probrandingusa.com Open in urlscan Pro
2a06:98c1:3120::3  Malicious Activity! Public Scan

Submitted URL: https://probrandingusa.com/irsus/
Effective URL: https://probrandingusa.com/irsus/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=881213&ses...
Submission: On October 31 via api from JP — Scanned from NL

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 15 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is probrandingusa.com.
TLS certificate: Issued by GTS CA 1P5 on October 24th 2023. Valid for: 3 months.
This is the only time probrandingusa.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: IRS (Government)

Domain & IP information

IP Address AS Autonomous System
15 2a06:98c1:312... 13335 (CLOUDFLAR...)
15 1
Apex Domain
Subdomains
Transfer
15 probrandingusa.com
probrandingusa.com
58 KB
15 1
Domain Requested by
15 probrandingusa.com probrandingusa.com
15 1

This site contains no links.

Subject Issuer Validity Valid
probrandingusa.com
GTS CA 1P5
2023-10-24 -
2024-01-22
3 months crt.sh

This page contains 2 frames:

Primary Page: https://probrandingusa.com/irsus/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=881213&session=8810
Frame ID: CE5DD8BB4861480369BDDCFA2D7E11B7
Requests: 14 HTTP requests in this frame

Frame: https://probrandingusa.com/irsus/home_files/saved_resource.htm
Frame ID: 297A3B02B722AFF342BCFCF9EF534843
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Get Refund Status

Page URL History Show full URLs

  1. https://probrandingusa.com/irsus/ Page URL
  2. https://probrandingusa.com/irsus/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgets... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Page Statistics

15
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

58 kB
Transfer

242 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://probrandingusa.com/irsus/ Page URL
  2. https://probrandingusa.com/irsus/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=881213&session=8810 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
probrandingusa.com/irsus/
278 B
611 B
Document
General
Full URL
https://probrandingusa.com/irsus/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81edfca78dc0b920-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 31 Oct 2023 18:33:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XcR%2FEZIcD81kPBWIQp0teBkqcKAUMWibKuz5QfxWe50fwPB59tPuw0j3FPzy5PsCXi8qy437m08mthZvVs5hxJhcmJG%2FaVK5VpfCnsWN1K1poQR6oGwn3isYwNdc0VcT1BxW6yWGY65wgrtsniKnHjU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
Primary Request home.html
probrandingusa.com/irsus/
12 KB
3 KB
Document
General
Full URL
https://probrandingusa.com/irsus/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=881213&session=8810
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bec0021229acb826efda32e78841a7b97ffb73d3b922bd1bd98823a4377a5374

Request headers

Referer
https://probrandingusa.com/irsus/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81edfca80e5db920-AMS
content-encoding
br
content-type
text/html
date
Tue, 31 Oct 2023 18:33:32 GMT
last-modified
Tue, 25 Apr 2023 06:40:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BC4IkevGTb6bpqm9YPGaD%2BxAh%2FGjL6JrP3jdbHcmDPTCuF4M4oFCUCVTGVCQHF6No0Jl%2BtFSBjOGAPSrhxh5rVU%2FxDuE27vmVMx8QYBnpP75YaSl32r3u%2F%2Ft7AWhqe4cl0sFD8UT1KY5wZ00vQcFnAo%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
bootstrap.css
probrandingusa.com/irsus/home_files/
152 KB
25 KB
Stylesheet
General
Full URL
https://probrandingusa.com/irsus/home_files/bootstrap.css
Requested by
Host: probrandingusa.com
URL: https://probrandingusa.com/irsus/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=881213&session=8810
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f52f329c18914acde937ef708d127632bfcbbd8f4d5b02ab9d074699e00afa3

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://probrandingusa.com/irsus/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=881213&session=8810
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 18:33:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6029
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 08 Jun 2022 12:09:34 GMT
server
cloudflare
etag
W/"2606e-62a0917e-285b5a;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZe1st9A3lkyzE3i0423B4xi3Q2uNyXJdDMvLQQvZB4uAV8X46WlTukEYUUiscuGeMYYC8d0Yfz214GgIkS3PEReiXvRWKJJDhf2bks4X1k21IYIqfvKw%2FSPMsaKsf8aSF6qHzRNje0QRe8gSTSOgHs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
81edfca86f15b920-AMS
expires
Tue, 07 Nov 2023 16:53:03 GMT
jquery-ui.css
probrandingusa.com/irsus/home_files/
31 KB
8 KB
Stylesheet
General
Full URL
https://probrandingusa.com/irsus/home_files/jquery-ui.css
Requested by
Host: probrandingusa.com
URL: https://probrandingusa.com/irsus/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=881213&session=8810
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dcf7c6148121e9c474fbb4f32a0d43677cb0d85cc910d3faf15f6251f7ea3b0

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://probrandingusa.com/irsus/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=881213&session=8810
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 18:33:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6029
cf-polished
origSize=32082
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 08 Jun 2022 12:09:34 GMT
server
cloudflare
etag
W/"7d52-62a0917e-285b5f;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WcwvLaUwMM%2BWbBv38%2B17RTt%2BrfWkcailQnZ7Z2xaVx5%2F8k%2F1ruak5Ioh3IymQ33G3A%2FQWEyhgkCRpomlrrJRwJW4EEKlzrjQKfo9mNJqzlU9%2FNL4Ehh9U3IZTRjpsbhu5IqnbzhlwxRVF8poe2EQ%2Fnw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
81edfca86f1cb920-AMS
expires
Tue, 07 Nov 2023 16:53:03 GMT
irs.css
probrandingusa.com/irsus/home_files/
5 KB
1 KB
Stylesheet
General
Full URL
https://probrandingusa.com/irsus/home_files/irs.css
Requested by
Host: probrandingusa.com
URL: https://probrandingusa.com/irsus/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=881213&session=8810
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdb6ea3cf5dca396f0b9ead85d6a1dceb389796e06fa0ab3725eb072dc11b1b9

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://probrandingusa.com/irsus/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=881213&session=8810
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 18:33:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6029
cf-polished
origSize=5806
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 08 Jun 2022 12:09:34 GMT
server
cloudflare
etag
W/"16ae-62a0917e-285b5d;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wVAeMmhyw8CEkqNV39cphwJhWH3UtL3c0lSOwfuFMwzIOjajYMYdGqnjakTJx4u0A%2BLgHsZz7RCmnBx42TJwaq0uLNR2ntgGYZq0I5Vn5M8XPPzdnS8iPkNzW766EHXkMTD2RD5iB815%2BaXU14mIiMo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
81edfca86f1fb920-AMS
expires
Tue, 07 Nov 2023 16:53:03 GMT
app.css
probrandingusa.com/irsus/home_files/
9 KB
3 KB
Stylesheet
General
Full URL
https://probrandingusa.com/irsus/home_files/app.css
Requested by
Host: probrandingusa.com
URL: https://probrandingusa.com/irsus/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=881213&session=8810
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4b254c69add59c9263fc046268904bcb604aaef26626ad2dd7ba2f9b2965f52

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://probrandingusa.com/irsus/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=881213&session=8810
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 18:33:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6029
cf-polished
status=cannot_optimize
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 08 Jun 2022 12:09:34 GMT
server
cloudflare
etag
W/"2467-62a0917e-285b59;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSY7GerQ2Q8yDBa3aK%2BqmweazaoaXd6Af1vvua0fdR%2BlLH5T17y7hoyLHb9GN7X0ruR041WyZ%2F5bgBcTXr77ZoQrk8U3TIYmrXUk8hRjCoWCrOSkwnlqocsdUHY%2BBsJ%2BCWIlTc82bhNCWBBepNy8Ffo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
81edfca86f21b920-AMS
expires
Tue, 07 Nov 2023 16:53:03 GMT
app-error.css
probrandingusa.com/irsus/home_files/
562 B
571 B
Stylesheet
General
Full URL
https://probrandingusa.com/irsus/home_files/app-error.css
Requested by
Host: probrandingusa.com
URL: https://probrandingusa.com/irsus/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=881213&session=8810
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1fec6422216d55e2ba3fa50bdd8f6968390bc87f8dc9f8471892c5fdefe4a72

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://probrandingusa.com/irsus/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=881213&session=8810
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 18:33:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6029
cf-polished
origSize=786
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 08 Jun 2022 12:09:34 GMT
server
cloudflare
etag
W/"312-62a0917e-285b58;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=msQ4djnwmyZKKbsO%2BhRBSM3DX5C3wZaIOO3bSqxvODiDTwdGnHr%2FJasIp6VwRcNTqTKBGHuJZQEnccWoGyW2nN2OmkXgytBQWlheSLaXl5jmJ7OiO9ec8qj6fKCWTt4pzgHvAztBwuJ%2BkYWIXERVoPA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
81edfca86f22b920-AMS
expires
Tue, 07 Nov 2023 16:53:03 GMT
wmsp-shared-secrets.css
probrandingusa.com/irsus/home_files/
2 KB
1 KB
Stylesheet
General
Full URL
https://probrandingusa.com/irsus/home_files/wmsp-shared-secrets.css
Requested by
Host: probrandingusa.com
URL: https://probrandingusa.com/irsus/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=881213&session=8810
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce7425bc051d9f94e1e7851b70dcf0685c41d61373dde0cdabf5f99a1b2ae22e

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://probrandingusa.com/irsus/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=881213&session=8810
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 18:33:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6029
cf-polished
origSize=3256
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 08 Jun 2022 12:09:34 GMT
server
cloudflare
etag
W/"cb8-62a0917e-285b63;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2VDtJ6pB9uV17qlohGGq4dt9WR%2BfpFRxUtqi7OXs9batTlm6OTuZ1TiF34sJLxWWelAuT9JHcwjnInm%2FJs20Y2FtTNXxbdKYTBM4QWh28bjNjNp6bZ4ip1v0UKMtT2UYkdJOjHZ9WKSapxIjmI9aEnY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
81edfca86f24b920-AMS
expires
Tue, 07 Nov 2023 16:53:03 GMT
wmsp-results.css
probrandingusa.com/irsus/home_files/
1 KB
795 B
Stylesheet
General
Full URL
https://probrandingusa.com/irsus/home_files/wmsp-results.css
Requested by
Host: probrandingusa.com
URL: https://probrandingusa.com/irsus/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=881213&session=8810
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df502755dd72bb61d3fd538ef5ef5f3c144126a19bb47b312f7cc75de520f672

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://probrandingusa.com/irsus/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=881213&session=8810
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 18:33:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6029
cf-polished
origSize=1651
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 08 Jun 2022 12:09:34 GMT
server
cloudflare
etag
W/"673-62a0917e-285b62;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fOkeEqPRoqwJYvMNlvCarjZqca9m%2BZorhW8QQXNhuZ0oLk5r3VgwbDAoLrcXzlvicyYTdUpy6nKQUYQ0fdIBfFiSxqwsDrXR9cJfG8E4BOWcP0sB8hc2wSeq0TWEt2MLbR6FcU5cmATFjc8KsMnUkw8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
81edfca86f25b920-AMS
expires
Tue, 07 Nov 2023 16:53:03 GMT
datepicker.css
probrandingusa.com/irsus/home_files/
18 KB
3 KB
Stylesheet
General
Full URL
https://probrandingusa.com/irsus/home_files/datepicker.css
Requested by
Host: probrandingusa.com
URL: https://probrandingusa.com/irsus/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=881213&session=8810
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c97e6daa1662a21090dfb0213e13afdde1dfb05a058b0666b779633b93192e1

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://probrandingusa.com/irsus/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=881213&session=8810
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 18:33:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6029
cf-polished
origSize=21244
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 08 Jun 2022 12:09:34 GMT
server
cloudflare
etag
W/"52fc-62a0917e-285b5b;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8M3S3BjuuDJDG2gBi0ORH4esIVZAZXihS4nXHRgv5NhjSd%2Fn4AVxdd7WbXaiKYdllb7V%2BGEtu5uKFvdXyzaBg%2FQjKsFJsnsc9cDjb6sIguv6S6ibHGjDpAMTgbDSvpLdgolJOu%2BaTyCr4yP8F7PEU8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
81edfca86f28b920-AMS
expires
Tue, 07 Nov 2023 16:53:03 GMT
logo.png
probrandingusa.com/irsus/home_files/
5 KB
5 KB
Image
General
Full URL
https://probrandingusa.com/irsus/home_files/logo.png
Requested by
Host: probrandingusa.com
URL: https://probrandingusa.com/irsus/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=881213&session=8810
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02ceea374fce34ce8272bb17a67fd862c8ff49eeb05938154570701ca7a62ea7

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://probrandingusa.com/irsus/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=881213&session=8810
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 18:33:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6029
alt-svc
h3=":443"; ma=86400
content-length
4640
last-modified
Wed, 08 Jun 2022 12:09:34 GMT
server
cloudflare
etag
"1220-62a0917e-285b60;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vwwJsKeyqHN1J5SxZmCi25a4KIQl8I%2B62EqTZv5XS5PdnlJ4ClST3qxddlwso%2FfCFKnBp9yOGvhcuvpHBQN%2FLCYooMAnSAJxdb7%2BqgPEuD3KoAM3STQ7%2BVrQQ3NofFrE8D4nNrCZi4CAw0nydlhXTOc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
81edfca86f2ab920-AMS
expires
Tue, 07 Nov 2023 16:53:03 GMT
irs_horiz_white.png
probrandingusa.com/irsus/home_files/
1 KB
2 KB
Image
General
Full URL
https://probrandingusa.com/irsus/home_files/irs_horiz_white.png
Requested by
Host: probrandingusa.com
URL: https://probrandingusa.com/irsus/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=881213&session=8810
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d3238bdb8ee9440978b31fadb2af34965dca58b179a1225e13316d4c6cfd5e8

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://probrandingusa.com/irsus/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=881213&session=8810
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 18:33:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6029
alt-svc
h3=":443"; ma=86400
content-length
1498
last-modified
Wed, 08 Jun 2022 12:09:34 GMT
server
cloudflare
etag
"5da-62a0917e-285b5e;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l8NIWsNjl6YiElBxgsXrT1WRcPaROe4h8VEvprMrwhPJ4%2F7hON6OL%2FhaqFmn3jP%2FtkK8xgCKJVyjAPcFSanSikswwGYc8IsbiA01AqarPPLM%2Fu7OQrMVuIV9rAHQVWBGp8xZTK4xyDKJkDMQHxevpNI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
81edfca86f2cb920-AMS
expires
Tue, 07 Nov 2023 16:53:03 GMT
saved_resource.htm
probrandingusa.com/irsus/home_files/ Frame 297A
312 B
654 B
Document
General
Full URL
https://probrandingusa.com/irsus/home_files/saved_resource.htm
Requested by
Host: probrandingusa.com
URL: https://probrandingusa.com/irsus/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=881213&session=8810
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8549844c9c013d824f5b7d01079edc1cfa3cb87f5f14a347ba52391361dafc02

Request headers

Referer
https://probrandingusa.com/irsus/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=881213&session=8810
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
nl-NL,nl;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
81edfca8b8a70bce-AMS
content-encoding
br
content-type
text/html
date
Tue, 31 Oct 2023 18:33:32 GMT
last-modified
Wed, 08 Jun 2022 12:09:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLxzcgsvz4gTTH655vtc%2F2bsHGmuziNf9AWVHjCTD%2B3GY5ztE8ZYBHtUnJQOvsUZxB3lneeoIxpEPpxqvQnIlhs0wtF1%2BJ3hevPFgbld81SSumDnErlfbLyoL1QHSXjZFE5HNe0TRXgBUtCjP%2BGu30M%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
swirl_lighter_ca6f4deb.png
probrandingusa.com/irsus/images/
2 KB
2 KB
Image
General
Full URL
https://probrandingusa.com/irsus/images/swirl_lighter_ca6f4deb.png
Requested by
Host: probrandingusa.com
URL: https://probrandingusa.com/irsus/home_files/app.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://probrandingusa.com/irsus/home_files/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 18:33:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 31 Oct 2023 17:14:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4732
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3f4vP29pGIovSrNQiz3VEKucLdIAdiz3gJYBGh%2BswSI4SmCAJGGE6DJe7pcANXEJZQoHYda4%2BEBJNWzda7mKJCu7aSxEigZTLgOyHKxeATZ7P5vvVJhrLTIhMeJqBUkt3Lc26oZtkkYZ7aRS2Uox7Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400
cf-ray
81edfca8b8ad0bce-AMS
alt-svc
h3=":443"; ma=86400
us.png
probrandingusa.com/assets/img/
2 KB
2 KB
Image
General
Full URL
https://probrandingusa.com/assets/img/us.png
Requested by
Host: probrandingusa.com
URL: https://probrandingusa.com/irsus/home_files/app.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
nl-NL,nl;q=0.9
Referer
https://probrandingusa.com/irsus/home_files/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Tue, 31 Oct 2023 18:33:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 31 Oct 2023 17:14:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4732
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3cLNzMTxJP%2FvrUPbb9jLUrawMzjF4qYAUndgb5TzXkhYRN54%2BaTWvwcypUWIwZBQDkI2X06S9XAuhk41PJm%2F2%2FNSJLbfLJ9hE21OqYntBx26VEZNrjL3%2BFJTzCRJGPtmZ9RpKBzcl9gXAwSEedXSW90%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cache-control
max-age=14400
cf-ray
81edfca8b8ae0bce-AMS
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: IRS (Government)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| noBack string| message function| clickIE function| clickNS function| disableCtrlKeyCombination

0 Cookies