sa.www4.irs.gov
Open in
urlscan Pro
2600:1401:4000:1a3::1301
Public Scan
Submission Tags: falconsandbox
Submission: On September 05 via api from US
Summary
TLS certificate: Issued by Entrust Certification Authority - L1K on December 4th 2019. Valid for: 2 years.
This is the only time sa.www4.irs.gov was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
15 | 2600:1401:400... 2600:1401:4000:1a3::1301 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 1 | 2600:1400:d:2... 2600:1400:d:2a0::f50 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
5 | 52.222.34.48 52.222.34.48 | 8987 (AMAZON EX...) (AMAZON EXPANSION) | |
4 | 2a02:26f0:6c0... 2a02:26f0:6c00::210:ba81 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a00:1450:400... 2a00:1450:4001:809::200e | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:82a::200e | 15169 (GOOGLE) (GOOGLE) | |
27 | 6 |
ASN8987 (AMAZON EXPANSION, IE)
PTR: ec2-52-222-34-48.us-gov-west-1.compute.amazonaws.com
connect.irs.gov |
ASN20940 (AKAMAI-ASN1, NL)
p11.techlab-cdn.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
21 |
irs.gov
1 redirects
sa.www4.irs.gov www.irs.gov connect.irs.gov |
263 KB |
4 |
techlab-cdn.com
p11.techlab-cdn.com |
58 KB |
3 |
google-analytics.com
www.google-analytics.com |
20 KB |
27 | 3 |
Domain | Requested by | |
---|---|---|
15 | sa.www4.irs.gov |
sa.www4.irs.gov
|
5 | connect.irs.gov |
sa.www4.irs.gov
|
4 | p11.techlab-cdn.com |
sa.www4.irs.gov
|
3 | www.google-analytics.com |
sa.www4.irs.gov
|
1 | www.irs.gov | 1 redirects |
27 | 5 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.irs.gov |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sa.www4.irs.gov Entrust Certification Authority - L1K |
2019-12-04 - 2022-03-03 |
2 years | crt.sh |
connect.irs.gov Entrust Certification Authority - L1K |
2020-12-08 - 2021-12-14 |
a year | crt.sh |
go.chameleonx.com DigiCert SHA2 Secure Server CA |
2020-12-24 - 2022-01-03 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-08-16 - 2021-11-08 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://sa.www4.irs.gov/eauth/pub/es_icce.jsp
Frame ID: 3C8838CF072F8F2056EE0AA914B5C97F
Requests: 27 HTTP requests in this frame
Frame:
https://connect.irs.gov/system/templates/chat/egain-docked-chat.js
Frame ID: F789AE5BD54AB0E1C59C6FCDB27CA1E1
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Expectation Setting: ICCEDetected technologies
Google Analytics (Analytics) ExpandDetected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Help
Search URL Search Domain Scan URL
Title: IRS Privacy Policy
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 5- https://www.irs.gov/tdcoffers.js HTTP 302
- https://connect.irs.gov/system/web/custom/offers/custoffers.js
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
es_icce.jsp
sa.www4.irs.gov/eauth/pub/ |
193 KB 105 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles-nonie-1024.css
sa.www4.irs.gov/eauth/pub/common/styleSheets/ |
34 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
password-feedback-styles-nonie-1024.css
sa.www4.irs.gov/eauth/pub/common/styleSheets/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
table.css
sa.www4.irs.gov/eauth/pub/common/styleSheets/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
afcfa8383caceaaa7f245fa2cebd5a11630011008c0e
sa.www4.irs.gov/public/ |
139 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga6.js
sa.www4.irs.gov/eauth/pub/common/scripts/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custoffers.js
connect.irs.gov/system/web/custom/offers/ Redirect Chain
|
642 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alerts.jsp
sa.www4.irs.gov/eauth/pub/common/scripts/ |
27 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
constants.js
sa.www4.irs.gov/eauth/pub/common/scripts/ |
24 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tools.js
sa.www4.irs.gov/eauth/pub/common/scripts/ |
97 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
sa.www4.irs.gov/eauth/pub/common/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
button_yes.jpg
sa.www4.irs.gov/eauth/pub/common/images/ |
3 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
button_no.jpg
sa.www4.irs.gov/eauth/pub/common/images/ |
3 KB 3 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
BWw
sa.www4.irs.gov/BblA38J1u-Ui25RhAA/Dia3DJwXipS7/VCFqBwNIMAE/HydVcgNM/ |
77 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
65319_1825232221.js
p11.techlab-cdn.com/e/ |
56 KB 19 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
65257_1825232190.js
p11.techlab-cdn.com/e/ |
14 KB 6 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
64885_1825232283.js
p11.techlab-cdn.com/e/ |
4 KB 2 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
65226_1825232252.js
p11.techlab-cdn.com/e/ |
69 KB 31 KB |
Fetch
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-29 |
linkid.js
www.google-analytics.com/plugins/ua/ |
2 KB 882 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-29 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
offers.js
connect.irs.gov/system/web/view/offers/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
egain-chat.js
connect.irs.gov/system/templates/chat/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
BWw
sa.www4.irs.gov/BblA38J1u-Ui25RhAA/Dia3DJwXipS7/VCFqBwNIMAE/HydVcgNM/ |
18 B 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
420 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
egain-docked-chat.js
connect.irs.gov/system/templates/chat/ Frame F789 |
53 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Offers.egain
connect.irs.gov/system/ |
957 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
BWw
sa.www4.irs.gov/BblA38J1u-Ui25RhAA/Dia3DJwXipS7/VCFqBwNIMAE/HydVcgNM/ |
18 B 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
238 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated undefined| jQuery number| ___dm function| ___dto string| url undefined| search_url_path function| gaError string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData string| OFFER_SERVER object| eCUSTOFRElement object| eCUSTCHATJSElement object| alerts boolean| canSubmit boolean| hasSuccessfullyEnteredPassword1 boolean| hasAttemptedValidateMatchingPassword boolean| hasVisitedSSN1 boolean| hasVisitedSSN2 number| sharedSecretCount string| actDefault string| emailAddr object| emailPattern object| sitePhrasePattern object| passwordPattern object| illegalPasswordPattern object| ssnFormatPattern object| nonDigitPattern object| confCodePattern object| confCodeSplitPattern object| actCodePattern object| secCodePattern string| noCookieMsg string| warningMsg string| warningMsg2 object| confCodeLens object| browsers string| userAgent boolean| isIE boolean| isIE11Plus boolean| isOpera boolean| isFirefox boolean| isSafari boolean| isChrome string| pathURL string| pathPubURL string| pathScriptsURL string| pathStylesURL string| pathJSPFURL string| pathRegURL string| pathErrorURL string| pathHelpURL string| pathSecureURL string| pathBlockURL string| pathHomeURL string| pathLandingURL string| pathProfileURL string| validateURLFailURL string| id_proofingImg01HTML string| id_proofingImg02HTML string| pfAriaDescribedByAttrVal object| passwordRulesLineItemImgHTMLArray boolean| hasCheckedSiteKey number| site_key boolean| isProfileURL number| page boolean| hasDisabledIndChecked object| siteKeyIndexTable object| randomSiteImgArray object| hiddenSiteImageSequenceNumberArray object| numericalLanguageArray object| cc_type object| countries object| days object| months object| states function| load function| openExternalLink function| getFormElementArray function| getFormElementObject function| getInputTextObject function| getNameRegex function| getNextFormElement function| getPageNumber function| getPasswordRules function| getQueryStringDictionary function| getQueryStringVal function| getVersionMatches function| setIsIE function| setIsIE11Plus function| randomize function| containsIllegalCharacter function| containsSpace function| containsSpecialCharacter function| containsSSN function| hasCSS function| hasDetectedBackspaceKey function| hasDetectedBackspaceKeySSN function| hasNonQuirksMeta function| isNotDeleteKey function| isNullOrEmpty function| isValidActCode function| disableElementName function| disableElement function| enableElementName function| enableElement function| isElementNameEnabled function| isElementEnabled function| isValidated function| isValidBankAccount function| isValidCode function| isValidConfirmationCode function| isValidFullConfirmationCode function| isValidConfirmPassword function| isValidCreditCard function| isValidEmailPhrase function| isValidMobile function| isValidName function| isValidPassword function| isValidRouting function| isValidSecCode function| isValidSecondaryEmail function| isValidSitePhrase function| isValidSSN function| isValidSSNLast4 function| isValidTOTPSecCode function| isValidURL function| isValidUserID function| willAddFocusIndicator function| addCCDash function| addCCDashLast8 function| addConfirmationCodeDash function| addEvent function| addEventSelectivelyToTextFields function| addEventToTextFields function| addListener function| addPhoneChars function| addSSNDash function| addVisualFocusIndicator function| adjustErrorMessage function| autoWidth function| adjustHeight function| backButtonOverride function| backButtonOverrideBody function| changeInputType function| changeTitle function| combineSSN function| createHiddenElement function| disableRequired function| displayArrayAsHTMLDropdown function| displayDaysArrayAsHTMLDropdown function| displayNextFieldId function| displaySuccessWindow function| displaySuccessWindowChangePassword function| doMask function| doMaskSSN function| emptySSNFields function| emptySSNHiddenFields function| eventHandler function| eventRadioHandler function| formatCode function| formatPhoneNumeric function| handleEnter function| handleHTML5InputTypes function| handleRadioEnter function| handleWillRememberDevice function| hideLabel function| initializeSSNForm function| keys function| linkStyleChanger function| makeEditable function| parsePhone function| performAllMasking function| performMasking function| populateDaysArray function| populateFormObject function| produceSharedSecretsDropdownHTML function| redirectFromChangePasswordSuccessPopup function| redirectFromChangePasswordSuccessPopup1 function| redirectFromResetPasswordSuccessPopup function| reformatSSN function| replaceNumericalSSN function| replaceSSN function| rePopulate function| retrieveHasReturned function| ssnChange function| ssnJump function| ssnRemoveNonDigits function| successWindowDisplayAction function| toggleYearFieldDisplay function| validateFullConfirmationCode function| validateRegEx function| validateNonEmpty function| validateURLAction function| getPhoneRegex function| validatePhone function| formatPhone function| moveToNextElemIfFull function| isElementFull function| isUserEditing function| toggle_visibility function| backClicked function| clearSSN function| cancelClicked function| cnclClicked function| isInt function| wait object| _ac object| _cf object| bmak number| bm_counter object| bm_script undefined| scripts string| bm_url object| url_split string| obfus_state_field string| state_field_str string| _sd_trace function| op function| eGOFROnLoad object| EGAINOFFERS function| eGOFRPatternStore object| egainDockChat4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.irs.gov/ | Name: _gid Value: GA1.2.999514077.1630874638 |
|
.irs.gov/ | Name: _gat Value: 1 |
|
.irs.gov/ | Name: _ga Value: GA1.2.2028864661.1630874638 |
|
.sa.www4.irs.gov/ | Name: akaalb_sa_eauth_alb Value: 1630875537~op=ALB_SA_EAUTH:SA_Origin_DCS|~rv=51~m=SA_Origin_DCS:0|~os=850f67b9c612bad1bf84b6b3a1b0f61e~id=df199e9836b0b9e9703591231313f095 |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
connect.irs.gov
p11.techlab-cdn.com
sa.www4.irs.gov
www.google-analytics.com
www.irs.gov
2600:1400:d:2a0::f50
2600:1401:4000:1a3::1301
2a00:1450:4001:809::200e
2a00:1450:4001:82a::200e
2a02:26f0:6c00::210:ba81
52.222.34.48
001218b0c8032fd206300217586f7bf0bda6b70458231ac9f9f166460857496f
01fc73cda1cfec585350c5192d95a79c978f6489474ae13782696f164b578310
0b612f32a5ea492a7975ed975b6470c279f280a04ac4de1d027afe1c1e5923bb
2281bceeaf3c81dc26731248960c8d210a0d461a02759c39b7a7b6c5ee1e06a0
27ad5be4102ef88add12d3ed9fcd75d69102343ed22f9538ea6d7b19ad9f7f5d
29837a520cb34c9eb9a4b198d68842f370995c4fa1b3415b625c3737bb8cbbc6
2be3b38d08ee42e465df6f396db597546f9ab8d8c334e326d8a6d66a18f5a046
30e2a68237bb95c4873a3edcc6c0ec402dd1e025e29755bd30629d88b06323ca
3dc7926bf503ebf971d4ba356303a8d56d1d05563d49598e5d3bbda457e8082b
71627e2e1ffaf3ec953e63927c4d18986236126cc6efd21ca670de7a5b186ea1
72667f8da6f63197e092832b2028a562ecfd78a599848ed873d3bd24dd3a7725
74c161b1713fc0fec6f54f1d5d6d7ffc73b8b22dba20eed4d05329985f44fb11
7923c5df4689d8e2b03d4b24349057eb7415f9d70b6cd91975fd19814b402821
7fe83b2a2a1ae9ad497d13e1ce081cda73dc1cedeef4aaeef70076aaa756941f
82c54fc0f123e80a4791ea2a8348812e073cbda81f8f45ea4ebcd4c381fe2827
852bbf67c9988f8ed7e43118f914e581efb96fa4eb6d06eaf626672df92ce5fe
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
b831fccf6dfafa26d4eb3d51369ed026b733dbfd7850217b15511e1266d96115
c90e6d0f2fc077e47949e56b0221636284c62697a133dd7fcf92ae0020e2c23b
dec94add58bdbd142ba96fa9edb4559e561ae89843ee770b03f8c3708bde715e
e0916afbe5f8291168214915bcea9bc411678257222ea7c7ea0d075fc9eb8c4b
eb2f73d74c12297bbef8a05f74ef6f8ca5c33631c35eaf7ce4429ea40b8eb196
f5d343450110d5931fea0b5992e3de5b47ebb93c0ddd229db45ea2a9d82006f3
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ff029846be7931c7b35135b46c4a27a8436b3a987cc60a5352c325650a969c72