irssite.netlify.app Open in urlscan Pro
2a03:b0c0:3:e0::26f:c001  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request notice Show response irssite.netlify.app/stimulus/	26 KB 6 KB	33ms 6ms	Document text/html	2a03:b0c0:3:e0::26f:c001 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://irssite.netlify.app/stimulus/notice Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:b0c0:3:e0::26f:c001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Netlify / Resource Hash c2a4182b6c03b858d272c19cd31f7c93ae7e698fa4bb6ccd01a5936c0345ce01 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers :method GET :authority irssite.netlify.app :scheme https :path /stimulus/notice pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 cache-control public, max-age=0, must-revalidate content-type text/html; charset=UTF-8 date Fri, 19 Jun 2020 20:21:20 GMT etag "3f99bb8dc49c397297893ddcad540a96-ssl-df" link <https://www.xn--rs-sja.com/notice.html>; rel="canonical" strict-transport-security max-age=31536000 content-encoding gzip content-length 5863 age 6236 server Netlify vary Accept-Encoding x-nf-request-id 2959bec7-845f-43c5-97b4-f863aaf9aaee-684183
GET H2	200	bootstrap.min.css irssite.netlify.app/style/	170 KB 20 KB	14ms 9ms	Stylesheet text/css	2a03:b0c0:3:e0::26f:c001 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://irssite.netlify.app/style/bootstrap.min.css Requested by Host: irssite.netlify.app URL: https://irssite.netlify.app/stimulus/notice Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:b0c0:3:e0::26f:c001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Netlify / Resource Hash d2c5b6c1c562cbb085b1ff774074c265e1ca4c9df67d813b49864e1badab2cc6 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://irssite.netlify.app/stimulus/notice User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-nf-request-id 2959bec7-845f-43c5-97b4-f863aaf9aaee-684189 date Fri, 19 Jun 2020 20:21:12 GMT content-encoding br server Netlify age 6244 etag "a5d714f6e04e32b35e4a407cc6bce708-ssl-df" vary Accept-Encoding content-type text/css; charset=UTF-8 status 200 cache-control public, max-age=0, must-revalidate strict-transport-security max-age=31536000 accept-ranges bytes content-length 20371
GET H2	200	jquery-ui.min.css irssite.netlify.app/style/	37 KB 7 KB	20ms 15ms	Stylesheet text/css	2a03:b0c0:3:e0::26f:c001 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://irssite.netlify.app/style/jquery-ui.min.css Requested by Host: irssite.netlify.app URL: https://irssite.netlify.app/stimulus/notice Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:b0c0:3:e0::26f:c001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Netlify / Resource Hash b87204ed530c0cbb8ed92cf6c14aa2812b64bd65815a4225bce8f695a7fad817 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://irssite.netlify.app/stimulus/notice User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-nf-request-id 2959bec7-845f-43c5-97b4-f863aaf9aaee-684190 date Fri, 19 Jun 2020 20:21:12 GMT content-encoding br server Netlify age 6244 etag "3448e4136adf15e38791fdaf26ffcea4-ssl-df" vary Accept-Encoding content-type text/css; charset=UTF-8 status 200 cache-control public, max-age=0, must-revalidate strict-transport-security max-age=31536000 accept-ranges bytes content-length 7559
GET H2	200	irs.css irssite.netlify.app/style/	5 KB 1 KB	19ms 15ms	Stylesheet text/css	2a03:b0c0:3:e0::26f:c001 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://irssite.netlify.app/style/irs.css Requested by Host: irssite.netlify.app URL: https://irssite.netlify.app/stimulus/notice Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:b0c0:3:e0::26f:c001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Netlify / Resource Hash b399d3e3c91380769134cf0e7fedf2397fdc3a28733e07b3b4ba8deb5e4a4ed4 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://irssite.netlify.app/stimulus/notice User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-nf-request-id 2959bec7-845f-43c5-97b4-f863aaf9aaee-684191 date Fri, 19 Jun 2020 20:21:12 GMT content-encoding br server Netlify age 6244 etag "20a136f9d8c73d25250f5b924d326d57-ssl-df" vary Accept-Encoding content-type text/css; charset=UTF-8 status 200 cache-control public, max-age=0, must-revalidate strict-transport-security max-age=31536000 accept-ranges bytes content-length 1098
GET H2	200	app.css irssite.netlify.app/style/	9 KB 2 KB	20ms 16ms	Stylesheet text/css	2a03:b0c0:3:e0::26f:c001 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://irssite.netlify.app/style/app.css Requested by Host: irssite.netlify.app URL: https://irssite.netlify.app/stimulus/notice Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:b0c0:3:e0::26f:c001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Netlify / Resource Hash c30da62c661563140adaa8c6b15daa1841a8d2bb4a6593dd92711e0681500262 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://irssite.netlify.app/stimulus/notice User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-nf-request-id 2959bec7-845f-43c5-97b4-f863aaf9aaee-684192 date Fri, 19 Jun 2020 20:21:12 GMT content-encoding br server Netlify age 6244 etag "219e7d222ff4c1254d4a3199db4952ad-ssl-df" vary Accept-Encoding content-type text/css; charset=UTF-8 status 200 cache-control public, max-age=0, must-revalidate strict-transport-security max-age=31536000 accept-ranges bytes content-length 2055
GET H2	200	wmsp-shared-secrets.css irssite.netlify.app/style/	2 KB 705 B	18ms 14ms	Stylesheet text/css	2a03:b0c0:3:e0::26f:c001 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://irssite.netlify.app/style/wmsp-shared-secrets.css Requested by Host: irssite.netlify.app URL: https://irssite.netlify.app/stimulus/notice Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:b0c0:3:e0::26f:c001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Netlify / Resource Hash ca510d720c4d8a2a1f23d0c1d6926149bc1a5ef1eb9725070cefc535b0a44336 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://irssite.netlify.app/stimulus/notice User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-nf-request-id 2959bec7-845f-43c5-97b4-f863aaf9aaee-684193 date Fri, 19 Jun 2020 20:21:12 GMT content-encoding br server Netlify age 6244 etag "b2a7f8d9ff74a8c264e05b44628aef74-ssl-df" vary Accept-Encoding content-type text/css; charset=UTF-8 status 200 cache-control public, max-age=0, must-revalidate strict-transport-security max-age=31536000 accept-ranges bytes content-length 596
GET H2	200	wmsp-error.css irssite.netlify.app/style/	454 B 608 B	10ms 7ms	Stylesheet text/css	2a03:b0c0:3:e0::26f:c001 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://irssite.netlify.app/style/wmsp-error.css Requested by Host: irssite.netlify.app URL: https://irssite.netlify.app/stimulus/notice Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:b0c0:3:e0::26f:c001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Netlify / Resource Hash eaf65a87e52fc01512950317a882e7cafbdba46332afb77309f2b881ce7832a8 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://irssite.netlify.app/stimulus/notice User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-nf-request-id 2959bec7-845f-43c5-97b4-f863aaf9aaee-684194 date Fri, 19 Jun 2020 20:21:12 GMT server Netlify age 6244 etag "d63653cb717396e79e6ca3371182cb90-ssl" strict-transport-security max-age=31536000 content-type text/css; charset=UTF-8 status 200 cache-control public, max-age=0, must-revalidate accept-ranges bytes content-length 454
GET H2	200	wmsp-results.css irssite.netlify.app/style/	1 KB 529 B	19ms 15ms	Stylesheet text/css	2a03:b0c0:3:e0::26f:c001 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://irssite.netlify.app/style/wmsp-results.css Requested by Host: irssite.netlify.app URL: https://irssite.netlify.app/stimulus/notice Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:b0c0:3:e0::26f:c001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Netlify / Resource Hash d0469e8121de1bc2c2c2536dad1715ffc5c3cbcb0af820c588b6d614de7ce9f9 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://irssite.netlify.app/stimulus/notice User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-nf-request-id 2959bec7-845f-43c5-97b4-f863aaf9aaee-684195 date Fri, 19 Jun 2020 20:21:12 GMT content-encoding br server Netlify age 6244 etag "d9da77bb7963520b91b62f1da0e34bb4-ssl-df" vary Accept-Encoding content-type text/css; charset=UTF-8 status 200 cache-control public, max-age=0, must-revalidate strict-transport-security max-age=31536000 accept-ranges bytes content-length 421
GET H2	200	logo.png irssite.netlify.app/images/	5 KB 5 KB	10ms 8ms	Image image/png	2a03:b0c0:3:e0::26f:c001 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://irssite.netlify.app/images/logo.png Requested by Host: irssite.netlify.app URL: https://irssite.netlify.app/stimulus/notice Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:b0c0:3:e0::26f:c001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Netlify / Resource Hash 02ceea374fce34ce8272bb17a67fd862c8ff49eeb05938154570701ca7a62ea7 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://irssite.netlify.app/stimulus/notice User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-nf-request-id 2959bec7-845f-43c5-97b4-f863aaf9aaee-684196 date Fri, 19 Jun 2020 20:21:12 GMT server Netlify age 6244 etag "dd2476d3d32d92b43a03724eacd6a5c9-ssl" strict-transport-security max-age=31536000 content-type image/png status 200 cache-control public, max-age=0, must-revalidate accept-ranges bytes content-length 4640
GET H2	200	calendar.svg irssite.netlify.app/images/	900 B 1015 B	11ms 8ms	Image image/svg+xml	2a03:b0c0:3:e0::26f:c001 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://irssite.netlify.app/images/calendar.svg Requested by Host: irssite.netlify.app URL: https://irssite.netlify.app/stimulus/notice Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:b0c0:3:e0::26f:c001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Netlify / Resource Hash 9dd8c855600c0441a4ab67c11453935f195b0a2e48c930ec54ad327f6906635b Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://irssite.netlify.app/stimulus/notice User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-nf-request-id 2959bec7-845f-43c5-97b4-f863aaf9aaee-684197 date Fri, 19 Jun 2020 20:21:12 GMT server Netlify age 6244 etag "23dfcaf8ea3627c7e8c69b38192df39e-ssl" strict-transport-security max-age=31536000 content-type image/svg+xml status 200 cache-control public, max-age=0, must-revalidate accept-ranges bytes content-length 900
GET H2	200	irs_horiz_white.png irssite.netlify.app/images/	1 KB 2 KB	11ms 9ms	Image image/png	2a03:b0c0:3:e0::26f:c001 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://irssite.netlify.app/images/irs_horiz_white.png Requested by Host: irssite.netlify.app URL: https://irssite.netlify.app/stimulus/notice Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:b0c0:3:e0::26f:c001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Netlify / Resource Hash 5d3238bdb8ee9440978b31fadb2af34965dca58b179a1225e13316d4c6cfd5e8 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://irssite.netlify.app/stimulus/notice User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-nf-request-id 2959bec7-845f-43c5-97b4-f863aaf9aaee-684198 date Fri, 19 Jun 2020 20:21:12 GMT server Netlify age 6244 etag "2fe9eb3be08100bb05682f1934564721-ssl" strict-transport-security max-age=31536000 content-type image/png status 200 cache-control public, max-age=0, must-revalidate accept-ranges bytes content-length 1498
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.5.1/	87 KB 30 KB	9ms 6ms	Script text/javascript	2a00:1450:4001:81b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Requested by Host: irssite.netlify.app URL: https://irssite.netlify.app/stimulus/notice Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://irssite.netlify.app/stimulus/notice User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 09 Jun 2020 21:39:20 GMT content-encoding gzip x-content-type-options nosniff age 865556 status 200 alt-svc h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 31021 x-xss-protection 0 last-modified Fri, 08 May 2020 07:05:03 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Wed, 09 Jun 2021 21:39:20 GMT
GET H2	200	bootstrap.min.js Show response maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/	39 KB 11 KB	33ms 8ms	Script text/javascript	2001:4de0:ac19::1:b:3a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/3.4.1/js/bootstrap.min.js Requested by Host: irssite.netlify.app URL: https://irssite.netlify.app/stimulus/notice Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software / Resource Hash 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://irssite.netlify.app/stimulus/notice User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 19 Jun 2020 22:05:16 GMT content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Feb 2019 16:41:46 GMT status 200 etag "1550076106" vary Accept-Encoding x-cache HIT content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cross-origin-resource-policy cross-origin accept-ranges bytes timing-allow-origin * content-length 10940
GET H2	200	jquery-ui.css ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/	36 KB 8 KB	15ms 12ms	Stylesheet text/css	2a00:1450:4001:81b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.css Requested by Host: irssite.netlify.app URL: https://irssite.netlify.app/stimulus/notice Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://irssite.netlify.app/stimulus/notice User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 11 Jun 2020 05:11:17 GMT content-encoding gzip x-content-type-options nosniff age 752039 status 200 alt-svc h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8422 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/css; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 11 Jun 2021 05:11:17 GMT
GET H2	200	jquery-ui.min.js Show response ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/	248 KB 66 KB	11ms 8ms	Script text/javascript	2a00:1450:4001:81b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/jquery-ui.min.js Requested by Host: irssite.netlify.app URL: https://irssite.netlify.app/stimulus/notice Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://irssite.netlify.app/stimulus/notice User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 13 Jun 2020 02:20:12 GMT content-encoding gzip x-content-type-options nosniff age 589504 status 200 alt-svc h3-28=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 67948 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 13 Jun 2021 02:20:12 GMT
GET H2	200	expire.js Show response sa.www4.irs.gov/irfof-wmsp/commons-web/expire/2.0.0/	3 KB 1 KB	575ms 98ms	Script application/javascript	2600:1400:d:2a4::1301 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://sa.www4.irs.gov/irfof-wmsp/commons-web/expire/2.0.0/expire.js Requested by Host: irssite.netlify.app URL: https://irssite.netlify.app/stimulus/notice Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2600:1400:d:2a4::1301 , United States, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software / Resource Hash d84d96dee8f47b0682ff6aea04bcb80d792d47d836af6cc0a5489fc24511c935 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://irssite.netlify.app/stimulus/notice User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 19 Jun 2020 22:05:16 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 25 Jul 2019 22:25:12 GMT x-frame-options SAMEORIGIN content-type application/javascript status 200 cache-control max-age=21600 strict-transport-security max-age=31536000 vary Accept-Encoding content-length 1085 x-xss-protection 1; mode=block expires Sat, 20 Jun 2020 04:05:16 GMT
GET H2	200	fluidDialog.js Show response sa.www4.irs.gov/irfof-wmsp/commons-web/expire/2.0.0/	841 B 665 B	579ms 102ms	Script application/javascript	2600:1400:d:2a4::1301 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://sa.www4.irs.gov/irfof-wmsp/commons-web/expire/2.0.0/fluidDialog.js Requested by Host: irssite.netlify.app URL: https://irssite.netlify.app/stimulus/notice Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2600:1400:d:2a4::1301 , United States, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software / Resource Hash 9551a6fca7a5633b5d8c174b6402878a5fade1c090086f2256d10393e4ed8e15 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://irssite.netlify.app/stimulus/notice User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 19 Jun 2020 22:05:16 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 25 Jul 2019 22:25:12 GMT x-frame-options SAMEORIGIN content-type application/javascript status 200 cache-control max-age=21600 strict-transport-security max-age=31536000 vary Accept-Encoding content-length 415 x-xss-protection 1; mode=block expires Sat, 20 Jun 2020 04:05:16 GMT
GET H2	404	swirl_lighter_ca6f4deb.png irssite.netlify.app/stimulus/images/	3 KB 3 KB	18ms 18ms	Image text/html	2a03:b0c0:3:e0::26f:c001 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://irssite.netlify.app/stimulus/images/swirl_lighter_ca6f4deb.png Requested by Host: irssite.netlify.app URL: https://irssite.netlify.app/stimulus/notice Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:b0c0:3:e0::26f:c001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Netlify / Resource Hash 82a0446024f6c4e02a4d51e0ee30e0d6418faa23064a52fd5586c1d4d7c8041d Request headers Referer https://irssite.netlify.app/style/app.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-nf-request-id 2959bec7-845f-43c5-97b4-f863aaf9aaee-684207 date Fri, 19 Jun 2020 20:21:29 GMT content-encoding br server Netlify age 6227 etag 1591848420-ssl-df vary Accept-Encoding content-type text/html; charset=utf-8 status 404 cache-control public, max-age=0, must-revalidate content-length 1057
GET H2	200	official-site-flag.png www.irs.gov/themes/custom/pup_base/images/	4 KB 4 KB	452ms 91ms	Image image/png	2600:1400:d:2a0::f50 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://www.irs.gov/themes/custom/pup_base/images/official-site-flag.png Requested by Host: irssite.netlify.app URL: https://irssite.netlify.app/stimulus/notice Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2600:1400:d:2a0::f50 , United States, ASN20940 (AKAMAI-ASN1, EU), Reverse DNS Software / Resource Hash 2aed0559ebb58b74e1ae783ef624dbbc9f70390a2648dc1787af6c68122ec510 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff Request headers Referer https://irssite.netlify.app/style/app.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Fri, 19 Jun 2020 22:05:16 GMT x-content-type-options nosniff last-modified Sun, 29 Mar 2020 04:09:48 GMT strict-transport-security max-age=31536000 content-type image/png status 200 x-ah-environment prod cache-control max-age=86400 x-cache-hits 58 server-timing cdn-cache; desc=HIT, edge; dur=1 accept-ranges bytes x-age 821213 content-length 4029 x-request-id v-36736eea-71ef-11ea-adcc-e3ca7fb6ec6e expires Sat, 20 Jun 2020 22:05:16 GMT
GET H2	200	help-tip.svg irssite.netlify.app/images/	1 KB 727 B	7ms 7ms	Image image/svg+xml	2a03:b0c0:3:e0::26f:c001 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Show image Full URL https://irssite.netlify.app/images/help-tip.svg Requested by Host: irssite.netlify.app URL: https://irssite.netlify.app/stimulus/notice Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:b0c0:3:e0::26f:c001 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software Netlify / Resource Hash f6e8d67f1d2776a49472171e766da78d610e1e0f47fcee02f34c14a2a85108bc Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://irssite.netlify.app/style/wmsp-shared-secrets.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers x-nf-request-id 2959bec7-845f-43c5-97b4-f863aaf9aaee-684209 date Fri, 19 Jun 2020 20:21:13 GMT content-encoding br server Netlify age 6243 etag "64704cf04e30e62c6c5cb6437ac06b8f-ssl-df" vary Accept-Encoding content-type image/svg+xml status 200 cache-control public, max-age=0, must-revalidate strict-transport-security max-age=31536000 accept-ranges bytes content-length 592

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: IRS (Government)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| openIrsPage function| openIrsAccessibility function| openIrsPrivacyPolicy function| switchLanguage function| logout function| sessionTimeout boolean| timeoutView boolean| logoutView function| onCollapsibleClicked function| onThereAreValidationErrors function| $ function| jQuery object| expireManager

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
irssite.netlify.app
maxcdn.bootstrapcdn.com
sa.www4.irs.gov
www.irs.gov
2001:4de0:ac19::1:b:3a
2600:1400:d:2a0::f50
2600:1400:d:2a4::1301
2a00:1450:4001:81b::200a
2a03:b0c0:3:e0::26f:c001
02ceea374fce34ce8272bb17a67fd862c8ff49eeb05938154570701ca7a62ea7
2aed0559ebb58b74e1ae783ef624dbbc9f70390a2648dc1787af6c68122ec510
55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5
5d3238bdb8ee9440978b31fadb2af34965dca58b179a1225e13316d4c6cfd5e8
82a0446024f6c4e02a4d51e0ee30e0d6418faa23064a52fd5586c1d4d7c8041d
9551a6fca7a5633b5d8c174b6402878a5fade1c090086f2256d10393e4ed8e15
9dd8c855600c0441a4ab67c11453935f195b0a2e48c930ec54ad327f6906635b
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
b399d3e3c91380769134cf0e7fedf2397fdc3a28733e07b3b4ba8deb5e4a4ed4
b87204ed530c0cbb8ed92cf6c14aa2812b64bd65815a4225bce8f695a7fad817
c2a4182b6c03b858d272c19cd31f7c93ae7e698fa4bb6ccd01a5936c0345ce01
c30da62c661563140adaa8c6b15daa1841a8d2bb4a6593dd92711e0681500262
ca510d720c4d8a2a1f23d0c1d6926149bc1a5ef1eb9725070cefc535b0a44336
d0469e8121de1bc2c2c2536dad1715ffc5c3cbcb0af820c588b6d614de7ce9f9
d2c5b6c1c562cbb085b1ff774074c265e1ca4c9df67d813b49864e1badab2cc6
d84d96dee8f47b0682ff6aea04bcb80d792d47d836af6cc0a5489fc24511c935
eaf65a87e52fc01512950317a882e7cafbdba46332afb77309f2b881ce7832a8
f6e8d67f1d2776a49472171e766da78d610e1e0f47fcee02f34c14a2a85108bc
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702