites/1002/images/seen-on-bg.jpg Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1852&sub1=&sub2=623984778&sub3=&transaction_id=10293a3c2c019113ba5afab65485ce Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.121.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash `64bc06c9dc8775903f678cf5602492761161ee981315c188a53200ced5f1442b` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 15:18:17 GMT via 1.1 f884e2c0a4bd6c75faee34aade3f091f.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2017 22:04:06 GMT server Apache age 54605 x-cache Hit from cloudfront content-type image/jpeg x-amz-cf-pop FRA60-P2 accept-ranges bytes content-length 12252 x-amz-cf-id i8QpBKQcqyQVpq2bPwnqzBQIJ2nYgjsfwQFjmYk9kJmvoGxVw_Ygvg==
GET H2	200	welcome-left-bg.png dhozj507pfmqc.cloudfront.net/sites/1002/images/	157 KB 158 KB	18ms 18ms	Image image/png	18.66.121.47 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dhozj507pfmqc.cloudfront.net/sites/1002/images/welcome-left-bg.png Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1852&sub1=&sub2=623984778&sub3=&transaction_id=10293a3c2c019113ba5afab65485ce Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.121.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash `de30344e9a5cff6eeb3a4a95fc67158b3b0cf28ede574c109bbec94b564472bf` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 05:44:42 GMT via 1.1 f884e2c0a4bd6c75faee34aade3f091f.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2017 22:04:09 GMT server Apache age 2620 x-cache Hit from cloudfront content-type image/png x-amz-cf-pop FRA60-P2 accept-ranges bytes content-length 161081 x-amz-cf-id uKUjEDUk_gCkHF4RquST2AZs-uRfgeKrMscG6ZfB9xeIKIR--OB2HA==
GET H2	200	evaluation-normal-button.jpg dhozj507pfmqc.cloudfront.net/sites/1002/images/	8 KB 8 KB	12ms 12ms	Image image/jpeg	18.66.121.47 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dhozj507pfmqc.cloudfront.net/sites/1002/images/evaluation-normal-button.jpg Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1852&sub1=&sub2=623984778&sub3=&transaction_id=10293a3c2c019113ba5afab65485ce Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.121.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash `0b730aa72b4d84271ea7be37cd849e6e54f6fe7eacf5e2c5a993f5e8b65a3ce0` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 05:44:42 GMT via 1.1 f884e2c0a4bd6c75faee34aade3f091f.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2017 22:04:03 GMT server Apache age 2620 x-cache Hit from cloudfront content-type image/jpeg x-amz-cf-pop FRA60-P2 accept-ranges bytes content-length 8051 x-amz-cf-id CGRs6XG3AQMXg80-_LgThQEXt6uppnVxWE8AKP9ps62nVTDVsk73zg==
GET H2	200	welcome-inside-bg.jpg dhozj507pfmqc.cloudfront.net/sites/1002/images/	2 KB 2 KB	369ms 369ms	Image image/jpeg	18.66.121.47 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dhozj507pfmqc.cloudfront.net/sites/1002/images/welcome-inside-bg.jpg Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.121.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash `e04902cb8d591b22813f665be2bc146ece30400643efea6f12efc056edad981a` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 06:28:23 GMT via 1.1 f884e2c0a4bd6c75faee34aade3f091f.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2017 22:04:09 GMT server Apache x-amz-cf-pop FRA60-P2 x-cache Miss from cloudfront content-type image/jpeg accept-ranges bytes content-length 1818 x-amz-cf-id bB7XvMKz5swnX65vlMcQkKL7Yb9Rf2ZKieu8X8HHdzdmYhtXAJ0FIQ==
GET H2	200	welcome-bg.jpg dhozj507pfmqc.cloudfront.net/sites/1002/images/	82 KB 83 KB	383ms 383ms	Image image/jpeg	18.66.121.47 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dhozj507pfmqc.cloudfront.net/sites/1002/images/welcome-bg.jpg Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.121.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash `a7c84e0797c80785d8123860ed09e1f09efe26488e255475d9ef37f897f0ce43` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 06:28:23 GMT via 1.1 f884e2c0a4bd6c75faee34aade3f091f.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2017 22:04:09 GMT server Apache x-amz-cf-pop FRA60-P2 x-cache Miss from cloudfront content-type image/jpeg accept-ranges bytes content-length 84378 x-amz-cf-id baLWWsCwC6YSVpToWfjU2oklSzuTsjx70Ci6muvttYvuZkzOOVEgSQ==
GET H2	200	right-arrow.png dhozj507pfmqc.cloudfront.net/sites/1002/images/	2 KB 2 KB	381ms 381ms	Image image/png	18.66.121.47 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dhozj507pfmqc.cloudfront.net/sites/1002/images/right-arrow.png Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.121.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash `c66a78f08a25909a6be6a4b762217eb7a176dd7f5ae7bb20c5807510411b591d` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 06:28:23 GMT via 1.1 f884e2c0a4bd6c75faee34aade3f091f.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2017 22:04:04 GMT server Apache x-amz-cf-pop FRA60-P2 x-cache Miss from cloudfront content-type image/png accept-ranges bytes content-length 2232 x-amz-cf-id wkYWfn9fuRIuam6mmzxsbdHYmuK3BikmUy0DCR4PjpcC0eMZpvT2bA==
GET H/1.1	200 OK	Lato-Black.ttf www.ustaxdefense.org/	87 KB 88 KB	93ms 92ms	Font font/ttf	172.81.118.28 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://www.ustaxdefense.org/Lato-Black.ttf Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/css/style.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.81.118.28 Los Angeles, United States, ASN54641 (IMH-IAD, US), Reverse DNS ded5652.inmotionhosting.com Software Apache / Resource Hash `54db141f62decc2eff9a8fbd6f4abbc168930c87248c5dd15927e2b807b59602` Request headers Referer https://www.ustaxdefense.org/css/style.css Origin https://www.ustaxdefense.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Fri, 29 Oct 2021 06:28:22 GMT Last-Modified Sat, 05 Aug 2017 22:06:35 GMT Server Apache Content-Type font/ttf Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 89448
GET H/1.1	200 OK	Lato-Italic.ttf www.ustaxdefense.org/	82 KB 82 KB	93ms 92ms	Font font/ttf	172.81.118.28 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://www.ustaxdefense.org/Lato-Italic.ttf Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/css/style.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.81.118.28 Los Angeles, United States, ASN54641 (IMH-IAD, US), Reverse DNS ded5652.inmotionhosting.com Software Apache / Resource Hash `216f31d03ced35bd38c606cda5aa23c7fd78688679aec98d19a24cbf7c8912ed` Request headers Referer https://www.ustaxdefense.org/css/style.css Origin https://www.ustaxdefense.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Fri, 29 Oct 2021 06:28:22 GMT Last-Modified Sat, 05 Aug 2017 22:06:34 GMT Server Apache Content-Type font/ttf Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 83680
GET H/1.1	200 OK	Lato-Bold.ttf www.ustaxdefense.org/	91 KB 91 KB	93ms 92ms	Font font/ttf	172.81.118.28 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://www.ustaxdefense.org/Lato-Bold.ttf Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/css/style.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.81.118.28 Los Angeles, United States, ASN54641 (IMH-IAD, US), Reverse DNS ded5652.inmotionhosting.com Software Apache / Resource Hash `ca182edc7135b49762bccd4e05d417abc9168b2ede7433e6f5ab412fa3d4cc8a` Request headers Referer https://www.ustaxdefense.org/css/style.css Origin https://www.ustaxdefense.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Fri, 29 Oct 2021 06:28:22 GMT Last-Modified Sat, 05 Aug 2017 22:06:34 GMT Server Apache Content-Type font/ttf Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 93224
GET H/1.1	200 OK	Lato-Regular.ttf www.ustaxdefense.org/	94 KB 94 KB	276ms 92ms	Font font/ttf	172.81.118.28 IMH-IAD
General Check archive.org Show headers Download Go to Full URL https://www.ustaxdefense.org/Lato-Regular.ttf Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/css/style.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 172.81.118.28 Los Angeles, United States, ASN54641 (IMH-IAD, US), Reverse DNS ded5652.inmotionhosting.com Software Apache / Resource Hash `d5d1706afe013adca66defa792ca52bf29be3877c25a8354d20004a2c873c5bf` Request headers Referer https://www.ustaxdefense.org/css/style.css Origin https://www.ustaxdefense.org Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers Date Fri, 29 Oct 2021 06:28:23 GMT Last-Modified Sat, 05 Aug 2017 22:06:34 GMT Server Apache Content-Type font/ttf Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 96044
GET H2	200	bootstrap.js Show response cdn.trustedform.com/ Redirect Chain https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16354889029070.8122839991965636 https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16354889029070.8122839991965636	14 KB 6 KB	167ms 140ms	Script application/javascript	52.222.214.104 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.trustedform.com/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16354889029070.8122839991965636 Requested by Host: www.ustaxdefense.org URL: https://www.ustaxdefense.org/index.php?offer_id=662&aff_id=1852&sub1=&sub2=623984778&sub3=&transaction_id=10293a3c2c019113ba5afab65485ce Protocol H2 Server 52.222.214.104 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-214-104.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `9f74593149adc21c135cc88bba9dfb21d71504ae0f2f558e0f2fe227ff98b380` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 06:28:24 GMT content-encoding gzip last-modified Thu, 14 Oct 2021 22:37:01 GMT server AmazonS3 x-amz-cf-pop FRA56-P3 etag W/"676b14012df40978e4f1e696cb3be8f4" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript via 1.1 54fc556adf6e8c787574c6f132d70179.cloudfront.net (CloudFront) x-amz-version-id Wukglm8NBgwYNfr9FYt3vY_dbgf_HJ6l x-amz-cf-id ADLnocBjd6ggEXEmF71EZOrOmnV3BsuLicZ9U8vYDvFTeI6q-RUdKg== Redirect headers location https://cdn.trustedform.com:443/bootstrap.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16354889029070.8122839991965636 date Fri, 29 Oct 2021 06:28:23 GMT server awselb/2.0 content-length 134 content-type text/html
GET H2	200	evaluation-hover-button.jpg dhozj507pfmqc.cloudfront.net/sites/1002/images/	8 KB 8 KB	110ms 110ms	Image image/jpeg	18.66.121.47 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dhozj507pfmqc.cloudfront.net/sites/1002/images/evaluation-hover-button.jpg Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.121.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash `e5fede04dcf930dd6b36df204b17b3e52738af0636544c17dc0461634c267608` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 06:28:23 GMT via 1.1 f884e2c0a4bd6c75faee34aade3f091f.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2017 22:04:03 GMT server Apache x-amz-cf-pop FRA60-P2 x-cache Miss from cloudfront content-type image/jpeg accept-ranges bytes content-length 7999 x-amz-cf-id E4d3DLDXeaGoUkd2hbhg8QoriaACvOMMkTtFOXjl2sIEBZbNp6LD1Q==
POST H2	201	certs Show response api.trustedform.com/	475 B 686 B	278ms 94ms	XHR application/json	35.172.98.159 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.trustedform.com/certs Requested by Host: api.trustedform.com URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16354889029070.8122839991965636 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.172.98.159 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-172-98-159.compute-1.amazonaws.com Software Cowboy / Resource Hash `7fd9352f79f7f29b8669edd69708a9960e0e50c83465fd965573a82140187615` Request headers Referer https://www.ustaxdefense.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain Response headers date Fri, 29 Oct 2021 06:28:23 GMT server Cowboy content-type application/json; charset=utf-8 access-control-allow-origin * access-control-expose-headers cache-control max-age=0, private, must-revalidate access-control-allow-credentials true content-length 475
GET H2	200	trustedform-1.5.8.js Show response cdn.trustedform.com/	82 KB 29 KB	8ms 7ms	Script application/javascript	52.222.214.104 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.trustedform.com/trustedform-1.5.8.js Requested by Host: api.trustedform.com URL: https://api.trustedform.com/trustedform.js?provide_referrer=false&field=xxTrustedFormCertUrl&l=16354889029070.8122839991965636 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.214.104 Seattle, United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-214-104.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash `2325fcd937bca9732281e9f4f8960d8fb5aed726265ceb609a77f50cd7039148` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers x-amz-version-id srRHaEKZoYw77hmUBlWTeIw_odvirpEk content-encoding gzip last-modified Wed, 01 Sep 2021 19:52:13 GMT server AmazonS3 age 9 etag W/"0ea185cf3ab4939007594db03e431e63" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 54fc556adf6e8c787574c6f132d70179.cloudfront.net (CloudFront) date Fri, 29 Oct 2021 06:28:20 GMT x-amz-cf-pop FRA56-P3 x-amz-cf-id FZPUHA_3HH4tWOy8X6I0PgFf2asQQOsQixWPICPH3naV_pQf8OXdeA==
POST H2	204	snapshot Show response api.trustedform.com/certs/4e6de481462c66af1ed9e30e88231eb4ecfe6432/	0 159 B	94ms 94ms	XHR text/plain	35.172.98.159 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.trustedform.com/certs/4e6de481462c66af1ed9e30e88231eb4ecfe6432/snapshot Requested by Host: cdn.trustedform.com URL: https://cdn.trustedform.com/trustedform-1.5.8.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.172.98.159 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-172-98-159.compute-1.amazonaws.com Software Cowboy / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://www.ustaxdefense.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Fri, 29 Oct 2021 06:28:23 GMT cache-control max-age=0, private, must-revalidate access-control-allow-credentials true server Cowboy access-control-expose-headers
GET H2	200	us-tax-defense-logo.jpg dhozj507pfmqc.cloudfront.net/sites/1002/images/	33 KB 33 KB	9ms 8ms	Image image/jpeg	18.66.121.47 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dhozj507pfmqc.cloudfront.net/sites/1002/images/us-tax-defense-logo.jpg Requested by Host: cdn.trustedform.com URL: https://cdn.trustedform.com/trustedform-1.5.8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.121.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash `e7ef5da3c7f69950571db2adc0d8ced92038a5901e0097dd789b54d9de1adfcc` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 10:30:02 GMT via 1.1 f884e2c0a4bd6c75faee34aade3f091f.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2017 22:04:07 GMT server Apache age 71900 x-cache Hit from cloudfront content-type image/jpeg x-amz-cf-pop FRA60-P2 accept-ranges bytes content-length 33750 x-amz-cf-id HylNOsSl1rLvshoDyYBn3RfZGm-fMiEZ31S7BzC8UDylpNp951nboQ==
GET H2	200	top-right-logos.png dhozj507pfmqc.cloudfront.net/sites/1002/images/	12 KB 12 KB	8ms 7ms	Image image/png	18.66.121.47 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dhozj507pfmqc.cloudfront.net/sites/1002/images/top-right-logos.png Requested by Host: cdn.trustedform.com URL: https://cdn.trustedform.com/trustedform-1.5.8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.121.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash `ad014ff719a6356c0f09bada37ae5d43c836c939938275e943bd27ffcb363d6e` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 10:30:02 GMT via 1.1 f884e2c0a4bd6c75faee34aade3f091f.cloudfront.net (CloudFront) last-modified Wed, 24 Jul 2019 15:38:26 GMT server Apache age 71901 x-cache Hit from cloudfront content-type image/png x-amz-cf-pop FRA60-P2 accept-ranges bytes content-length 12249 x-amz-cf-id tqPkBpINApgZSQJmMzgEQP6UPk-rFpuzfXKexXiYKP4IDNR2vRfIfQ==
GET H2	200	seen-on-bg.jpg dhozj507pfmqc.cloudfront.net/sites/1002/images/	12 KB 12 KB	9ms 8ms	Image image/jpeg	18.66.121.47 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dhozj507pfmqc.cloudfront.net/sites/1002/images/seen-on-bg.jpg Requested by Host: cdn.trustedform.com URL: https://cdn.trustedform.com/trustedform-1.5.8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.121.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash `64bc06c9dc8775903f678cf5602492761161ee981315c188a53200ced5f1442b` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Thu, 28 Oct 2021 15:18:17 GMT via 1.1 f884e2c0a4bd6c75faee34aade3f091f.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2017 22:04:06 GMT server Apache age 54606 x-cache Hit from cloudfront content-type image/jpeg x-amz-cf-pop FRA60-P2 accept-ranges bytes content-length 12252 x-amz-cf-id 3FpAiL_yGPlzMFelq0rRxIgcNnhN55cWjPpjR5dwbVhbKPfhmNEkWQ==
GET H2	200	welcome-left-bg.png dhozj507pfmqc.cloudfront.net/sites/1002/images/	157 KB 158 KB	9ms 9ms	Image image/png	18.66.121.47 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dhozj507pfmqc.cloudfront.net/sites/1002/images/welcome-left-bg.png Requested by Host: cdn.trustedform.com URL: https://cdn.trustedform.com/trustedform-1.5.8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.121.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash `de30344e9a5cff6eeb3a4a95fc67158b3b0cf28ede574c109bbec94b564472bf` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 05:44:42 GMT via 1.1 f884e2c0a4bd6c75faee34aade3f091f.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2017 22:04:09 GMT server Apache age 2621 x-cache Hit from cloudfront content-type image/png x-amz-cf-pop FRA60-P2 accept-ranges bytes content-length 161081 x-amz-cf-id ssHHhpvPNe3FHIVa4PsJxwV7hm7Xq-cPPtAAfgYopMVEqRWgGGaPEg==
GET H2	200	evaluation-normal-button.jpg dhozj507pfmqc.cloudfront.net/sites/1002/images/	8 KB 8 KB	9ms 9ms	Image image/jpeg	18.66.121.47 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dhozj507pfmqc.cloudfront.net/sites/1002/images/evaluation-normal-button.jpg Requested by Host: cdn.trustedform.com URL: https://cdn.trustedform.com/trustedform-1.5.8.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.121.47 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache / Resource Hash `0b730aa72b4d84271ea7be37cd849e6e54f6fe7eacf5e2c5a993f5e8b65a3ce0` Request headers Accept-Language de-DE,de;q=0.9 Referer https://www.ustaxdefense.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Response headers date Fri, 29 Oct 2021 05:44:42 GMT via 1.1 f884e2c0a4bd6c75faee34aade3f091f.cloudfront.net (CloudFront) last-modified Sat, 05 Aug 2017 22:04:03 GMT server Apache age 2621 x-cache Hit from cloudfront content-type image/jpeg x-amz-cf-pop FRA60-P2 accept-ranges bytes content-length 8051 x-amz-cf-id mQdYmUL-GBJ9xLGHetXwKp9hzYW35EOVyWEjR-a6l38oDyaI0-plOw==
POST H2	204	fingerprints Show response api.trustedform.com/certs/4e6de481462c66af1ed9e30e88231eb4ecfe6432/	0 159 B	93ms 93ms	XHR text/plain	35.172.98.159 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://api.trustedform.com/certs/4e6de481462c66af1ed9e30e88231eb4ecfe6432/fingerprints Requested by Host: cdn.trustedform.com URL: https://cdn.trustedform.com/trustedform-1.5.8.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 35.172.98.159 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-35-172-98-159.compute-1.amazonaws.com Software Cowboy / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://www.ustaxdefense.org/ Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin * date Fri, 29 Oct 2021 06:28:23 GMT cache-control max-age=0, private, must-revalidate access-control-allow-credentials true server Cowboy access-control-expose-headers

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			cosinusline.com/	1970-01-19 23:02:43	Name: uid3285 Value: 623984778-20211029022821-7439465183040a3119f9d97be7a48cbb-

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.trustedform.com
cdn.trustedform.com
code.jquery.com
cosinusline.com
dhozj507pfmqc.cloudfront.net
go.whitehattracking.com
gonelens.com
s3.amazonaws.com
www.ustaxdefense.org
172.81.118.28
18.66.121.47
207.142.0.202
23.234.217.154
35.172.98.159
52.217.78.86
52.222.214.104
52.49.188.37
69.16.175.10
0b730aa72b4d84271ea7be37cd849e6e54f6fe7eacf5e2c5a993f5e8b65a3ce0
216f31d03ced35bd38c606cda5aa23c7fd78688679aec98d19a24cbf7c8912ed
2325fcd937bca9732281e9f4f8960d8fb5aed726265ceb609a77f50cd7039148
27f6a26dd9f8b5e9694e1bd35d4e5a442e4b988f0e6b2721a03420f421990734
3d4219ba46c268a82d95117635a50aca746eec89f71d967955ce3ad640d03e05
3f60cdedb71d6480a9425a3de601c7a0b61933913e24104f874f8c931a1e384e
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
54db141f62decc2eff9a8fbd6f4abbc168930c87248c5dd15927e2b807b59602
64bc06c9dc8775903f678cf5602492761161ee981315c188a53200ced5f1442b
7fd9352f79f7f29b8669edd69708a9960e0e50c83465fd965573a82140187615
974469cfba3e112fde015949458c651778154a22a8798fea08164702d677c5c4
9f74593149adc21c135cc88bba9dfb21d71504ae0f2f558e0f2fe227ff98b380
a7c84e0797c80785d8123860ed09e1f09efe26488e255475d9ef37f897f0ce43
ad014ff719a6356c0f09bada37ae5d43c836c939938275e943bd27ffcb363d6e
c66a78f08a25909a6be6a4b762217eb7a176dd7f5ae7bb20c5807510411b591d
ca182edc7135b49762bccd4e05d417abc9168b2ede7433e6f5ab412fa3d4cc8a
d5d1706afe013adca66defa792ca52bf29be3877c25a8354d20004a2c873c5bf
de30344e9a5cff6eeb3a4a95fc67158b3b0cf28ede574c109bbec94b564472bf
e04902cb8d591b22813f665be2bc146ece30400643efea6f12efc056edad981a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5fede04dcf930dd6b36df204b17b3e52738af0636544c17dc0461634c267608
e7ef5da3c7f69950571db2adc0d8ced92038a5901e0097dd789b54d9de1adfcc
ec14c2b971443ca7322f04a1b65dc70974ad71f470d4726cea33d482a86215a2

www.ustaxdefense.org Open in urlscan Pro 172.81.118.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

30 Requests

97 %HTTPS

0 %IPv6

8 Domains

9 Subdomains

7 IPs

2 Countries

992 kBTransfer

1106 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.ustaxdefense.org Open in urlscan Pro
172.81.118.28 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

97 %
HTTPS

0 %
IPv6

8
Domains

9
Subdomains

7
IPs

2
Countries

992 kB
Transfer

1106 kB
Size

1
Cookies

30 HTTP transactions
0 data transactions