www.gldesarrollos.com Open in urlscan Pro
107.161.180.2  Malicious Activity! Public Scan

83 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request index-2.php Show response www.gldesarrollos.com/can/irs/	120 KB 15 KB	642ms 144ms	Document text/html	107.161.180.2 DIMENOC
General Check archive.org Show headers Download Go to Full URL https://www.gldesarrollos.com/can/irs/index-2.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 107.161.180.2 Orlando, United States, ASN33182 (DIMENOC, US), Reverse DNS server.gafsi.com.co Software Apache mod_bwlimited/1.4 / Resource Hash cf403794c580b89b21ebd2d23c03aed699beeb8b05b07de05c2fb6c2b8ae8143 Request headers Host www.gldesarrollos.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 28 Jul 2020 16:42:47 GMT Server Apache mod_bwlimited/1.4 Vary Accept-Encoding,User-Agent Content-Encoding gzip Content-Length 15251 Keep-Alive timeout=20 Connection Keep-Alive Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	css_q0rtixjfruhprvdu_89jpcc8s5gbyzjb83cknkjzueo.css www.gldesarrollos.com/can/irs/css/	263 KB 41 KB	138ms 137ms	Stylesheet text/css	107.161.180.2 DIMENOC
General Check archive.org Show headers Download Go to Full URL https://www.gldesarrollos.com/can/irs/css/css_q0rtixjfruhprvdu_89jpcc8s5gbyzjb83cknkjzueo.css Requested by Host: www.gldesarrollos.com URL: https://www.gldesarrollos.com/can/irs/index-2.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 107.161.180.2 Orlando, United States, ASN33182 (DIMENOC, US), Reverse DNS server.gafsi.com.co Software Apache mod_bwlimited/1.4 / Resource Hash 5e750e529ffec6790e83f426e70cf94bcbc5df16946dd0f7a1c838f9bd6151be Request headers Referer https://www.gldesarrollos.com/can/irs/index-2.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 28 Jul 2020 16:42:48 GMT Content-Encoding gzip Last-Modified Sat, 25 Jul 2020 06:08:38 GMT Server Apache mod_bwlimited/1.4 ETag "682028-41b0f-5ab3deb9f6580-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=20 Content-Length 41415
GET H/1.1	200 OK	css_q6rayxebybl-yt-nytqghisuk-7vivjgawlwg7vv-ec.css www.gldesarrollos.com/can/irs/css/	325 KB 49 KB	226ms 142ms	Stylesheet text/css	107.161.180.2 DIMENOC
General Check archive.org Show headers Download Go to Full URL https://www.gldesarrollos.com/can/irs/css/css_q6rayxebybl-yt-nytqghisuk-7vivjgawlwg7vv-ec.css Requested by Host: www.gldesarrollos.com URL: https://www.gldesarrollos.com/can/irs/index-2.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 107.161.180.2 Orlando, United States, ASN33182 (DIMENOC, US), Reverse DNS server.gafsi.com.co Software Apache mod_bwlimited/1.4 / Resource Hash 447b3923360ae2b506f12fcaecc085830058e07d6def1238759d12e4a76baec8 Request headers Referer https://www.gldesarrollos.com/can/irs/index-2.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 28 Jul 2020 16:42:48 GMT Content-Encoding gzip Last-Modified Mon, 27 Jul 2020 15:42:16 GMT Server Apache mod_bwlimited/1.4 ETag "682029-514e2-5ab6e2ac72600-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=20 Content-Length 49515
GET H/1.1	200 OK	css_euku7vgd4rhx2lr863i2x_risbfrdjtnq8dwky-nbya.css www.gldesarrollos.com/can/irs/css/	189 KB 17 KB	384ms 135ms	Stylesheet text/css	107.161.180.2 DIMENOC
General Check archive.org Show headers Download Go to Full URL https://www.gldesarrollos.com/can/irs/css/css_euku7vgd4rhx2lr863i2x_risbfrdjtnq8dwky-nbya.css Requested by Host: www.gldesarrollos.com URL: https://www.gldesarrollos.com/can/irs/index-2.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 107.161.180.2 Orlando, United States, ASN33182 (DIMENOC, US), Reverse DNS server.gafsi.com.co Software Apache mod_bwlimited/1.4 / Resource Hash 7d3befbdea3d1b4e4671a1437ae3e5456f25780b5eb9e5a2ba1c27fd24c1e75e Request headers Referer https://www.gldesarrollos.com/can/irs/index-2.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 28 Jul 2020 16:42:48 GMT Content-Encoding gzip Last-Modified Mon, 27 Jul 2020 15:45:42 GMT Server Apache mod_bwlimited/1.4 ETag "682026-2f4ad-5ab6e370e7580-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=20 Content-Length 16844
GET H2	200	IRS-Logo.svg www.irs.gov/themes/custom/pup_base/	14 KB 6 KB	505ms 87ms	Image image/svg+xml	2600:1400:d:2a0::f50 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.irs.gov/themes/custom/pup_base/IRS-Logo.svg Requested by Host: www.gldesarrollos.com URL: https://www.gldesarrollos.com/can/irs/index-2.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2600:1400:d:2a0::f50 , United States, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software / Resource Hash 3536108234988f9febfce80ca86c2fd44acc995593240c0e9e30399f46b27087 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://www.gldesarrollos.com/can/irs/index-2.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-edgeconnect-origin-mex-latency 8, 8 date Tue, 28 Jul 2020 16:42:48 GMT content-encoding br x-content-type-options nosniff x-edgeconnect-midmile-rtt 1, 5 status 200 server-timing cdn-cache; desc=HIT, edge; dur=1 x-ah-environment prod content-length 5582 x-request-id v-129845f4-ce3d-11ea-9996-4fa58ff2d774 accept-ranges bytes last-modified Sat, 25 Jul 2020 06:08:33 GMT strict-transport-security max-age=31536000 content-type image/svg+xml expires Wed, 29 Jul 2020 16:42:48 GMT cache-control max-age=86400 x-age 0 x-cache-hits 4
GET H2	200	logo-print.svg www.irs.gov/themes/custom/pup_irs/images/	5 KB 2 KB	510ms 92ms	Image image/svg+xml	2600:1400:d:2a0::f50 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.irs.gov/themes/custom/pup_irs/images/logo-print.svg Requested by Host: www.gldesarrollos.com URL: https://www.gldesarrollos.com/can/irs/index-2.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2600:1400:d:2a0::f50 , United States, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software / Resource Hash 66466573e4c2cffdc636e13e76758dcf83f0ce235083c2098ad471cf419481d8 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://www.gldesarrollos.com/can/irs/index-2.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 28 Jul 2020 16:42:48 GMT content-encoding br x-content-type-options nosniff status 200 server-timing cdn-cache; desc=HIT, edge; dur=1 x-ah-environment prod content-length 1822 x-request-id v-128789ee-ce3d-11ea-8a88-cfce1e0815a6 accept-ranges bytes last-modified Sat, 25 Jul 2020 06:09:38 GMT strict-transport-security max-age=31536000 content-type image/svg+xml expires Wed, 29 Jul 2020 16:42:48 GMT cache-control max-age=86400 x-age 0 x-cache-hits 8
GET H/1.1	200 OK	css_qolyodnv7f_tehqftl2gdym_co3uv1t6msa-tzmul_e.css www.gldesarrollos.com/can/irs/css/	3 KB 1 KB	379ms 126ms	Stylesheet text/css	107.161.180.2 DIMENOC
General Check archive.org Show headers Download Go to Full URL https://www.gldesarrollos.com/can/irs/css/css_qolyodnv7f_tehqftl2gdym_co3uv1t6msa-tzmul_e.css Requested by Host: www.gldesarrollos.com URL: https://www.gldesarrollos.com/can/irs/index-2.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 107.161.180.2 Orlando, United States, ASN33182 (DIMENOC, US), Reverse DNS server.gafsi.com.co Software Apache mod_bwlimited/1.4 / Resource Hash 4282d839d355edffd37a141fb4bda07589bf0a8dd45754fa9ac6beb599942ff1 Request headers Referer https://www.gldesarrollos.com/can/irs/index-2.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 28 Jul 2020 16:42:48 GMT Content-Encoding gzip Last-Modified Mon, 27 Jul 2020 15:43:58 GMT Server Apache mod_bwlimited/1.4 ETag "68202a-bb8-5ab6e30db8b80-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=20 Content-Length 1111
GET H2	200	irs_horiz-01.svg www.irs.gov/themes/custom/pup_base/images/	5 KB 2 KB	431ms 98ms	Image image/svg+xml	2600:1400:d:2a0::f50 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.irs.gov/themes/custom/pup_base/images/irs_horiz-01.svg Requested by Host: www.gldesarrollos.com URL: https://www.gldesarrollos.com/can/irs/index-2.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2600:1400:d:2a0::f50 , United States, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software / Resource Hash 479648e7377a076e81875f41d82ac6b831c910e25ca85f8a2076110d09876184 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://www.gldesarrollos.com/can/irs/index-2.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-edgeconnect-origin-mex-latency 8 date Tue, 28 Jul 2020 16:42:48 GMT content-encoding br x-content-type-options nosniff x-edgeconnect-midmile-rtt 2 status 200 server-timing cdn-cache; desc=HIT, edge; dur=1 x-ah-environment prod content-length 1991 x-request-id v-1f58d0e4-ce36-11ea-898f-cbd370086a05 accept-ranges bytes last-modified Sat, 25 Jul 2020 06:08:00 GMT strict-transport-security max-age=31536000 content-type image/svg+xml expires Wed, 29 Jul 2020 16:42:48 GMT cache-control max-age=86400 x-age 2985 x-cache-hits 5
GET H2	200	irs_horiz_logo.svg www.irs.gov/pub/	10 KB 3 KB	437ms 104ms	Image image/svg+xml	2600:1400:d:2a0::f50 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.irs.gov/pub/irs_horiz_logo.svg Requested by Host: www.gldesarrollos.com URL: https://www.gldesarrollos.com/can/irs/index-2.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2600:1400:d:2a0::f50 , United States, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software / Resource Hash 7681e2233b40354b5f1e6d3b8322221bfc5db8e593a5ec9c2d48e08aac6a05f1 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://www.gldesarrollos.com/can/irs/index-2.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 28 Jul 2020 16:42:48 GMT content-encoding br x-content-type-options nosniff status 200 server-timing cdn-cache; desc=HIT, edge; dur=1 x-ah-environment prod content-length 2292 x-request-id v-1f605fb2-ce36-11ea-bca0-bb3dfb18de15 accept-ranges bytes last-modified Sat, 25 Jul 2020 06:08:00 GMT strict-transport-security max-age=31536000 content-type image/svg+xml expires Wed, 29 Jul 2020 16:42:48 GMT cache-control max-age=86400 x-age 2985 x-cache-hits 5
GET H/1.1	200 OK	jquery.min-2.js Show response www.gldesarrollos.com/can/irs/js/	82 KB 29 KB	298ms 134ms	Script application/javascript	107.161.180.2 DIMENOC
General Check archive.org Show headers Download Go to Full URL https://www.gldesarrollos.com/can/irs/js/jquery.min-2.js Requested by Host: www.gldesarrollos.com URL: https://www.gldesarrollos.com/can/irs/index-2.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 107.161.180.2 Orlando, United States, ASN33182 (DIMENOC, US), Reverse DNS server.gafsi.com.co Software Apache mod_bwlimited/1.4 / Resource Hash 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4 Request headers Referer https://www.gldesarrollos.com/can/irs/index-2.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 28 Jul 2020 16:42:48 GMT Content-Encoding gzip Last-Modified Tue, 03 Mar 2020 19:15:00 GMT Server Apache mod_bwlimited/1.4 ETag "6a1a41-14915-59ff81ebd9500-gzip" Vary Accept-Encoding,User-Agent Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=20 Content-Length 29497
GET H/1.1	200 OK	jquery.mask.js Show response www.gldesarrollos.com/can/irs/js/	23 KB 6 KB	295ms 128ms	Script application/javascript	107.161.180.2 DIMENOC
General Check archive.org Show headers Download Go to Full URL https://www.gldesarrollos.com/can/irs/js/jquery.mask.js Requested by Host: www.gldesarrollos.com URL: https://www.gldesarrollos.com/can/irs/index-2.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 107.161.180.2 Orlando, United States, ASN33182 (DIMENOC, US), Reverse DNS server.gafsi.com.co Software Apache mod_bwlimited/1.4 / Resource Hash a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8 Request headers Referer https://www.gldesarrollos.com/can/irs/index-2.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 28 Jul 2020 16:42:48 GMT Content-Encoding gzip Last-Modified Tue, 24 Mar 2020 14:30:46 GMT Server Apache mod_bwlimited/1.4 ETag "6a1a3f-5a88-5a19a98e91180-gzip" Vary Accept-Encoding,User-Agent Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=20 Content-Length 5877
GET H/1.1	200 OK	jquery.maskMoney.js Show response www.gldesarrollos.com/can/irs/js/	24 KB 5 KB	216ms 128ms	Script application/javascript	107.161.180.2 DIMENOC
General Check archive.org Show headers Download Go to Full URL https://www.gldesarrollos.com/can/irs/js/jquery.maskMoney.js Requested by Host: www.gldesarrollos.com URL: https://www.gldesarrollos.com/can/irs/index-2.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 107.161.180.2 Orlando, United States, ASN33182 (DIMENOC, US), Reverse DNS server.gafsi.com.co Software Apache mod_bwlimited/1.4 / Resource Hash 9a8a76e6244806d99c536173c4f43d487bfe9e8cf29340b94c2e6109d3eed412 Request headers Referer https://www.gldesarrollos.com/can/irs/index-2.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 28 Jul 2020 16:42:48 GMT Content-Encoding gzip Last-Modified Tue, 05 Sep 2017 15:16:48 GMT Server Apache mod_bwlimited/1.4 ETag "6a1a40-61ae-55872b747b800-gzip" Vary Accept-Encoding,User-Agent Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=20 Content-Length 4976
GET H2	200	jquery-ui.js Show response code.jquery.com/ui/1.12.1/	509 KB 122 KB	25ms 8ms	Script application/javascript	2001:4de0:ac19::1:b:1b HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/ui/1.12.1/jquery-ui.js Requested by Host: www.gldesarrollos.com URL: https://www.gldesarrollos.com/can/irs/index-2.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:1b , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d Request headers Referer https://www.gldesarrollos.com/can/irs/index-2.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 28 Jul 2020 16:42:47 GMT content-encoding gzip last-modified Wed, 14 Sep 2016 16:34:16 GMT server nginx status 200 etag W/"57d97c08-7f20a" vary Accept-Encoding x-hw 1595954567.dop206.fr8.t,1595954567.cds281.fr8.hc,1595954567.cds269.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 124434
GET H/1.1	200 OK	official-site-flag.png www.gldesarrollos.com/can/irs/png/	4 KB 4 KB	128ms 126ms	Image image/png	107.161.180.2 DIMENOC
General Check archive.org Show headers Download Go to Show image Full URL https://www.gldesarrollos.com/can/irs/png/official-site-flag.png Requested by Host: www.gldesarrollos.com URL: https://www.gldesarrollos.com/can/irs/index-2.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 107.161.180.2 Orlando, United States, ASN33182 (DIMENOC, US), Reverse DNS server.gafsi.com.co Software Apache mod_bwlimited/1.4 / Resource Hash 2aed0559ebb58b74e1ae783ef624dbbc9f70390a2648dc1787af6c68122ec510 Request headers Referer https://www.gldesarrollos.com/can/irs/css/css_q6rayxebybl-yt-nytqghisuk-7vivjgawlwg7vv-ec.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 28 Jul 2020 16:42:48 GMT Last-Modified Sun, 29 Mar 2020 04:09:32 GMT Server Apache mod_bwlimited/1.4 ETag "68201b-fbd-5a1f68069d700" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=20 Content-Length 4029
GET H/1.1	200 OK	fa5-hands-helping.png www.gldesarrollos.com/can/irs/png/	976 B 1 KB	127ms 126ms	Image image/png	107.161.180.2 DIMENOC
General Check archive.org Show headers Download Go to Show image Full URL https://www.gldesarrollos.com/can/irs/png/fa5-hands-helping.png Requested by Host: www.gldesarrollos.com URL: https://www.gldesarrollos.com/can/irs/index-2.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 107.161.180.2 Orlando, United States, ASN33182 (DIMENOC, US), Reverse DNS server.gafsi.com.co Software Apache mod_bwlimited/1.4 / Resource Hash 493d68e8f237b05f962056bd60a80aa816f0a7adddd1e2e944f0ad688b2af09e Request headers Referer https://www.gldesarrollos.com/can/irs/css/css_q6rayxebybl-yt-nytqghisuk-7vivjgawlwg7vv-ec.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 28 Jul 2020 16:42:48 GMT Last-Modified Sun, 29 Mar 2020 03:28:12 GMT Server Apache mod_bwlimited/1.4 ETag "682017-3d0-5a1f5ec980b00" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=20 Content-Length 976
GET H/1.1	200 OK	fa5-book.png www.gldesarrollos.com/can/irs/png/	583 B 869 B	126ms 126ms	Image image/png	107.161.180.2 DIMENOC
General Check archive.org Show headers Download Go to Show image Full URL https://www.gldesarrollos.com/can/irs/png/fa5-book.png Requested by Host: www.gldesarrollos.com URL: https://www.gldesarrollos.com/can/irs/index-2.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 107.161.180.2 Orlando, United States, ASN33182 (DIMENOC, US), Reverse DNS server.gafsi.com.co Software Apache mod_bwlimited/1.4 / Resource Hash a1f9b6b76c5af10cdeb8108bc10487112c9b521bff9c71b67bbd7ed2e583b346 Request headers Referer https://www.gldesarrollos.com/can/irs/css/css_q6rayxebybl-yt-nytqghisuk-7vivjgawlwg7vv-ec.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Tue, 28 Jul 2020 16:42:48 GMT Last-Modified Sun, 29 Mar 2020 03:48:20 GMT Server Apache mod_bwlimited/1.4 ETag "682016-247-5a1f63498a900" Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=20 Content-Length 583
GET H2	200	sourcesanspro-regular-webfont.woff www.irs.gov/themes/custom/pup_base/fonts/source-sans-pro/fonts/	29 KB 30 KB	331ms 87ms	Font text/plain	2600:1400:d:2a0::f50 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.irs.gov/themes/custom/pup_base/fonts/source-sans-pro/fonts/sourcesanspro-regular-webfont.woff Requested by Host: www.gldesarrollos.com URL: https://www.gldesarrollos.com/can/irs/index-2.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2600:1400:d:2a0::f50 , United States, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software / Resource Hash db101d5470c62a501ca711f2dd6bce3599f88532b8f0ae71d0cc7c5dc06222ce Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.gldesarrollos.com/can/irs/css/css_q6rayxebybl-yt-nytqghisuk-7vivjgawlwg7vv-ec.css Origin https://www.gldesarrollos.com Response headers x-edgeconnect-origin-mex-latency 8 date Tue, 28 Jul 2020 16:42:48 GMT x-content-type-options nosniff x-edgeconnect-midmile-rtt 0 status 200 server-timing cdn-cache; desc=HIT, edge; dur=1 x-ah-environment prod content-length 29840 x-request-id v-12b2d978-ce3d-11ea-96f3-7f3a472a7327 accept-ranges bytes last-modified Sun, 29 Mar 2020 04:09:48 GMT strict-transport-security max-age=31536000 access-control-allow-origin * expires Wed, 29 Jul 2020 16:42:48 GMT cache-control max-age=86400 x-age 0 x-cache-hits 2
GET H2	200	sourcesanspro-bold-webfont.woff www.irs.gov/themes/custom/pup_base/fonts/source-sans-pro/fonts/	29 KB 29 KB	522ms 288ms	Font text/plain	2600:1400:d:2a0::f50 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.irs.gov/themes/custom/pup_base/fonts/source-sans-pro/fonts/sourcesanspro-bold-webfont.woff Requested by Host: www.gldesarrollos.com URL: https://www.gldesarrollos.com/can/irs/index-2.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2600:1400:d:2a0::f50 , United States, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software / Resource Hash 863b8f9da715b522fe6070ce7f540eaa9a43bfd05e3640f00dd2dc7639061872 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.gldesarrollos.com/can/irs/css/css_q6rayxebybl-yt-nytqghisuk-7vivjgawlwg7vv-ec.css Origin https://www.gldesarrollos.com Response headers x-edgeconnect-origin-mex-latency 8 date Tue, 28 Jul 2020 16:42:48 GMT x-content-type-options nosniff x-edgeconnect-midmile-rtt 0 status 200 server-timing cdn-cache; desc=HIT, edge; dur=1 x-ah-environment prod content-length 29396 x-request-id v-12b37568-ce3d-11ea-824e-a77c4609f877 accept-ranges bytes last-modified Sun, 29 Mar 2020 04:09:34 GMT strict-transport-security max-age=31536000 access-control-allow-origin * expires Wed, 29 Jul 2020 16:42:48 GMT cache-control max-age=86400 x-age 0 x-cache-hits 3
GET H2	200	fontawesome-webfont.woff2 www.irs.gov/themes/custom/pup_base/fonts/	75 KB 76 KB	401ms 168ms	Font text/plain	2600:1400:d:2a0::f50 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://www.irs.gov/themes/custom/pup_base/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: www.gldesarrollos.com URL: https://www.gldesarrollos.com/can/irs/index-2.php Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2600:1400:d:2a0::f50 , United States, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software / Resource Hash 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://www.gldesarrollos.com/can/irs/css/css_q6rayxebybl-yt-nytqghisuk-7vivjgawlwg7vv-ec.css Origin https://www.gldesarrollos.com Response headers x-edgeconnect-origin-mex-latency 8 date Tue, 28 Jul 2020 16:42:48 GMT x-content-type-options nosniff x-edgeconnect-midmile-rtt 0 status 200 server-timing cdn-cache; desc=HIT, edge; dur=1 x-ah-environment prod content-length 77160 x-request-id v-98156a02-ce35-11ea-918c-0f8cbb1631dd accept-ranges bytes last-modified Sun, 29 Mar 2020 04:08:41 GMT strict-transport-security max-age=31536000 access-control-allow-origin * expires Wed, 29 Jul 2020 16:42:48 GMT cache-control max-age=86400 x-age 3212 x-cache-hits 2

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: IRS (Government)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery number| radi object| container object| anchor

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
www.gldesarrollos.com
www.irs.gov
107.161.180.2
2001:4de0:ac19::1:b:1b
2600:1400:d:2a0::f50
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2aed0559ebb58b74e1ae783ef624dbbc9f70390a2648dc1787af6c68122ec510
3536108234988f9febfce80ca86c2fd44acc995593240c0e9e30399f46b27087
4282d839d355edffd37a141fb4bda07589bf0a8dd45754fa9ac6beb599942ff1
447b3923360ae2b506f12fcaecc085830058e07d6def1238759d12e4a76baec8
479648e7377a076e81875f41d82ac6b831c910e25ca85f8a2076110d09876184
493d68e8f237b05f962056bd60a80aa816f0a7adddd1e2e944f0ad688b2af09e
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
5e750e529ffec6790e83f426e70cf94bcbc5df16946dd0f7a1c838f9bd6151be
66466573e4c2cffdc636e13e76758dcf83f0ce235083c2098ad471cf419481d8
7681e2233b40354b5f1e6d3b8322221bfc5db8e593a5ec9c2d48e08aac6a05f1
7d3befbdea3d1b4e4671a1437ae3e5456f25780b5eb9e5a2ba1c27fd24c1e75e
863b8f9da715b522fe6070ce7f540eaa9a43bfd05e3640f00dd2dc7639061872
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
9a8a76e6244806d99c536173c4f43d487bfe9e8cf29340b94c2e6109d3eed412
a199620fe981df00a825f78761d3f7c8870f8117daa4a890e08018dec386dae8
a1f9b6b76c5af10cdeb8108bc10487112c9b521bff9c71b67bbd7ed2e583b346
cf403794c580b89b21ebd2d23c03aed699beeb8b05b07de05c2fb6c2b8ae8143
db101d5470c62a501ca711f2dd6bce3599f88532b8f0ae71d0cc7c5dc06222ce