irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com Open in urlscan Pro
2606:4700:3036::ac43:ab22 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://943499.aguilarmotorsport.com/5index.php?=cva&
Effective URL:
https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home.html?resource_url=https://sa.www4.irs.gov/ir...
Submission: On August 14 via api (August 14th 2023, 11:03:36 pm UTC) from JP — Scanned from JP

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3036::ac43:ab22, located in United States and belongs to CLOUDFLARENET, US. The main domain is irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com.
TLS certificate: Issued by GTS CA 1P5 on July 9th 2023. Valid for: 3 months.

This is the only time irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: IRS (Government)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3036::ac43:b80f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2606:4700:303... 2606:4700:3036::ac43:ab22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	1

1 2606:4700:3036::ac43:b80f (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

943499.aguilarmotorsport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:3036::ac43:ab22 (United States)

ASN13335 (CLOUDFLARENET, US)

irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	alvesgs.com irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com	56 KB
1	aguilarmotorsport.com 1 redirects 943499.aguilarmotorsport.com	587 B
15	2

	Domain	Requested by
15	irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com	irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com
1	943499.aguilarmotorsport.com	1 redirects
15	2

This site contains no links.

Subject Issuer	Validity	Valid
alvesgs.com GTS CA 1P5	`2023-07-09` - `2023-10-07`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=51256&session=141313
Frame ID: 963489D9AA3901A9993CC295976EB1FF
Requests: 14 HTTP requests in this frame

Frame: https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home_files/saved_resource.htm
Frame ID: 6C6D7A0D25660B55A1B57CB1D895D3E5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Get Refund Status

Page URL History Show full URLs

https://943499.aguilarmotorsport.com/5index.php?=cva& HTTP 302
https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/index.php?resource_url=https:... Page URL
https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home.html?resource_url=https:... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Page Statistics

15
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

56 kB
Transfer

244 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://943499.aguilarmotorsport.com/5index.php?=cva& HTTP 302
https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/index.php?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp Page URL
https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=51256&session=141313 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://943499.aguilarmotorsport.com/5index.php?=cva& HTTP 302
https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/index.php?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp

15 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	index.php Show response irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/ Redirect Chain https://943499.aguilarmotorsport.com/5index.php?=cva& https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/index.php?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofget...	281 B 670 B	684ms 524ms	Document text/html	2606:4700:3036::ac43:ab22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/index.php?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:ab22 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a999f36864817154894b2cad26ef162500e331fbd422338f62c77d5ef98ae8a4` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7f6cd4eb288734e7-NRT content-encoding br content-type text/html; charset=UTF-8 date Mon, 14 Aug 2023 23:03:32 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cgtFlUQHCQgSLDU0oE1yeMdo8TsYCXUxk6aWaSo5uLVluz6ErYWPG81%2BB9PRqv2Nuv2EEWtJ42lx7kXnJf2ke3XjDdIP5FtwDyo3ZZ8XfVG1fyVtXOYHfJnwR1%2B2H4kWQH6d9h6%2FMNpH%2FSF9L6XJAvCr7lHNm7p%2BHRnpZYrUR6v6PcfXiwYIc9ThTsV0rX1CA1gDnkNLYJE%2F2phnrd5vK5DV0LLAA4Y%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding Redirect headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7f6cd4e6dafb2642-NRT content-type text/html; charset=UTF-8 date Mon, 14 Aug 2023 23:03:32 GMT location https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/index.php?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4VMha15XssZCijLLGZa27hDrxMTa0%2BDtI%2FKFK%2Bb9ErSrJER8wDjgjUPsz8LDXVXwhwREuDVSpBdLit%2FCDSjAXx2WZjft8lb1OQqOvsW1eaMcEXBdtUuLhBa7iSRJtpb8bwXqTNXrasCUxqw0yUCFjLhcyIZp%2BK8nDNgP"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	Primary Request home.html Show response irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/	12 KB 4 KB	523ms 522ms	Document text/html	2606:4700:3036::ac43:ab22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=51256&session=141313 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3036::ac43:ab22 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ad2f435f42c01c935af717382851192b5d51ff23b18ca31ee19bf605a01f3446` Request headers Referer https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/index.php?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7f6cd4ee9b0534e7-NRT content-encoding br content-type text/html date Mon, 14 Aug 2023 23:03:33 GMT last-modified Tue, 25 Apr 2023 15:40:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rs68ZetY0Bma9juua77JEbrM4KqG6E0ybX%2B%2BGR%2BTwnuZ9ePQDrlw9FeCQHZPUez6HeSHJhM0VStsdKoh3a9Cd9dTYGgSLf9OnsEM6ugXfRzM1KXC%2Bjs4H8zIhCJoXCxiKhSSQ0Nac%2FK5eMZ6SSHqnHh3kfQFiI2%2BS%2F8oc1eQ8G0M8s0gjoLT6vCezXqya%2FhG9WTD5AVF4JB8Gy43rRyR4dIbSYGKUUQ%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H3	200	bootstrap.css irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home_files/	152 KB 24 KB	790ms 788ms	Stylesheet text/css	2606:4700:3036::ac43:ab22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home_files/bootstrap.css Requested by Host: irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com URL: https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=51256&session=141313 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:ab22 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36` Request headers accept-language jp-JP,jp;q=0.9 Referer https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=51256&session=141313 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 14 Aug 2023 23:03:34 GMT content-encoding br cf-cache-status MISS last-modified Wed, 08 Jun 2022 21:09:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"2606e-5e0f61f399f80-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WxTwWFjEBJulAMVruUdUglhbwPydfsW1%2BZ8kLRub3T%2FSw92FkqRAjsXLKzJz9sgWsiz%2BVolWoLc7Sa9xcFBNQMAAqmAI4r%2FbSPcV5%2BxPN4q81NmKzmqFBv4weUMmSwHzo%2FIeOSwYm7SFMfV2N%2BmUe61GjPUKgSUHII%2F%2FZpwaoPkfSBJEXrWHbR1k4yIGJ%2B7SPWf%2BQ0rW8NiYzc6%2BwD0ozRScTLBKM%2FM%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7f6cd4f1dbb8e098-NRT alt-svc h3=":443"; ma=86400
GET H3	200	jquery-ui.css irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home_files/	31 KB 8 KB	529ms 527ms	Stylesheet text/css	2606:4700:3036::ac43:ab22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home_files/jquery-ui.css Requested by Host: irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com URL: https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=51256&session=141313 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:ab22 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ca4df2bf400a42d8752e115f03366a90b2b4ed06b2da9ef429d41fda5f15705e` Request headers accept-language jp-JP,jp;q=0.9 Referer https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=51256&session=141313 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 14 Aug 2023 23:03:33 GMT content-encoding br cf-cache-status MISS last-modified Wed, 08 Jun 2022 21:09:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"7d52-5e0f61f399f80-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U2a80TPwqnQIegzIC20DK7TR5RNBmrI6KwQELbW1wdJKm4rndyybvNCYjWVJ8xTfKmJQcQYQfknuJFEV60%2BivenvVhl5OsklUEnGPplMj9ce42mtENlIOQl%2F65RR69bmc14e8Zm14gwtdtH4mPD%2BCg5oLSY%2BJP6jxcvewyBuy1tY1FczjA45gBnvlMCK73m59yS8DhgBvZc9iW0Pc9t47k7EL1%2B0b7E%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7f6cd4f1dbb9e098-NRT alt-svc h3=":443"; ma=86400
GET H3	200	irs.css irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home_files/	6 KB 2 KB	525ms 523ms	Stylesheet text/css	2606:4700:3036::ac43:ab22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home_files/irs.css Requested by Host: irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com URL: https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=51256&session=141313 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:ab22 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c091629a45d384695d3aa0fcea2210eab8edff323d8ecbf81e3a04fda820d7f4` Request headers accept-language jp-JP,jp;q=0.9 Referer https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=51256&session=141313 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 14 Aug 2023 23:03:33 GMT content-encoding br cf-cache-status MISS last-modified Wed, 08 Jun 2022 21:09:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"16ae-5e0f61f399f80-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gW3ZYkh%2B9FX4g7F3fxJHJIlvvGnXRRFmSlMxbYTvl5UWQB64jKq8q1Pf6sg5XOldGUyd3ubr0S2sSpg9vXxClpoWHwq2k50ivfhEFQvf%2Ft5UnRr5DqsuTwl0IkIOHtVkaMPsCIJmxGEhB2IsMXDWkcbPg0C4SbNOMd5klLlkXQaG0Vlct%2F%2Fre3NDdfRFTDE1lFOUeWXJaz9PPR%2FecbKnX8gZoAm8Llw%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7f6cd4f1dbbce098-NRT alt-svc h3=":443"; ma=86400
GET H3	200	app.css irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home_files/	9 KB 3 KB	534ms 533ms	Stylesheet text/css	2606:4700:3036::ac43:ab22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home_files/app.css Requested by Host: irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com URL: https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=51256&session=141313 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:ab22 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f4b254c69add59c9263fc046268904bcb604aaef26626ad2dd7ba2f9b2965f52` Request headers accept-language jp-JP,jp;q=0.9 Referer https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=51256&session=141313 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 14 Aug 2023 23:03:33 GMT content-encoding br cf-cache-status MISS last-modified Wed, 08 Jun 2022 21:09:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"2467-5e0f61f399f80-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RR%2B1bEzg2NLYcCQT99G5gMwc48bLv5qSHLbrfN%2FEPx8s86uhHLinxDsPrp00H2KRlXbmcuEy3fPZJPFChbtDmv78Xxenx%2FMKqS9WzP%2BhYAUbaLYp8vGyY3wO1VhchswjwAstB5iii2sDpoBi7S1VhpKv2l9%2FYaSVvOrq5UBOh6ZVjmbWDvH1sg7Afan9egFV2ER4ieSeOuFsOeElAQvGUsTnGSafCKs%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7f6cd4f1dbc0e098-NRT alt-svc h3=":443"; ma=86400
GET H3	200	app-error.css irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home_files/	786 B 819 B	534ms 532ms	Stylesheet text/css	2606:4700:3036::ac43:ab22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home_files/app-error.css Requested by Host: irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com URL: https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=51256&session=141313 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:ab22 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c4abb35ccb93590308661b4dafacfe380c89aef07e2d94499d23f1637137bd1c` Request headers accept-language jp-JP,jp;q=0.9 Referer https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=51256&session=141313 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 14 Aug 2023 23:03:33 GMT content-encoding br cf-cache-status MISS last-modified Wed, 08 Jun 2022 21:09:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"312-5e0f61f399f80-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RAYeSymlhaFqSKJ5G%2BXkVKToZ3Pk88%2Fr4J7sENC%2B0hDUwlqxmGIl9hzscjNat%2F0TKfRoV%2FILiXVij72PWis3q7rVup%2BLuPKGa%2BfduqJmGL7o5GlkwcOJM47wvMX2fzdwJInjroqmJJg8Ow%2F%2BxB%2FvxlgBs800pCbvw%2BIwpk0F0i0765R9LUf1a%2BnXOY8g0SA0cjHpVPjaZp4O9movKlV1J5VTa96GOew%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7f6cd4f1dbc5e098-NRT alt-svc h3=":443"; ma=86400
GET H3	200	wmsp-shared-secrets.css irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home_files/	3 KB 1 KB	517ms 516ms	Stylesheet text/css	2606:4700:3036::ac43:ab22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home_files/wmsp-shared-secrets.css Requested by Host: irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com URL: https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=51256&session=141313 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:ab22 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fd8245e841b019e192658b02f6d510112f6793dace36c4b29cc44ab2ab6179cd` Request headers accept-language jp-JP,jp;q=0.9 Referer https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=51256&session=141313 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 14 Aug 2023 23:03:33 GMT content-encoding br cf-cache-status MISS last-modified Wed, 08 Jun 2022 21:09:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"cb8-5e0f61f399f80-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VBXCI3XIRscPJYb4wJKQ8Uht9KbGUzEKo5%2FMufK%2BKPd7HhaQqKJY279s9X0yxa1Jwn0liKh%2FuCRDZK3xWPkulOg2CQXcDg5HFD%2FyYQ0qkLSEUUB4bTRbLn%2Fmtvd9%2BO57LM7%2FK9tTnKbv1s646rdbGQreAfkp21bH7SnkzuVwhuBao2rY5szx1YLkla20jFiDdww7ShJkOLrpYDeFrfSCknDohb5MvCU%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7f6cd4f1dbc9e098-NRT alt-svc h3=":443"; ma=86400
GET H3	200	wmsp-results.css irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home_files/	2 KB 1 KB	511ms 509ms	Stylesheet text/css	2606:4700:3036::ac43:ab22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home_files/wmsp-results.css Requested by Host: irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com URL: https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=51256&session=141313 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:ab22 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c270883773a53da36d154ea13ce8ea8451489c25aabd20e60ef6eb65c4fe439d` Request headers accept-language jp-JP,jp;q=0.9 Referer https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=51256&session=141313 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 14 Aug 2023 23:03:33 GMT content-encoding br cf-cache-status MISS last-modified Wed, 08 Jun 2022 21:09:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"673-5e0f61f399f80-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R0vV%2BvhT2Qz1pTWO2elw%2BqjZmkwzmt2TXD57L5dtzAc3oFfDxqOblyYJgA5c2yVSVEiMIpQKDnDHFC0n9S%2BROYHj55zj5ArUeuMKbckCIIkWJQfkWC%2F61COmAb5NnJVtli0IvnrWVzuFiqYlr%2F7GftVpvPvhGA7SdDeYIOGr81kGJBGlH6fzDJcM2zAIbAom%2B4Vv1Kwm1boS7Y0Y5s2jVV02SOQCQ7s%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7f6cd4f1dbcbe098-NRT alt-svc h3=":443"; ma=86400
GET H3	200	datepicker.css irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home_files/	21 KB 3 KB	532ms 530ms	Stylesheet text/css	2606:4700:3036::ac43:ab22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home_files/datepicker.css Requested by Host: irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com URL: https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=51256&session=141313 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:ab22 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `a2538e625a9042c2cd54e13cf52221fce1831dd12c5ca4cdac23137ac22e3010` Request headers accept-language jp-JP,jp;q=0.9 Referer https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=51256&session=141313 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 14 Aug 2023 23:03:33 GMT content-encoding br cf-cache-status MISS last-modified Wed, 08 Jun 2022 21:09:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"52fc-5e0f61f399f80-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WS%2FzP%2BaCJ2WCloraQw1SA2cSRPp2hi%2B%2FAECws6VmTaik71acivC0VGJXqqzOxtJPqtWgvGv%2Fh%2B7p2cXKfYZrIYWvbkPoCp9b5hyDcyCCOot9bsFzXNhP21q%2BMhkQiOw572lNFnOZhFQaJoPzKhyllEqkXPL%2FAU%2Bx27%2BqBOqT5K7pyT%2FMN%2BJfM%2FoIhqtuWYlWegijVJZc3UUoRn%2FCPNL7KgKvqmI8HSQ%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7f6cd4f1dbcee098-NRT alt-svc h3=":443"; ma=86400
GET H3	200	logo.png irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home_files/	5 KB 5 KB	524ms 524ms	Image image/png	2606:4700:3036::ac43:ab22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home_files/logo.png Requested by Host: irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com URL: https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=51256&session=141313 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:ab22 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `02ceea374fce34ce8272bb17a67fd862c8ff49eeb05938154570701ca7a62ea7` Request headers accept-language jp-JP,jp;q=0.9 Referer https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=51256&session=141313 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 14 Aug 2023 23:03:34 GMT cf-cache-status MISS last-modified Wed, 08 Jun 2022 21:09:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "1220-5e0f61f399f80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuksHUUgzDc%2Bb%2FWSXCFyk3t0VtuEfnv%2FNup%2Bkc5SxgPCFrp8W1RlXRuyMUj4oXGwEzVaHoIhxhp65k2w2bRSZ1Nl4zg9B1pxt%2BEJzqUzhRwaEA4y6kLlmLLgkgJoFQkjZzo0bNuHhZn%2F8OaNu5P2aLwSabRuoKz0SA%2B2icITyTsqjCFXrK9s5CmAS1hxnUe9bWX%2BoY9uVIDL4VqscIplq1PA5vhOSpU%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7f6cd4f53ec6e098-NRT alt-svc h3=":443"; ma=86400 content-length 4640
GET H3	200	irs_horiz_white.png irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home_files/	1 KB 2 KB	514ms 514ms	Image image/png	2606:4700:3036::ac43:ab22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home_files/irs_horiz_white.png Requested by Host: irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com URL: https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=51256&session=141313 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:ab22 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5d3238bdb8ee9440978b31fadb2af34965dca58b179a1225e13316d4c6cfd5e8` Request headers accept-language jp-JP,jp;q=0.9 Referer https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=51256&session=141313 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 14 Aug 2023 23:03:34 GMT cf-cache-status MISS last-modified Wed, 08 Jun 2022 21:09:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "5da-5e0f61f399f80" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OzXq9MSUID3xE5lfaMe69752F7Sd%2Ba03skCTY9MQtJtv9nzuf%2FA3U5WsWlp0oWE5upRLAurOx9DiP99K4FARUuAKC5TG%2FDEv14OLBwz5Nf8zkONEzDp25gT%2FLumBCIvbDqxnJGXppB7BMRTxWDTlKudHBKMmfLQ2RN609GKaxSYaoWdmhAL7fHDNdnCoqxSRyxupANnhrs4Zqacf0G95shGkkMZlonk%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control max-age=14400 accept-ranges bytes cf-ray 7f6cd4f6c8a1e098-NRT alt-svc h3=":443"; ma=86400 content-length 1498
GET H3	200	saved_resource.htm Show response irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home_files/ Frame 6C6D	313 B 679 B	273ms 272ms	Document text/html	2606:4700:3036::ac43:ab22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home_files/saved_resource.htm Requested by Host: irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com URL: https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=51256&session=141313 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:ab22 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6afaa120b93af4f452d55328c8a2e686ab93ef0e4baa5b049a808d471cb7781f` Request headers Referer https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=51256&session=141313 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 7f6cd4f6d8a8e098-NRT content-encoding br content-type text/html date Mon, 14 Aug 2023 23:03:34 GMT last-modified Wed, 08 Jun 2022 21:09:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZyYT4CCDxFcpfYpNR67McMhzn%2FoNUTJcMHI1kj1x309Si4QcNE77yC8MsTb6JEVE4jlji1DKqg7u84dxL%2B%2FdRIm%2BIBt0cG%2FIxV3UTTVWknQcp0LLFUl8qT%2FKxXld5alc4qGZxu9kY0ajFNk8CkHjA2VnxC3GCQnYKXIq7CUua5Utwt7CQszhqWXTwr8E84hGztYOGEtqC8lCMRK4E7r0azyeKGDs5LQ%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H3	404	swirl_lighter_ca6f4deb.png irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/images/	334 B 334 B	522ms 522ms	Image text/html	2606:4700:3036::ac43:ab22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/images/swirl_lighter_ca6f4deb.png Requested by Host: irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com URL: https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home_files/app.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:ab22 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3f73730d1df561a8c6e203ee1bed5e4b70d6d132694d9d951b63de507503fa6` Request headers accept-language jp-JP,jp;q=0.9 Referer https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home_files/app.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 14 Aug 2023 23:03:34 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44hFxjvtC48GCeolSw7AEDMDXeecNzW1r9XvPyo2xOzXXDpGRbuuqcSrt0pSI7ZI9rcqbZQnddDvd0JKba9%2F4o7eh579duyvwIRpti6BAax3a%2BA%2Fyq%2B5myqgGBlsarUotjIClVTfpdt9%2BfZBo5ZpEgx7CPdnhV%2BxFnfKizu0rmhVqqjQuJ2vawnNSNdJEOM1s3%2BKQyFcefRCagBTmn2f0fm%2B1R7%2BHrQ%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 7f6cd4f6d8ace098-NRT alt-svc h3=":443"; ma=86400
GET H3	404	us.png irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/assets/img/	334 B 334 B	521ms 521ms	Image text/html	2606:4700:3036::ac43:ab22 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/assets/img/us.png Requested by Host: irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com URL: https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home_files/app.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3036::ac43:ab22 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3f73730d1df561a8c6e203ee1bed5e4b70d6d132694d9d951b63de507503fa6` Request headers accept-language jp-JP,jp;q=0.9 Referer https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/home_files/app.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Mon, 14 Aug 2023 23:03:34 GMT content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g6YXDZ1ocg4gJfuICobSR0sRjGtI%2BWALG8H9mjnQxIJaCZ5f6il%2BZ4rrQ4VgReoEFb41XAW1NdJ4g2DX3jFAK8x0Zga9NDwT7rMCahoOWcUG8K7vLpQzcGxszvP4Y1FZ7UvmqwYmjXbglKONSwZnwEQVfSW%2F7x3XP1FhsGlDA5h0NB8Cdaiwa1ARYBUOupZLWnd5viLKnhjQituuRYr6zwLtlsSQ4vc%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=14400 cf-ray 7f6cd4f6d8ade098-NRT alt-svc h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: IRS (Government)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/assets/img/us.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com/refund-getstatus_IRServlet-form2_irfof-en_lang/images/swirl_lighter_ca6f4deb.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

943499.aguilarmotorsport.com
irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com
2606:4700:3036::ac43:ab22
2606:4700:3036::ac43:b80f
02ceea374fce34ce8272bb17a67fd862c8ff49eeb05938154570701ca7a62ea7
5d3238bdb8ee9440978b31fadb2af34965dca58b179a1225e13316d4c6cfd5e8
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
6afaa120b93af4f452d55328c8a2e686ab93ef0e4baa5b049a808d471cb7781f
a2538e625a9042c2cd54e13cf52221fce1831dd12c5ca4cdac23137ac22e3010
a999f36864817154894b2cad26ef162500e331fbd422338f62c77d5ef98ae8a4
ad2f435f42c01c935af717382851192b5d51ff23b18ca31ee19bf605a01f3446
c091629a45d384695d3aa0fcea2210eab8edff323d8ecbf81e3a04fda820d7f4
c270883773a53da36d154ea13ce8ea8451489c25aabd20e60ef6eb65c4fe439d
c4abb35ccb93590308661b4dafacfe380c89aef07e2d94499d23f1637137bd1c
ca4df2bf400a42d8752e115f03366a90b2b4ed06b2da9ef429d41fda5f15705e
e3f73730d1df561a8c6e203ee1bed5e4b70d6d132694d9d951b63de507503fa6
f4b254c69add59c9263fc046268904bcb604aaef26626ad2dd7ba2f9b2965f52
fd8245e841b019e192658b02f6d510112f6793dace36c4b29cc44ab2ab6179cd

irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com Open in urlscan Pro 2606:4700:3036::ac43:ab22 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

1 IPs

1 Countries

56 kBTransfer

244 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

irs-return_taxtopics-irfofgetstatus_tc1203help-64dab2c41232e.alvesgs.com Open in urlscan Pro
2606:4700:3036::ac43:ab22 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

56 kB
Transfer

244 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!