probrandingusa.com Open in urlscan Pro
2606:4700:3037::6815:1d7c Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://probrandingusa.com/irsus/home.html?resource_url=https
Submission: On October 31 via api (October 31st 2023, 6:00:41 pm UTC) from US — Scanned from US

Summary HTTP 14 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 14 HTTP transactions. The main IP is 2606:4700:3037::6815:1d7c, located in United States and belongs to CLOUDFLARENET, US. The main domain is probrandingusa.com.
TLS certificate: Issued by GTS CA 1P5 on October 24th 2023. Valid for: 3 months.

This is the only time probrandingusa.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: IRS (Government)

Domain & IP information

	IP Address		AS Autonomous System
14	2606:4700:303... 2606:4700:3037::6815:1d7c		13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	1

14 2606:4700:3037::6815:1d7c (United States)

ASN13335 (CLOUDFLARENET, US)

probrandingusa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	probrandingusa.com probrandingusa.com	57 KB
14	1

	Domain	Requested by
14	probrandingusa.com	probrandingusa.com
14	1

This site contains no links.

Subject Issuer	Validity	Valid
probrandingusa.com GTS CA 1P5	`2023-10-24` - `2024-01-22`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://probrandingusa.com/irsus/home.html?resource_url=https
Frame ID: AD41373DC2DF786528F13FE54DA24118
Requests: 13 HTTP requests in this frame

Frame: https://probrandingusa.com/irsus/home_files/saved_resource.htm
Frame ID: F576E8B47937F966B9EAE27F828EA561
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Get Refund Status

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Page Statistics

14
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

57 kB
Transfer

242 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request home.html Show response probrandingusa.com/irsus/	12 KB 4 KB	775ms 206ms	Document text/html	2606:4700:3037::6815:1d7c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://probrandingusa.com/irsus/home.html?resource_url=https Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1d7c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bec0021229acb826efda32e78841a7b97ffb73d3b922bd1bd98823a4377a5374` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 81edcc624ead4344-EWR content-encoding br content-type text/html date Tue, 31 Oct 2023 18:00:35 GMT last-modified Tue, 25 Apr 2023 06:40:36 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bzxLdguJvdg1NFOiX5NxH3hhQTWYKrEfGmxe%2FjV2E1ClkON%2BFh3oEbEF%2B4pEM34hQEJh9goh5V4S7jWUmgBhgw2MGVGF5tqSdCbAFCjDOxFhfwdccKZmDRpu5PYXNGqvbqsL86Z1U7kwMOrHV0iHKHo%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	bootstrap.css probrandingusa.com/irsus/home_files/	152 KB 25 KB	42ms 39ms	Stylesheet text/css	2606:4700:3037::6815:1d7c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://probrandingusa.com/irsus/home_files/bootstrap.css Requested by Host: probrandingusa.com URL: https://probrandingusa.com/irsus/home.html?resource_url=https Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1d7c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4f52f329c18914acde937ef708d127632bfcbbd8f4d5b02ab9d074699e00afa3` Request headers accept-language en-US,en;q=0.9 Referer https://probrandingusa.com/irsus/home.html?resource_url=https User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 18:00:35 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4029 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 08 Jun 2022 12:09:34 GMT server cloudflare etag W/"2606e-62a0917e-285b5a;gz" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7WzIATUjIoDhxtnfzuXGR%2FB0GvkuzpggDZ4liRFJ7BRIpdwf1vVBL%2BWzP7zhKobhJuDPN9apAfyaCRGUtMeE%2B%2F%2FOfy8CuRmdN3TRcftmkGnYawQvAhJVRKnsAIGy6dvrZSi6Zqt4BmLNVcZ85pK0sGI%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 cf-ray 81edcc63987c4344-EWR expires Tue, 07 Nov 2023 16:53:26 GMT
GET H2	200	jquery-ui.css probrandingusa.com/irsus/home_files/	31 KB 8 KB	72ms 70ms	Stylesheet text/css	2606:4700:3037::6815:1d7c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://probrandingusa.com/irsus/home_files/jquery-ui.css Requested by Host: probrandingusa.com URL: https://probrandingusa.com/irsus/home.html?resource_url=https Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1d7c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1dcf7c6148121e9c474fbb4f32a0d43677cb0d85cc910d3faf15f6251f7ea3b0` Request headers accept-language en-US,en;q=0.9 Referer https://probrandingusa.com/irsus/home.html?resource_url=https User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 18:00:35 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4029 cf-polished origSize=32082 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 08 Jun 2022 12:09:34 GMT server cloudflare etag W/"7d52-62a0917e-285b5f;gz" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bWsPga5QRtaYRWWqvfMWotdtHN0FBu7mwTcCEqnT%2FE2y4jskpdUlwWLztGuUKXgkPy8N7wOg%2BouhnIiOcFyFZQxRlCz%2FAsqwdgQ7vtlgVUmDuUGI29qyxGqUbmYhEPUM9obrX5WM%2FN2DsEf6dw6%2BlzA%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 cf-ray 81edcc63a89d4344-EWR expires Tue, 07 Nov 2023 16:53:26 GMT
GET H2	200	irs.css probrandingusa.com/irsus/home_files/	5 KB 1 KB	81ms 79ms	Stylesheet text/css	2606:4700:3037::6815:1d7c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://probrandingusa.com/irsus/home_files/irs.css Requested by Host: probrandingusa.com URL: https://probrandingusa.com/irsus/home.html?resource_url=https Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1d7c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `fdb6ea3cf5dca396f0b9ead85d6a1dceb389796e06fa0ab3725eb072dc11b1b9` Request headers accept-language en-US,en;q=0.9 Referer https://probrandingusa.com/irsus/home.html?resource_url=https User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 18:00:35 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4029 cf-polished origSize=5806 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 08 Jun 2022 12:09:34 GMT server cloudflare etag W/"16ae-62a0917e-285b5d;gz" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nO2iufrbbjSia9xtL0SX6HFenU9vajayawkmfrts6bwVeFy6aCS8lv3V8Z5c2DXmK36uyaMPDwtqsSuc92BreBuM0bH6DOZoL%2BLYvmtqnmfOg0MitEr1eSp0%2BSUgUHItS0RYfi4OHjb7JqTYSuX5gCs%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 cf-ray 81edcc63a8a24344-EWR expires Tue, 07 Nov 2023 16:53:26 GMT
GET H2	200	app.css probrandingusa.com/irsus/home_files/	9 KB 3 KB	69ms 67ms	Stylesheet text/css	2606:4700:3037::6815:1d7c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://probrandingusa.com/irsus/home_files/app.css Requested by Host: probrandingusa.com URL: https://probrandingusa.com/irsus/home.html?resource_url=https Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1d7c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `f4b254c69add59c9263fc046268904bcb604aaef26626ad2dd7ba2f9b2965f52` Request headers accept-language en-US,en;q=0.9 Referer https://probrandingusa.com/irsus/home.html?resource_url=https User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 18:00:35 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4029 cf-polished status=cannot_optimize alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 08 Jun 2022 12:09:34 GMT server cloudflare etag W/"2467-62a0917e-285b59;gz" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CTvrOFi1K5G1Xd8QZOUr8X55%2FqPULIRMRwxILcJQ3tl55vPIDoviUAOA7IRGl%2FuBp9Omqog%2BJFVxfI9Upjfd1JCjtQNgI4F1xcxlVmB7juEYanfNCfq%2B3qRf%2B4JdmvtMPMNz%2BMLaZ4DFb5E7gVIcaGg%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 cf-ray 81edcc63a8a64344-EWR expires Tue, 07 Nov 2023 16:53:26 GMT
GET H2	200	app-error.css probrandingusa.com/irsus/home_files/	562 B 572 B	71ms 69ms	Stylesheet text/css	2606:4700:3037::6815:1d7c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://probrandingusa.com/irsus/home_files/app-error.css Requested by Host: probrandingusa.com URL: https://probrandingusa.com/irsus/home.html?resource_url=https Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1d7c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `c1fec6422216d55e2ba3fa50bdd8f6968390bc87f8dc9f8471892c5fdefe4a72` Request headers accept-language en-US,en;q=0.9 Referer https://probrandingusa.com/irsus/home.html?resource_url=https User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 18:00:35 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4029 cf-polished origSize=786 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 08 Jun 2022 12:09:34 GMT server cloudflare etag W/"312-62a0917e-285b58;gz" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ykwytv1igXrPp9FUdvbvbRKdod83GlIRg8xNbOLCmKZwjCTOpIQ%2Btxk7XC1FtzmaYyj44rdjALq%2Bq%2FFT7GMrq2iFGZxi98Ge58IYx89Xcc4vpsSv%2FSqopsifGlK7f9s67GULZXFj%2BLfaotIbJ2c5Yqs%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 cf-ray 81edcc63a8aa4344-EWR expires Tue, 07 Nov 2023 16:53:26 GMT
GET H2	200	wmsp-shared-secrets.css probrandingusa.com/irsus/home_files/	2 KB 1 KB	70ms 68ms	Stylesheet text/css	2606:4700:3037::6815:1d7c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://probrandingusa.com/irsus/home_files/wmsp-shared-secrets.css Requested by Host: probrandingusa.com URL: https://probrandingusa.com/irsus/home.html?resource_url=https Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1d7c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ce7425bc051d9f94e1e7851b70dcf0685c41d61373dde0cdabf5f99a1b2ae22e` Request headers accept-language en-US,en;q=0.9 Referer https://probrandingusa.com/irsus/home.html?resource_url=https User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 18:00:35 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4029 cf-polished origSize=3256 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 08 Jun 2022 12:09:34 GMT server cloudflare etag W/"cb8-62a0917e-285b63;gz" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZocfvYi1jTUeurdRm1PEnz1nuaXfWeYjxcoTDh7XqdZ1S4EpdAtAYqw7JJtSFORQjJCG1mWBitxwUk3GQdP8nO3NIPRPoBeXO1jbBqXqjEshxFrbkNn%2F6iW8%2BkmQkIqri0GEYQwScq2Z9pBBLQ25JM%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 cf-ray 81edcc63a8ac4344-EWR expires Tue, 07 Nov 2023 16:53:26 GMT
GET H2	200	wmsp-results.css probrandingusa.com/irsus/home_files/	1 KB 796 B	71ms 69ms	Stylesheet text/css	2606:4700:3037::6815:1d7c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://probrandingusa.com/irsus/home_files/wmsp-results.css Requested by Host: probrandingusa.com URL: https://probrandingusa.com/irsus/home.html?resource_url=https Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1d7c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `df502755dd72bb61d3fd538ef5ef5f3c144126a19bb47b312f7cc75de520f672` Request headers accept-language en-US,en;q=0.9 Referer https://probrandingusa.com/irsus/home.html?resource_url=https User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 18:00:35 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4029 cf-polished origSize=1651 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 08 Jun 2022 12:09:34 GMT server cloudflare etag W/"673-62a0917e-285b62;gz" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mXJYZ6YfSaxIP2NcnmNdOGj8Nde4Ywt1ulUQlS6u7RLKSKq7anp8i0vLbOLvfVrIFvHxJXO0zOoDWsiqiPzx7V2VF8j6yZvgJKKYIjhiQTmr5Zsne5D5vt13tcsw7R3NKm4cdl%2Fuy6LBpN94U%2Fw01ec%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 cf-ray 81edcc63a8af4344-EWR expires Tue, 07 Nov 2023 16:53:26 GMT
GET H2	200	datepicker.css probrandingusa.com/irsus/home_files/	18 KB 2 KB	80ms 79ms	Stylesheet text/css	2606:4700:3037::6815:1d7c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://probrandingusa.com/irsus/home_files/datepicker.css Requested by Host: probrandingusa.com URL: https://probrandingusa.com/irsus/home.html?resource_url=https Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1d7c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `4c97e6daa1662a21090dfb0213e13afdde1dfb05a058b0666b779633b93192e1` Request headers accept-language en-US,en;q=0.9 Referer https://probrandingusa.com/irsus/home.html?resource_url=https User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 18:00:35 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4029 cf-polished origSize=21244 alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Wed, 08 Jun 2022 12:09:34 GMT server cloudflare etag W/"52fc-62a0917e-285b5b;gz" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXN94ZVYCJ4%2BfQiWQt35qr2Idz8y4JZEdWM0uYI2A8%2Fmo9SOfQX12eWf9%2BfCIidH6sX8CbEaNgFNJ6wjBSKD3IrZFgfX9jrFTJsKvmgPihlTgWGhGByZxF1g6vUwaWoACG0Z2XSjvbac0wZEKk9rD3I%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control public, max-age=604800 cf-ray 81edcc63a8b14344-EWR expires Tue, 07 Nov 2023 16:53:26 GMT
GET H2	200	logo.png probrandingusa.com/irsus/home_files/	5 KB 5 KB	70ms 68ms	Image image/png	2606:4700:3037::6815:1d7c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://probrandingusa.com/irsus/home_files/logo.png Requested by Host: probrandingusa.com URL: https://probrandingusa.com/irsus/home.html?resource_url=https Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1d7c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `02ceea374fce34ce8272bb17a67fd862c8ff49eeb05938154570701ca7a62ea7` Request headers accept-language en-US,en;q=0.9 Referer https://probrandingusa.com/irsus/home.html?resource_url=https User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 18:00:35 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4029 alt-svc h3=":443"; ma=86400 content-length 4640 last-modified Wed, 08 Jun 2022 12:09:34 GMT server cloudflare etag "1220-62a0917e-285b60;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=llyPEo5LYt3rEU9kePQ3SVAPw58f9hdFljW0an3O32ZMULeQ%2BMc5iNyYL5V3lVy2pPtIDGSQRVylAyIu9s%2Bn8BuL2Q8F1Lo9glYyJfJivFgj%2B7cEYJTJEv17k4S1iTgeNGCZodQdes6%2FbTXvy5SJHKQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 accept-ranges bytes cf-ray 81edcc63a8b24344-EWR expires Tue, 07 Nov 2023 16:53:26 GMT
GET H2	200	irs_horiz_white.png probrandingusa.com/irsus/home_files/	1 KB 2 KB	79ms 78ms	Image image/png	2606:4700:3037::6815:1d7c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://probrandingusa.com/irsus/home_files/irs_horiz_white.png Requested by Host: probrandingusa.com URL: https://probrandingusa.com/irsus/home.html?resource_url=https Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1d7c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5d3238bdb8ee9440978b31fadb2af34965dca58b179a1225e13316d4c6cfd5e8` Request headers accept-language en-US,en;q=0.9 Referer https://probrandingusa.com/irsus/home.html?resource_url=https User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 18:00:35 GMT cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} age 4029 alt-svc h3=":443"; ma=86400 content-length 1498 last-modified Wed, 08 Jun 2022 12:09:34 GMT server cloudflare etag "5da-62a0917e-285b5e;;;" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZQGZrUjW%2BVC0Eo6qv%2F3XwuyaTF1YHfSOEOxAdDxLkwz0MiPi9wfEs9yTBttEPErTxCZFqIjg2RC1Y2%2F1%2FM49BhtfVzBiEHhRgssEP2P960cDGdGfYVUf2P3nBTJHQCX2EW7t2iTNXDTN1HSsftwezzc%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=604800 accept-ranges bytes cf-ray 81edcc63a8b44344-EWR expires Tue, 07 Nov 2023 16:53:26 GMT
GET H2	200	saved_resource.htm Show response probrandingusa.com/irsus/home_files/ Frame F576	312 B 474 B	118ms 118ms	Document text/html	2606:4700:3037::6815:1d7c CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://probrandingusa.com/irsus/home_files/saved_resource.htm Requested by Host: probrandingusa.com URL: https://probrandingusa.com/irsus/home.html?resource_url=https Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1d7c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `8549844c9c013d824f5b7d01079edc1cfa3cb87f5f14a347ba52391361dafc02` Request headers Referer https://probrandingusa.com/irsus/home.html?resource_url=https Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 accept-language en-US,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 81edcc64ba494344-EWR content-encoding br content-type text/html date Tue, 31 Oct 2023 18:00:35 GMT last-modified Wed, 08 Jun 2022 12:09:34 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LVffnIpvLteV4B9oSlI8zAXcdieZS%2FdYXDZM3OR8GKPpU%2FUBQtEoXJMYckn1HNUWJ3230H728HHLdbqmd6j27oRIoorVoGRWrkKwd5mm14r5OL0qrT17p3t477R6%2BjkCW9%2BrBmoLf%2FtLUreYsasgSVg%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	swirl_lighter_ca6f4deb.png probrandingusa.com/irsus/images/	2 KB 2 KB	40ms 40ms	Image text/html	2606:4700:3037::6815:1d7c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://probrandingusa.com/irsus/images/swirl_lighter_ca6f4deb.png Requested by Host: probrandingusa.com URL: https://probrandingusa.com/irsus/home_files/app.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1d7c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-US,en;q=0.9 Referer https://probrandingusa.com/irsus/home_files/app.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 18:00:35 GMT content-encoding br cf-cache-status HIT last-modified Tue, 31 Oct 2023 16:53:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4028 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nAtO75VwsJcJZA%2BmRh2a5CpNMXPDW1Of9jp130N1rTXHTf1QGyKFA9pnNSx9YKWpwI1ExSJYL05Pu%2BOnSECRh0Hg%2BJ7rTFRadzo1p%2B2xGWQEQ56rjBcWyWu1J6GX%2BKNJvVTmCCueDrD0dqM2x%2BIpPW4%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 cf-ray 81edcc6419874344-EWR alt-svc h3=":443"; ma=86400
GET H2	200	us.png probrandingusa.com/assets/img/	2 KB 2 KB	59ms 59ms	Image text/html	2606:4700:3037::6815:1d7c CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://probrandingusa.com/assets/img/us.png Requested by Host: probrandingusa.com URL: https://probrandingusa.com/irsus/home_files/app.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3037::6815:1d7c , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-US,en;q=0.9 Referer https://probrandingusa.com/irsus/home_files/app.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36 Response headers date Tue, 31 Oct 2023 18:00:35 GMT content-encoding br cf-cache-status HIT last-modified Tue, 31 Oct 2023 16:53:27 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 4028 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z5r1G23EiEKbhHToR9OqqpvMNTmAYTHGalFVE5gq9cUb4UWtl%2FGTIDQR%2F1szWhHrNw3tf%2FMfdApJQx3AtzF5Majzk5t%2Fv0AozUj3en2MsFl7XA41MeOlNrMUtUU0gv9C2m2kPso9hnI26hkfD9lSfn8%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control max-age=14400 cf-ray 81edcc6439aa4344-EWR alt-svc h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: IRS (Government)

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

probrandingusa.com
2606:4700:3037::6815:1d7c
02ceea374fce34ce8272bb17a67fd862c8ff49eeb05938154570701ca7a62ea7
1dcf7c6148121e9c474fbb4f32a0d43677cb0d85cc910d3faf15f6251f7ea3b0
4c97e6daa1662a21090dfb0213e13afdde1dfb05a058b0666b779633b93192e1
4f52f329c18914acde937ef708d127632bfcbbd8f4d5b02ab9d074699e00afa3
5d3238bdb8ee9440978b31fadb2af34965dca58b179a1225e13316d4c6cfd5e8
8549844c9c013d824f5b7d01079edc1cfa3cb87f5f14a347ba52391361dafc02
bec0021229acb826efda32e78841a7b97ffb73d3b922bd1bd98823a4377a5374
c1fec6422216d55e2ba3fa50bdd8f6968390bc87f8dc9f8471892c5fdefe4a72
ce7425bc051d9f94e1e7851b70dcf0685c41d61373dde0cdabf5f99a1b2ae22e
df502755dd72bb61d3fd538ef5ef5f3c144126a19bb47b312f7cc75de520f672
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4b254c69add59c9263fc046268904bcb604aaef26626ad2dd7ba2f9b2965f52
fdb6ea3cf5dca396f0b9ead85d6a1dceb389796e06fa0ab3725eb072dc11b1b9

probrandingusa.com Open in urlscan Pro 2606:4700:3037::6815:1d7c Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

14 Requests

100 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

57 kBTransfer

242 kBSize

0 Cookies

0 Outgoing links

Redirected requests

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

7 JavaScript Global Variables

0 Cookies

Indicators

probrandingusa.com Open in urlscan Pro
2606:4700:3037::6815:1d7c Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

14
Requests

100 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

57 kB
Transfer

242 kB
Size

0
Cookies

14 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!