irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com Open in urlscan Pro
2606:4700:3036::ac43:a1ce  Malicious Activity! Public Scan

Submitted URL: https://ybixiu.bighorseaggregates.com/1index1.php?503=irfof-IRServlet_
Effective URL: https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home.html?resource_url=https://sa.www4.irs.gov/i...
Submission: On September 18 via api from US — Scanned from US

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 15 HTTP transactions. The main IP is 2606:4700:3036::ac43:a1ce, located in United States and belongs to CLOUDFLARENET, US. The main domain is irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com.
TLS certificate: Issued by GTS CA 1P5 on August 16th 2023. Valid for: 3 months.
This is the only time irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: IRS (Government)

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
15 2606:4700:303... 13335 (CLOUDFLAR...)
15 1
Domain Requested by
15 irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com
1 ybixiu.bighorseaggregates.com 1 redirects
15 2

This site contains no links.

Subject Issuer Validity Valid
blottedinq.com
GTS CA 1P5
2023-08-16 -
2023-11-14
3 months crt.sh

This page contains 2 frames:

Primary Page: https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=26189&session=111115
Frame ID: F571CD8033F601095EFC8F67C25EC8F9
Requests: 14 HTTP requests in this frame

Frame: https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home_files/saved_resource.htm
Frame ID: FACE3B02D199471BB52F702797F6F229
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Get Refund Status

Page URL History Show full URLs

  1. https://ybixiu.bighorseaggregates.com/1index1.php?503=irfof-IRServlet_ HTTP 302
    https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/index.php?resource_url=https... Page URL
  2. https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home.html?resource_url=https... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Page Statistics

15
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

56 kB
Transfer

244 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://ybixiu.bighorseaggregates.com/1index1.php?503=irfof-IRServlet_ HTTP 302
    https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/index.php?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp Page URL
  2. https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=26189&session=111115 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://ybixiu.bighorseaggregates.com/1index1.php?503=irfof-IRServlet_ HTTP 302
  • https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/index.php?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp

15 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
index.php
irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/
Redirect Chain
  • https://ybixiu.bighorseaggregates.com/1index1.php?503=irfof-IRServlet_
  • https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/index.php?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irf...
281 B
691 B
Document
General
Full URL
https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/index.php?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:a1ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0689baacec21ef4b1867702cc1db248d75403f079e8c6f25bed82f6328ea4bca

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8088df097a485c70-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 18 Sep 2023 10:23:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RgThmAwdofup%2FuiGXZCyWNCYI%2FG7%2BHt%2BWAJ%2B55wiCV89lRtz%2BhAKpfWCu6i5thLUWJ6RS6G%2BYotMrsWiPzHLd3FVNVslEEGH8TgnK%2BXydQ877GE%2FTR1Iud5dziWVOAqHJK5D91c8n90nCjX5BcHADPLoemzW4psw7aPBkk3GMff0ME9CAAxTBEQ1oeHv442s63f8%2Ffesr%2BC3v2%2B6k%2Fy6Zb9RLSpKtR%2FZVMtw"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8088df06fb892888-MIA
content-type
text/html; charset=UTF-8
date
Mon, 18 Sep 2023 10:23:02 GMT
location
https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/index.php?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2n%2FNdhTOgJnoxIZoVc7%2B8Z4K0XwO7BKkcXiBDkl6cNNLVSAKUA8h9%2BNGGN2MTMUHh47Dn8oVumwb61EqP89w4I8SgEIA5DFVJw2Ya1CfgLdf8GlZ30GsyewsWLhSGUrSy4Mhp0Z5uacjYHvg%2Fe8tIeHU%2FRVl3FQpSqAMA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
Primary Request home.html
irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/
12 KB
4 KB
Document
General
Full URL
https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=26189&session=111115
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:a1ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad2f435f42c01c935af717382851192b5d51ff23b18ca31ee19bf605a01f3446

Request headers

Referer
https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/index.php?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8088df0b7bcb5c70-MIA
content-encoding
br
content-type
text/html
date
Mon, 18 Sep 2023 10:23:03 GMT
last-modified
Tue, 25 Apr 2023 15:40:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xKsFyDkv66JapvZjmbMbV%2BeDNd1LTfKhiwgcSl1J%2FJ0OYsFloQNXzzF9YvmLOZmLIVr0iRCE01IKGaOmYg13fJxGB7eqiEdTWSchZXZ7EfT0AfFaAb8nznJYjr5egxzbg%2B8KvNmBbbVaCua9THZ0LOaGJGHmj7Cw1WPRK9INVM1ndV1c49SuwKXGGAKzY%2FKhlfHu2P0UvrgF9Emd8ZMKUxW%2BE3%2FEmDa7KIId"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
bootstrap.css
irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home_files/
152 KB
24 KB
Stylesheet
General
Full URL
https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home_files/bootstrap.css
Requested by
Host: irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com
URL: https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=26189&session=111115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a1ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

accept-language
en-US,en;q=0.9
Referer
https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=26189&session=111115
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:23:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 08 Jun 2022 21:09:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2606e-5e0f61f399f80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tu2oILLNDFahyFaj5eIsp60yyXBDk2%2B0DBmnl8Zl3eZHMz8mM0ADpAufdCuNd4TzLy6NkVQV5XoCmGPAb%2F%2F0tTdk1vMcVFVdI%2BwdD8vpmdVKVXFmNcrVH4laneI8IquLwChBTAOuHoc3Sxesy9sEqbAbsBwgZMpJg9uGE0bsUYnkhkhUivFJ8PYIIIkeZU9IC5DPHnMpCzXAlJclM97g5ZSdhiIkfCl6tgyR"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8088df0c8c9cb3df-MIA
alt-svc
h3=":443"; ma=86400
jquery-ui.css
irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home_files/
31 KB
8 KB
Stylesheet
General
Full URL
https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home_files/jquery-ui.css
Requested by
Host: irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com
URL: https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=26189&session=111115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a1ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca4df2bf400a42d8752e115f03366a90b2b4ed06b2da9ef429d41fda5f15705e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=26189&session=111115
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:23:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 08 Jun 2022 21:09:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"7d52-5e0f61f399f80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FO6ZrR%2BOxEv2FmbxEZw4fmxd2vJLoqytV0EBVrfVMvbsnqRYdOHPihiJingqMNXt1MkzL7Tf1OIr1ZryvAELr4bsyYx1887Q2ok0Xf9cF3slu21OI%2ByMmi12I2My68nluZUcFTaAdu08u6GUj%2F4k%2BZ6CvzrL1k81j%2BoCSGiyzJbRMhM7vs3niO9lm1OJ1O%2BZYd0yksYRKkof14MSZbIocZSVZjaF2dbtHQww"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8088df0c9c9db3df-MIA
alt-svc
h3=":443"; ma=86400
irs.css
irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home_files/
6 KB
2 KB
Stylesheet
General
Full URL
https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home_files/irs.css
Requested by
Host: irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com
URL: https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=26189&session=111115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a1ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c091629a45d384695d3aa0fcea2210eab8edff323d8ecbf81e3a04fda820d7f4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=26189&session=111115
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:23:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 08 Jun 2022 21:09:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"16ae-5e0f61f399f80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kk2zNOytsNvMpJmn1Ja1gv76oN1WK9Hc5qdiyUQymn2RlbuqoXaiDZciQZhjpZ%2FczMUUahxMNMki84HbUbCNG6STIZr3P9Vq0Ta%2FaudEXLh9TzpoajS8AsitqO4U7lYigwba%2FNLPW0y2ODRVqF%2BHsPblLSLDHiRDKEfHrt1AYN1pEN2arMoUijrEQHD8y7X2I3Rql6yn4WnRGsumQwonD1TMXVmmWawWOOHP"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8088df0c9c9eb3df-MIA
alt-svc
h3=":443"; ma=86400
app.css
irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home_files/
9 KB
3 KB
Stylesheet
General
Full URL
https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home_files/app.css
Requested by
Host: irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com
URL: https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=26189&session=111115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a1ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4b254c69add59c9263fc046268904bcb604aaef26626ad2dd7ba2f9b2965f52

Request headers

accept-language
en-US,en;q=0.9
Referer
https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=26189&session=111115
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:23:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 08 Jun 2022 21:09:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2467-5e0f61f399f80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bB1kY96SaGGtyPq0pUkF5x1ZZVuEI%2BkRYtcf3lcpYZfTmveWbD3RQRA%2FfFUnaZqDYnPKMJZktg5MsltVw%2B%2FrU2GprQXlAUbk81frJS6V%2BZk4QMxThz76jKGuxFb%2BMRegi8tMWMqYEnDDNY4cBlrUHwfgZONz%2FY%2BqowwkoD2Zst%2FGTrk%2FiDGJwEd%2FYs42rqNr1KT2IPGlABXPhNQnZZCzV7ububVnr%2FsHMVFW"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8088df0c9c9fb3df-MIA
alt-svc
h3=":443"; ma=86400
app-error.css
irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home_files/
786 B
812 B
Stylesheet
General
Full URL
https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home_files/app-error.css
Requested by
Host: irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com
URL: https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=26189&session=111115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a1ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4abb35ccb93590308661b4dafacfe380c89aef07e2d94499d23f1637137bd1c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=26189&session=111115
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:23:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 08 Jun 2022 21:09:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"312-5e0f61f399f80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRuloxosoUwlVrge4TzFgfYEh2TRZxRHoxJqNoB4WztyAz3Ec0KBPTNoqaFkrQq5htZiyoOrsjAdtsX%2FJqFFvMsLkRkcNJULsSRK2e9NoYqH5SItxkn5WJJ1iubL1TV%2FW4xIfV3hxLS4Is7bZd28AGGpyDAe6X68XTJYGWWuZ%2F%2Fxiro5QINdIlerrvm9b0okR7mfBTSO6NTYr6DDAOT%2FG5qGQTvGq9KE9W9v"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8088df0c9ca0b3df-MIA
alt-svc
h3=":443"; ma=86400
wmsp-shared-secrets.css
irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home_files/
3 KB
1 KB
Stylesheet
General
Full URL
https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home_files/wmsp-shared-secrets.css
Requested by
Host: irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com
URL: https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=26189&session=111115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a1ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd8245e841b019e192658b02f6d510112f6793dace36c4b29cc44ab2ab6179cd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=26189&session=111115
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:23:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 08 Jun 2022 21:09:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"cb8-5e0f61f399f80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0X6W9nywDbeA0ggS5NIGt1TEWrrZdOscd%2B8D2noyQmxvCdIOh1N6k7BwntaOQH%2F4E0hSCmEN%2Bvfj%2FGaXzbm45KeooPiBVliXq5E8LceuprH%2F2J583inqNrO7vF7%2BFJ4Hr0mesCpiZRmcrtWDk3zDL2PTvzJ9B2VSj6nYjZTnj9EnQmNq6pO86t7uFN5lvT84YjXcmF9n7tMsDdqpaDFr2ZHGKw7942rJkJJ"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8088df0c9ca1b3df-MIA
alt-svc
h3=":443"; ma=86400
wmsp-results.css
irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home_files/
2 KB
1 KB
Stylesheet
General
Full URL
https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home_files/wmsp-results.css
Requested by
Host: irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com
URL: https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=26189&session=111115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a1ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c270883773a53da36d154ea13ce8ea8451489c25aabd20e60ef6eb65c4fe439d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=26189&session=111115
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:23:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 08 Jun 2022 21:09:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"673-5e0f61f399f80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mqvwaie4JEhu4sNpVwQ%2Fuv3xCgO5VVUzamybPfz%2Fn0ZfFGT25BceJXZx%2B9%2B3%2BdgtkhjATylwFw%2F5S%2Bdz8m2iIUXBcni0gSAN7b2avZkNqqwH6LkhlYWi1Cw7%2FsG9N4jklJIdV8tQOTSwBcNTePhpDVTcqZ7ucpsXKCNFs4TlL%2FKvR0IKwglRQmKoH3nOgL85VuGfuz5kuyGqYu3Uf7CfPWfCaWY%2FSD84D%2BJ5"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8088df0c9ca2b3df-MIA
alt-svc
h3=":443"; ma=86400
datepicker.css
irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home_files/
21 KB
3 KB
Stylesheet
General
Full URL
https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home_files/datepicker.css
Requested by
Host: irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com
URL: https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=26189&session=111115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a1ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2538e625a9042c2cd54e13cf52221fce1831dd12c5ca4cdac23137ac22e3010

Request headers

accept-language
en-US,en;q=0.9
Referer
https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=26189&session=111115
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:23:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 08 Jun 2022 21:09:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"52fc-5e0f61f399f80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vb9EAnX6HpnJE%2B%2BfARKrqc4%2BYrwNwgI34puMYYMRMKMsCaqXauBRIFnz7Gxjkdy%2BvqCCDvgw5jaHjR82EvYxv%2BaOGiTkOiP%2BnjkPgqU2PyBqoeF4ypXdqRW5%2BjQGnnOKl1%2FZooZ1u5f9RfqSFR7YjKihDW2Uq4KmXqlchF1OephRblxuUqqTfNr0daTtgcGYUExYuzSkNshjGrSmIYzeiEdmUWClDq9C%2F1OT"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8088df0c9ca3b3df-MIA
alt-svc
h3=":443"; ma=86400
logo.png
irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home_files/
5 KB
5 KB
Image
General
Full URL
https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home_files/logo.png
Requested by
Host: irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com
URL: https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=26189&session=111115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a1ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02ceea374fce34ce8272bb17a67fd862c8ff49eeb05938154570701ca7a62ea7

Request headers

accept-language
en-US,en;q=0.9
Referer
https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=26189&session=111115
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:23:03 GMT
cf-cache-status
MISS
last-modified
Wed, 08 Jun 2022 21:09:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1220-5e0f61f399f80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYK%2BN6HzorOjHKo3hi9rlSZ97vswHbppUlVP1T%2FcCcYo9jdT00RjEVOYjwCghoF8ymlEFAB33GOzNh8kaaHZe4zD4dFVfL8o74j5sKqpmyFebuNai7Opl41YWWiXvowO76Q6W8tqQ%2BK39U%2FCSmGqdKDoJ7dQoVFnAO7Xsy9aeyaAl980MXLCoa0kR7BAZTo4FMsWvSj3Xfpw7ZImIcPd7CbXF9FSP0vZIebb"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8088df0e8e61b3df-MIA
alt-svc
h3=":443"; ma=86400
content-length
4640
irs_horiz_white.png
irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home_files/
1 KB
2 KB
Image
General
Full URL
https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home_files/irs_horiz_white.png
Requested by
Host: irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com
URL: https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=26189&session=111115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a1ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d3238bdb8ee9440978b31fadb2af34965dca58b179a1225e13316d4c6cfd5e8

Request headers

accept-language
en-US,en;q=0.9
Referer
https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=26189&session=111115
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:23:03 GMT
cf-cache-status
MISS
last-modified
Wed, 08 Jun 2022 21:09:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5da-5e0f61f399f80"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0j8RhJgaAvA4QDgR0gOfyWz9RFxCLVUm4u7gMmTA45AWj6TZKhqziV8qevAdezBXXyqejznNi1wFTAWYzBFA60DxmsjVcbor%2F5khzkjgPZidm5le3z379RlzG6%2BRli8XC0JfxuvN9YUmYYWSP3UmTKGlNKAPF1XPjhxU4yAKiAx2FgqCet5%2BaMJJu%2FzaefCar4eL9ZTaLeqYvYGbke8YePvAuC4hjZMlFNFQ"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8088df0f4f00b3df-MIA
alt-svc
h3=":443"; ma=86400
content-length
1498
saved_resource.htm
irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home_files/ Frame FACE
313 B
681 B
Document
General
Full URL
https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home_files/saved_resource.htm
Requested by
Host: irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com
URL: https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=26189&session=111115
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a1ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6afaa120b93af4f452d55328c8a2e686ab93ef0e4baa5b049a808d471cb7781f

Request headers

Referer
https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home.html?resource_url=https://sa.www4.irs.gov/irfof/lang/en/irfofgetstatus.jsp=26189&session=111115
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8088df0f5f0fb3df-MIA
content-encoding
br
content-type
text/html
date
Mon, 18 Sep 2023 10:23:03 GMT
last-modified
Wed, 08 Jun 2022 21:09:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Von7ouzwHFJHymZq5HpZUPprY9Ie%2BtU40KzJ5%2FVKpkp1%2BosubEHPjAeMHSU3vmIx3PxtwDYs4n4dALllKnPjFZX0vdXGlCB4YpuTZ%2FUsLkhBlruQOfyEjo8QXEXtyZuxGTu9JGAnTwahYHj6dj5BkNQnI5PBBtRiAyi2fdl2q%2FhxhpqPeta%2BoOUeminc0KMrLqCEfkrHvs0bBxD%2FtJBhuurU2poBwl9kF9V"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
swirl_lighter_ca6f4deb.png
irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/images/
338 B
338 B
Image
General
Full URL
https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/images/swirl_lighter_ca6f4deb.png
Requested by
Host: irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com
URL: https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home_files/app.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a1ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21cecd1aefbfd25cfb38e813213054911467fa481e36e081ab8d4588d8cbb9cb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home_files/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:23:03 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57KmenavxY2HBI%2FFu8VE1Mfd5EIhJLlVqcTP1emrwjnuuQOmXbCCvryFPk02nzL4kgU%2FrrJnljOMYWgTL1e9FSJXrMHK8BaVzEoNWiT8TA%2B%2F2wzK28iDkpiXlW9mw%2FkDx5EBeYJjkTOuYDg1udDT%2FKOUeRf2gdbaVumHGGu39eW1W4BeEDeXpXWqe7Q7vAZ3kJ6%2F0iqqGNfqNSjeuwHnF1ngkxpFvhteFOEL"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
8088df0f5f15b3df-MIA
alt-svc
h3=":443"; ma=86400
us.png
irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/assets/img/
338 B
338 B
Image
General
Full URL
https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/assets/img/us.png
Requested by
Host: irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com
URL: https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home_files/app.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a1ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21cecd1aefbfd25cfb38e813213054911467fa481e36e081ab8d4588d8cbb9cb

Request headers

accept-language
en-US,en;q=0.9
Referer
https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/home_files/app.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.88 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 10:23:03 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bu7MkqTefuM%2FEjJvBlzn2YMESMPzDvT6LAFenbFFbt4hv2mAaic0ioob0LEbsOuxQwqjyHlleTHG3PnWROOAkpzfcZLq3KJeeDD59mmaAByfdbeZ3BYSHxF52Z14jn8c9DdBETyOV62e24C22XjwbLgEw07s%2FS7SJu76GMmI1tJ0vAcg87TeNobhTN38sIdfZtsmrBTBwjiWLApjnyezh11jRp8MFYwf3dTw"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
8088df0f5f18b3df-MIA
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: IRS (Government)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture function| noBack string| message function| clickIE function| clickNS function| disableCtrlKeyCombination

0 Cookies

2 Console Messages

Source Level URL
Text
network error URL: https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/refunds-getstatus_form2_irfof-IRServlet-en_lang/images/swirl_lighter_ca6f4deb.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://irs_returns_taxtopics-irfofgetstatus_tc1203help-650825066b060.blottedinq.com/assets/img/us.png
Message:
Failed to load resource: the server responded with a status of 404 ()