comcontactinquiryid0076da1b064d4ef098daed190f03896f.info
Open in
urlscan Pro
162.240.163.214
Malicious Activity!
Public Scan
URL:
https://comcontactinquiryid0076da1b064d4ef098daed190f03896f.info/form/personal
Submission: On May 14 via automatic, source phishtank — Scanned from DE
Submission: On May 14 via automatic, source phishtank — Scanned from DE
Summary
This website contacted 2 IPs
in 2 countries
across 2 domains to perform 14 HTTP transactions.
The main IP is 162.240.163.214, located in
United States and
belongs to UNIFIEDLAYER-AS-1, US.
The main domain is comcontactinquiryid0076da1b064d4ef098daed190f03896f.info.
TLS certificate: Issued by R3 on May 11th 2024. Valid for: 3 months.
This is the only time comcontactinquiryid0076da1b064d4ef098daed190f03896f.info was scanned on urlscan.io!
TLS certificate: Issued by R3 on May 11th 2024. Valid for: 3 months.
This is the only time comcontactinquiryid0076da1b064d4ef098daed190f03896f.info was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: IRS (Government)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 13 | 162.240.163.214 162.240.163.214 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:81d::200a | 15169 (GOOGLE) (GOOGLE) | |
| 14 | 2 |
13
162.240.163.214
(United States)
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-240-163-214.unifiedlayer.com
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-240-163-214.unifiedlayer.com
| comcontactinquiryid0076da1b064d4ef098daed190f03896f.info |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 13 |
comcontactinquiryid0076da1b064d4ef098daed190f03896f.info
comcontactinquiryid0076da1b064d4ef098daed190f03896f.info |
77 KB |
| 1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 380 |
33 KB |
| 14 | 2 |
| Domain | Requested by | |
|---|---|---|
| 13 | comcontactinquiryid0076da1b064d4ef098daed190f03896f.info |
comcontactinquiryid0076da1b064d4ef098daed190f03896f.info
|
| 1 | ajax.googleapis.com |
comcontactinquiryid0076da1b064d4ef098daed190f03896f.info
|
| 14 | 2 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.irs.gov |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| comcontactinquiryid0076da1b064d4ef098daed190f03896f.info R3 |
2024-05-11 - 2024-08-09 |
3 months | crt.sh |
| upload.video.google.com WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://comcontactinquiryid0076da1b064d4ef098daed190f03896f.info/form/personal
Frame ID: F6B76204192B06AC33BB94C02A991488
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
Get My PaymentDetected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
URL: https://www.irs.gov/covid-app-faq-1
Title: Frequently Asked Questions
Title: Frequently Asked Questions
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
14 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
personal
comcontactinquiryid0076da1b064d4ef098daed190f03896f.info/form/ |
13 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.1/ |
94 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.min.css
comcontactinquiryid0076da1b064d4ef098daed190f03896f.info/assets/css/ |
152 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-ui.min.css
comcontactinquiryid0076da1b064d4ef098daed190f03896f.info/assets/css/ |
31 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
irs.css
comcontactinquiryid0076da1b064d4ef098daed190f03896f.info/assets/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app.css
comcontactinquiryid0076da1b064d4ef098daed190f03896f.info/assets/css/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
app-error.css
comcontactinquiryid0076da1b064d4ef098daed190f03896f.info/assets/css/ |
786 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wmsp-shared-secrets.css
comcontactinquiryid0076da1b064d4ef098daed190f03896f.info/assets/css/ |
3 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wmsp-results.css
comcontactinquiryid0076da1b064d4ef098daed190f03896f.info/assets/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
datepicker.css
comcontactinquiryid0076da1b064d4ef098daed190f03896f.info/assets/css/ |
21 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
logo.png
comcontactinquiryid0076da1b064d4ef098daed190f03896f.info/assets/img/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
irs_horiz_white.png
comcontactinquiryid0076da1b064d4ef098daed190f03896f.info/assets/img/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
us.png
comcontactinquiryid0076da1b064d4ef098daed190f03896f.info/assets/img/ |
19 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
favicon.ico
comcontactinquiryid0076da1b064d4ef098daed190f03896f.info/assets/img/ |
4 KB 2 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: IRS (Government)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| isInteger0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | DENY |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
comcontactinquiryid0076da1b064d4ef098daed190f03896f.info
162.240.163.214
2a00:1450:4001:81d::200a
02ceea374fce34ce8272bb17a67fd862c8ff49eeb05938154570701ca7a62ea7
072e57699c75dba5e2b7ee44bb8023b0db97ee476edd4c2b863369791e4940e8
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5d3238bdb8ee9440978b31fadb2af34965dca58b179a1225e13316d4c6cfd5e8
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
6d63881e43e08ef385e6c809b43b2b289a459fb2f30d5159000e2477d776b456
a2538e625a9042c2cd54e13cf52221fce1831dd12c5ca4cdac23137ac22e3010
c091629a45d384695d3aa0fcea2210eab8edff323d8ecbf81e3a04fda820d7f4
c270883773a53da36d154ea13ce8ea8451489c25aabd20e60ef6eb65c4fe439d
c4abb35ccb93590308661b4dafacfe380c89aef07e2d94499d23f1637137bd1c
c9689391c6665ce5ff2b4f8eb3800688a5583f8ebfe67fc2dc622504a3fc40dc
ca4df2bf400a42d8752e115f03366a90b2b4ed06b2da9ef429d41fda5f15705e
e2a82173e0e65eefeb0ad04c62d3c8fe8d6d2ddd8cf7d40bb4fafeeaa6be7631
fd8245e841b019e192658b02f6d510112f6793dace36c4b29cc44ab2ab6179cd