irs.taxserv1.com Open in urlscan Pro
2a06:98c1:3120::3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://irs.taxserv1.com/
Submission: On August 28 via manual (August 28th 2023, 2:59:37 pm UTC) from AU — Scanned from NL

Summary HTTP 149 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 9 domains to perform 149 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is irs.taxserv1.com.
TLS certificate: Issued by E1 on August 27th 2023. Valid for: 3 months.

This is the only time irs.taxserv1.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: IRS (Government)

Domain & IP information

	IP Address	AS Autonomous System
42	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1 6	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
17	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
31	192.225.157.196 192.225.157.196	30286 (THM) (THM)
1 8	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	23.60.201.14 23.60.201.14	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400c:c07::9c	15169 (GOOGLE) (GOOGLE)
2	192.225.158.3 192.225.158.3	30286 (THM) (THM)
149	13

42 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

irs.taxserv1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 192.225.157.196 (United States)

ASN30286 (THM, US)

info.directpay.irs.gov	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 91.235.132.130 (United States) 1 redirects

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.60.201.14 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-60-201-14.deploy.static.akamaitechnologies.com

resources.digital-cloud-gov.medallia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.225.158.3 (United States)

ASN30286 (THM, US)
PTR: d.aa.online-metrix.net

2febmm503oly67rfhpz3pxxuui4jdqgon5tco342d50814759e5d6d09sac.d.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2febmm503oly67rfhpz3pxxuui4jdqgon5tco3427488ee16070a2907sac.d.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	taxserv1.com irs.taxserv1.com	775 KB
31	irs.gov info.directpay.irs.gov — Cisco Umbrella Rank: 402849	192 KB
20	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 483 www.google-analytics.com — Cisco Umbrella Rank: 37 region1.google-analytics.com — Cisco Umbrella Rank: 2412	40 KB
10	online-metrix.net 1 redirects h.online-metrix.net — Cisco Umbrella Rank: 2686 2febmm503oly67rfhpz3pxxuui4jdqgon5tco342d50814759e5d6d09sac.d.aa.online-metrix.net 2febmm503oly67rfhpz3pxxuui4jdqgon5tco3427488ee16070a2907sac.d.aa.online-metrix.net	34 KB
6	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 4306	76 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	142 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 93	346 B
1	medallia.com resources.digital-cloud-gov.medallia.com — Cisco Umbrella Rank: 9834	84 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	2 KB
149	9

	Domain	Requested by
42	irs.taxserv1.com	irs.taxserv1.com
31	info.directpay.irs.gov	irs.taxserv1.com info.directpay.irs.gov
17	www.google-analytics.com	irs.taxserv1.com
8	h.online-metrix.net	1 redirects irs.taxserv1.com info.directpay.irs.gov
6	mc.yandex.ru	1 redirects irs.taxserv1.com mc.yandex.ru
2	www.googletagmanager.com	irs.taxserv1.com www.googletagmanager.com
2	ssl.google-analytics.com	irs.taxserv1.com
1	2febmm503oly67rfhpz3pxxuui4jdqgon5tco3427488ee16070a2907sac.d.aa.online-metrix.net
1	2febmm503oly67rfhpz3pxxuui4jdqgon5tco342d50814759e5d6d09sac.d.aa.online-metrix.net
1	stats.g.doubleclick.net	irs.taxserv1.com
1	resources.digital-cloud-gov.medallia.com	irs.taxserv1.com
1	region1.google-analytics.com	irs.taxserv1.com
1	cdnjs.cloudflare.com	irs.taxserv1.com
149	13

This site contains links to these domains. Also see Links.

Domain
directpay.irs.gov
www.irs.gov

Subject Issuer	Validity	Valid
taxserv1.com E1	`2023-08-27` - `2023-11-25`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2023-08-14` - `2024-01-24`	5 months	crt.sh
info.directpay.irs.gov Entrust Certification Authority - L1M	`2022-12-09` - `2024-01-08`	a year	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2023-01-09` - `2024-01-23`	a year	crt.sh
*.digital-cloud-gov.medallia.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-02-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.d.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2023-03-03` - `2024-03-04`	a year	crt.sh

This page contains 15 frames:

Primary Page: https://irs.taxserv1.com/
Frame ID: 6428BF6A1B5D4A69F47A7BEF94D62A0C
Requests: 51 HTTP requests in this frame

Frame: https://irs.taxserv1.com/check_files/saved_resource.html
Frame ID: BAEFFE66F533E1AB3032E814296ADB99
Requests: 42 HTTP requests in this frame

Frame: https://irs.taxserv1.com/check_files/HP.html
Frame ID: AB3B7552B0C7E3456876845BA3D238EE
Requests: 4 HTTP requests in this frame

Frame: https://irs.taxserv1.com/check_files/ls_fp.html
Frame ID: 0362287C39F525BA3A339AD546B47D95
Requests: 3 HTTP requests in this frame

Frame: https://irs.taxserv1.com/check_files/sid_fp.html
Frame ID: FAB8C68A71AFD985E674EE2237174E63
Requests: 3 HTTP requests in this frame

Frame: https://irs.taxserv1.com/check_files/top_fp.html
Frame ID: A61FDC6857137835B18DC32CA34B53EA
Requests: 1 HTTP requests in this frame

Frame: https://info.directpay.irs.gov/fp/check.js;CIS3SID=B3013920B835BAB967DD5A4230FDA9B8?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=7488ee16070a2907&jb=3739242662736f773d556b6c646f77732e68736d3f556b6c646d7773273a3031322668736a753d4168706d6f65266a736a3f436a706d6f6725303031333e
Frame ID: 2A0A9B515B5AEE35475BAB198AD30A37
Requests: 29 HTTP requests in this frame

Frame: https://info.directpay.irs.gov/fp/HP?session_id=c0bd800c5c334ea482427b22dcea7941&org_id=2febmm50&nonce=d50814759e5d6d09&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: E0FB76389E66CDC7567C4F157B4C28A7
Requests: 3 HTTP requests in this frame

Frame: https://info.directpay.irs.gov/fp/ls_fp.html;CIS3SID=7794D8488D53BE38C5AE6C9FCBC1B2ED?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=d50814759e5d6d09
Frame ID: B986B9AA4A494E95E5A5F3C24D1E495C
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=7794D8488D53BE38C5AE6C9FCBC1B2ED?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=d50814759e5d6d09
Frame ID: 5C86550F2A2E081F5D79688C0ADBDCBD
Requests: 2 HTTP requests in this frame

Frame: https://info.directpay.irs.gov/fp/top_fp.html;CIS3SID=7794D8488D53BE38C5AE6C9FCBC1B2ED?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=d50814759e5d6d09
Frame ID: 3E8829A2B3CA3C1BE2DFA80887201656
Requests: 1 HTTP requests in this frame

Frame: https://info.directpay.irs.gov/fp/HP?session_id=c0bd800c5c334ea482427b22dcea7941&org_id=2febmm50&nonce=7488ee16070a2907&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 40C502659F660088E9ECE9B85919B20A
Requests: 3 HTTP requests in this frame

Frame: https://info.directpay.irs.gov/fp/ls_fp.html;CIS3SID=72C2464500666FD7693A6DD8505028AF?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=7488ee16070a2907
Frame ID: B0C527914ABC8332C207241C6F991BC1
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=72C2464500666FD7693A6DD8505028AF?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=7488ee16070a2907
Frame ID: 2028E1EEA66CDC482F8F0BD6F16F8D17
Requests: 2 HTTP requests in this frame

Frame: https://info.directpay.irs.gov/fp/top_fp.html;CIS3SID=72C2464500666FD7693A6DD8505028AF?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=7488ee16070a2907
Frame ID: A46EB352CC78E7A4C1B813564031FF7F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tax Refund

Detected technologies

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css
<div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

149
Requests

74 %
HTTPS

67 %
IPv6

9
Domains

13
Subdomains

13
IPs

4
Countries

1343 kB
Transfer

5244 kB
Size

21
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://directpay.irs.gov/directpay/paymentManager?execution=e2s1#content
Title: Skip Navigation

Search URL Search Domain Scan URL

URL: http://www.irs.gov/

Search URL Search Domain Scan URL

URL: http://www.irs.gov/Payments/Direct-Pay-Help
Title: Need help?

Search URL Search Domain Scan URL

URL: https://directpay.irs.gov/directpay/privacyPolicy
Title: Acceptable Use and Privacy Policy

Search URL Search Domain Scan URL

URL: https://directpay.irs.gov/directpay/privacyNotice
Title: Privacy Notice

Search URL Search Domain Scan URL

URL: https://directpay.irs.gov/directpay/accessibility
Title: Accessibility

Search URL Search Domain Scan URL

URL: https://directpay.irs.gov/directpay/leavesite?id=1
Title: USA.gov

Search URL Search Domain Scan URL

URL: https://directpay.irs.gov/directpay/leavesite?id=2
Title: Treasury.gov

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 45

https://mc.yandex.ru/watch/94750391?wmode=7&page-url=https%3A%2F%2Firs.taxserv1.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiudghr9l27%3Afp%3A334%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A903254737587%3Ahid%3A296023496%3Az%3A120%3Ai%3A20230828165933%3Aet%3A1693234773%3Ac%3A1%3Arn%3A1000750135%3Arqn%3A1%3Au%3A1693234773705316338%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A23%2C54%2C75%2C1%2C0%2C0%2C%2C186%2C0%2C%2C%2C%2C340%3Aco%3A0%3Acpf%3A1%3Ans%3A1693234772483%3Arqnl%3A1%3Ast%3A1693234773%3At%3ATax%20Refund&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(1) HTTP 302
https://mc.yandex.ru/watch/94750391/1?wmode=7&page-url=https%3A%2F%2Firs.taxserv1.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiudghr9l27%3Afp%3A334%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A903254737587%3Ahid%3A296023496%3Az%3A120%3Ai%3A20230828165933%3Aet%3A1693234773%3Ac%3A1%3Arn%3A1000750135%3Arqn%3A1%3Au%3A1693234773705316338%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A23%2C54%2C75%2C1%2C0%2C0%2C%2C186%2C0%2C%2C%2C%2C340%3Aco%3A0%3Acpf%3A1%3Ans%3A1693234772483%3Arqnl%3A1%3Ast%3A1693234773%3At%3ATax%20Refund&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1

Request Chain 78

https://h.online-metrix.net/fp/clear.png?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=d50814759e5d6d09&gttl=155520000 HTTP 302
https://h.online-metrix.net/fp/clear.png?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=d50814759e5d6d09&k=2

149 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
irs.taxserv1.com/ 64 KB
14 KB 152ms
75ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irs.taxserv1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 268102000f5073690e61d4a9b08db156dc4aa4d37ed2086b7777bb1e946a3bc5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fdd6b308b03694c-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 28 Aug 2023 14:59:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U23pBi6uG1kRRGtUQ1J75kHeC8s296NQvD%2F6QAz64Y1aPKmqRJtmRxaq4InaP%2FAjqukmcWakGf1K0wmQIzwXM15cHF5Ve7G5nFioRKGchJ%2FrPJ8%2BUlB0e5XSPD3ci0912k7kvP6EKz4gvRQyBCoE"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 ec.js Show response
irs.taxserv1.com/check_files/ 3 KB
2 KB 45ms
44ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irs.taxserv1.com/check_files/ec.js
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 07 Aug 2023 10:52:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 562
etag: W/"adb-602530ca5d680-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4xyBJbX7hcorhknYX5s6Jruc%2FjrjPg%2FiN%2F6ABMJSfUsLe8nKErOJxuF2qaYzjP5JmRwn7Osxy77C2RM7%2BUThY5467BQf5z6gYb%2BG4Q9TNdnW4j0f1Mu8dMiZUryWLSasnoxANK8ssovtb1BFoW8A"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7fdd6b311ba6694c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 linkid.js Show response
irs.taxserv1.com/check_files/ 2 KB
1 KB 31ms
31ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irs.taxserv1.com/check_files/linkid.js
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 07 Aug 2023 10:52:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 562
etag: W/"621-602530ca5d680-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=92nBQ2EiLkBckTK7XYGUX7uObA92x6Mh1EzLpqEZs4XyGcU0iWHkosskxMjPVV6nE%2BHzN5m8yN20BpW122fN3Q0PmXlVNC3ZgoLofaYTTLD8EDJ%2BKcHdI7AtUkM80TlBV21yveeD%2BmZmEomCiCwT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7fdd6b311ba7694c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 js Show response
irs.taxserv1.com/check_files/ 227 KB
227 KB 93ms
92ms Script
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irs.taxserv1.com/check_files/js
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0983d3d4e5026eed7f446fc908b57f81be0a4eeabe9259dc43ac11bd86bacc81

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:32 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 07 Aug 2023 10:52:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"38b5f-602530ca5d680-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nagzUFpp6Mde682liCOYmHXEDTKYmSs0s8YNvwSlNIS5ArG1Y3pnEVbKdB4wrTCaWSPWmEdx%2ByJkdAZHKk4WlNcOv%2BJqNoBwYUWQEvPsJ7NGJKji%2FTisSdSXr%2B6bMkpHrTCtW6snWEsp1%2FGn4IlT"}],"group":"cf-nel","max_age":604800}
cf-ray: 7fdd6b31ee3303ec-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 inpage_linkid.js Show response
irs.taxserv1.com/check_files/ 1 KB
1 KB 77ms
74ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irs.taxserv1.com/check_files/inpage_linkid.js
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 989a73eb9e9faa5bcf87eb500ba218549b0b1ef37dc53d9ac948b33010bd78da

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 07 Aug 2023 10:52:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"491-602530ca5d680-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uNhPzzS9Nv3vupVG4ETYKOpdXJuk0gzunwHMIw%2FS1ejNWhI589oULF1ZTIknvI4cfAiXDQjdUliiTlUEUHbQ3bp%2FkWqUqi9X%2B5cvAYi5%2B95ffrAPkXUSXXhcxpOoeZ7mGNjgqAcI7%2F%2Ftlt%2BiqjqR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7fdd6b31fe3a03ec-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 gtm.js Show response
irs.taxserv1.com/check_files/ 170 KB
60 KB 157ms
154ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irs.taxserv1.com/check_files/gtm.js
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cbf260bac255e21bbbb374a973276526f62273e4d435579998cfda0721d050bb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 07 Aug 2023 10:52:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2a6a6-602530cb518c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hVV9sOqE2oGeEnxUNFjQDuoA%2Fr89SESWqiH3MtFKLMe1vQaz5tvhLLj4jxiPJI62DYH0wJHS1hY3mu1gbmiP%2FK8Qb7TQYi%2BCcBN2gE7TTu3qACqgcmyOI%2B4DJIEMs%2B4jyafnlfZSxBWO0IcXx7PR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7fdd6b31fe3c03ec-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ga.js Show response
irs.taxserv1.com/check_files/ 45 KB
18 KB 160ms
156ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irs.taxserv1.com/check_files/ga.js
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 07 Aug 2023 10:52:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"b4c2-602530cb518c0-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VW2LkzuXvanaXcqGLK2mQuezCcJ2j5yVyh9qantJNJfQpQ8DZpqqaerHBLnQ1PT3o69PCAqcolOESocKLgIWjskZXBO1%2F9eCbqOK%2BojtjvqIIPtYy3o4Rb2Zhbzqrn3Xj7exWq7hMmRPMmSDuH6E"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7fdd6b31fe3d03ec-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 tags.js Show response
irs.taxserv1.com/check_files/ 94 KB
12 KB 32ms
31ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irs.taxserv1.com/check_files/tags.js
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a630d609ed1e7d3b47dfbb9f07f81c73be69dbc35b019d28c0d4cd218525b020

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 07 Aug 2023 10:53:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 562
etag: W/"178c0-602530cc45b00-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QhTlG2kmBBW11BNs2ymW7weVfSZjC1u4KWTogxyd6zX7Pa7tH7%2FKrNJce5NI%2BbXBJpRUuUWJpNxhJzqh9VrdP2idAY87%2BktIz6dX5uzsxkBNXKxrtD0mQP6U16%2FlmLJsQ5h6wONCOIrJ42rjfPzf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7fdd6b311ba8694c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 foundation6.min.css
irs.taxserv1.com/check_files/ 41 KB
9 KB 37ms
36ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irs.taxserv1.com/check_files/foundation6.min.css
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09c349050558ce0eb84f8f6f605ee4c027e4c921a16f028de1b82fafd90bc0c8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 07 Aug 2023 10:53:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 562
etag: W/"a528-602530cc45b00-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6I00D9RGA3%2FfbV5pfPGAs%2FP50lS1Ou8SDvlwOT6wS6hOCdbpWD%2BHcEVTcOjcPJON97DsOMCxv08ETzUD1pUAgNGfqJ%2BrKZpByoJR2WF%2FKTI0HXALME9zMWy5jd7Td54hhUN1Jv%2BpDurTCe0WP9Ti"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7fdd6b311bab694c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 all_directpay_8.15.0.css
irs.taxserv1.com/check_files/ 41 KB
9 KB 35ms
34ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irs.taxserv1.com/check_files/all_directpay_8.15.0.css
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7fcb2a42d3af9934615fac75469340624e23fbdc2bf745fb310bc897af23bf73

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 07 Aug 2023 10:53:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 562
etag: W/"a3b0-602530cc45b00-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJ5Rl4K%2BMKRu1HE4jT0r0cQZbMSQ7fcBFocgFDa5MVDQmYxZ%2FPUHpsc8maIS8feCEUTuKeXynpUmxwo1E4LibZvLVJYApEoF8rA0WYGRdKzWEuYBPVzdK5rl4sPcWzd5Mi6oM1l6OgtmkJpCJGNd"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 7fdd6b311bad694c-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 all_guestpayment_8.15.0.js Show response
irs.taxserv1.com/check_files/ 719 KB
157 KB 44ms
43ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irs.taxserv1.com/check_files/all_guestpayment_8.15.0.js
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e1ebe50b3074554dc008d25c77c6cc8376ac7dbfe0d25b3c53804d4360b1869

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:32 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 07 Aug 2023 13:32:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 562
etag: W/"b3c4c-602554677dc80-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KYICi5W3pWAr8Ko2NxmsWLaeeC7mjIFVKShk4ZExUHBV9T3qGYSDJhxamq83QJkoc073gnZp3GM7pOBUEylhFSn%2FOgzXao8HUtaWvk%2BO5cmzALWLXDIgq0oqO5ZvMiFeAFZqdWj1BGYo0hGySIE6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7fdd6b311baf694c-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 analytics.js Show response
irs.taxserv1.com/check_files/ 52 KB
22 KB 167ms
164ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irs.taxserv1.com/check_files/analytics.js
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 07 Aug 2023 10:53:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ceb4-602530cc45b00-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2B%2FGQ%2F000HTLnvfRuG8QgG0CZEHKWyPsgeI4e%2BybNMk%2B9K3vswjunFtUDuAzWfet6zReXUBVkQwqV%2FZXpygg%2BX7brW9eXVyv8Wfm41Rw3h87tvAX9n1kLN5hKS%2BmRCcIfLwgp1QFgSvePirDIp5J"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7fdd6b31fe3e03ec-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 irs_logo.svg
irs.taxserv1.com/check_files/ 7 KB
4 KB 72ms
69ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://irs.taxserv1.com/check_files/irs_logo.svg
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59481b296926f37d85b305c82875a411f50b19f597f8e9eba5f8fbd9443d013d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 07 Aug 2023 10:53:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1d6e-602530cc45b00-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LWFffu2KHyPdBF9jpMs6xK2ElMiNr2OvYqq3%2B6HyqzSLospnNcbqu8tnCpk29vO5%2BRSOzp2isyViLCMn0hEZtwzIukTQo6z5VbldRsfotmtSRpo8upGFtw05f7yvqN4uAGuAxAtSxgm8DT%2BIllmY"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7fdd6b31fe3f03ec-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 spinner_sm_030415.gif
irs.taxserv1.com/check_files/ 3 KB
4 KB 77ms
74ms Image
image/gif 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://irs.taxserv1.com/check_files/spinner_sm_030415.gif
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6128a3c98719237d52c85ca4ba81aea1400d356b9829839e53e84286741c915

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:32 GMT
cf-cache-status: MISS
last-modified: Mon, 07 Aug 2023 10:53:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "d64-602530cc45b00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B8YIby%2F%2BZP75xK6fTAuFUY5EgvfOFWGLlh7B8eBvR%2FMlnkKtCVpeqJJXxIvj1aaWGzzibrtAQxytCBv05JdpzPkL7NKDz%2FLEqAsI39QePUXZWX0J5uXXr56XfMmNPZ%2Frea0XhoABHAKCjNYT9GfS"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fdd6b31fe4003ec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 3428

GET
H3 200 all_paymentlookup_8.15.0.js Show response
irs.taxserv1.com/check_files/ 11 KB
4 KB 75ms
70ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irs.taxserv1.com/check_files/all_paymentlookup_8.15.0.js
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0dfb08f59893dd8acaa2fe824dd2fc333a42d9d58bad3b052d992b4ceab37f9c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 07 Aug 2023 10:53:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2c52-602530cc45b00-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HRWb77XsbOpgKX0gh15XITfOPTS1tUmfyXNOfSozbej2aXMEXxxx6ZvMEFGjgAgzcosz9pz1fo7STyLzbXQ43CmpQqPpwbRA1OukWzJ%2FfzPRGJChXncgw%2Fvcc7BTzEyRq%2BEX0fHKaxL8g0ZInRXj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7fdd6b317db103ec-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 icon_x.svg
irs.taxserv1.com/check_files/ 779 B
925 B 79ms
75ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://irs.taxserv1.com/check_files/icon_x.svg
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41a0e405588336d83dd730d44cf5a2f433485f2eb02e168d3a1b1b9844e55c16

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 07 Aug 2023 10:53:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"30b-602530cc45b00-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FNFHnNTR3mjOKp3aCgKRUKBRaCaD9V0Yg5NXYqR12DHnXtxsSScYsEtsj2%2B1b0t0C2nL5O7nQdlTazYADEW8Mwcge24zDOaDSIS3RChcmthI27Ks58FRkr7arhV%2BJ6c0EgXLJGSAOX4XUXfhRcUy"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
cf-ray: 7fdd6b31fe4203ec-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 embed.js Show response
irs.taxserv1.com/check_files/ 1 KB
941 B 72ms
69ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irs.taxserv1.com/check_files/embed.js
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9c2e6760945e3d076f3ad6e778ce24e8b0707eef93a59d12de67e61d469c52d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 07 Aug 2023 10:53:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"450-602530cd39d40-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6hx2BRqgfmyLSqBNCedpNBTgclAaMEdsDA0U8OiOdaTOGE0%2BwIOPQYWvWDAGVHJkpTOanymNT5Bc1tbKQruWwDoXs5DgfxE%2Fu%2FGTNBFgthmexp6HFco8Q2X0NdJdRLCS3jqvb2JOuxRHDxf81U87"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7fdd6b31fe4303ec-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 generic1691169814255.js Show response
irs.taxserv1.com/check_files/ 390 KB
82 KB 172ms
169ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irs.taxserv1.com/check_files/generic1691169814255.js
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92e77aabcff2290be4a0cd8dca9686b0198bf670e29a6ca69f950d3b90d01471

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:32 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 07 Aug 2023 10:53:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6199f-602530cd39d40-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=94Myr%2FUm0UJ0DbvXoPkE3%2BLQXXgHU6Yky8z9ObMlHE2BosVoXmlbOuf8uj28G6qEpG6UTWX72bj%2F8fMb%2FyFhymgryT64pWzDfVOdPF0JiIdt1O0hGrY8is8DfOwpkEYD%2BJImAU4XKAgnZZOhNyMV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7fdd6b31fe4503ec-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.loading.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-easy-loading/1.3.0/ 3 KB
2 KB 75ms
30ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-easy-loading/1.3.0/jquery.loading.min.js

Requested by

Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

981ab63a9bbe045c3f301626f60359b861b6ddd96b5edec8277fc571e1d3d1ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://irs.taxserv1.com
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:32 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1154623
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1112
last-modified: Thu, 22 Jun 2023 11:06:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1a-458"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zch2jaB2o4ibGo7BNNAyX5nbPlwZbZ19e8eb58vrmbLuT6w0Y9Ae1UsDZ1O03THxuJa6FloGNWbKHqiLrAtgdgMsJ5vPeHePCIa8yCh4CAEBSEjCSumOZvXWLCxOTcA%2BjDfqBtjVmy9dCZol4aginlYM"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fdd6b31ee5b362a-FRA
expires: Sat, 17 Aug 2024 14:59:32 GMT

GET
H3 404 bgBody.png
irs.taxserv1.com/img/ 262 B
262 B 69ms
69ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://irs.taxserv1.com/img/bgBody.png
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/all_directpay_8.15.0.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a33e9f5440e70bb8309176f8753cb1ca6eacf399fadb3f7a43af61a79ad361c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/check_files/all_directpay_8.15.0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:32 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yrG%2BOrWkm3ZChBRAJnLd5VaTB7HiCHn6VoNYVQkJBjM5a64OCXEqQdeE3xNTym5FctCzOQkB3PgdvhMLPDH0ExcLVveWBVUH54DLFWePeIpAys88jvFDd4eUFq08Oi4IBb2VXXpf5KloWS9brovr"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 7fdd6b31ade003ec-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 109ms
29ms Script
text/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 28 Aug 2023 13:19:59 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5973
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Mon, 28 Aug 2023 15:19:59 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 172 KB
61 KB 100ms
46ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TV6CZG

Requested by

Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

63a7d1249ffbd7b264b5e862e321f3aae03760f9d3066dd180fb108fe822bee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61823
x-xss-protection: 0
last-modified: Mon, 28 Aug 2023 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 28 Aug 2023 14:59:32 GMT

GET
H3 404 arrow_right.svg
irs.taxserv1.com/img/ 262 B
262 B 67ms
66ms Image
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://irs.taxserv1.com/img/arrow_right.svg
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/all_directpay_8.15.0.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a33e9f5440e70bb8309176f8753cb1ca6eacf399fadb3f7a43af61a79ad361c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/check_files/all_directpay_8.15.0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:32 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2qU0LAHo3CTL2K5Orn7zBm4c%2BfCCCvjYITcQFGkaUWXz8kG4QWba1cvq6o7JMKvLO8QagXQPAJEWSF9Jc24TmUlVJvd%2FHMsWUXDS3sxygt9iEw8Je8cOrd93BGoQtuRLeGnkZvKNaPw1yR1carzJ"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 7fdd6b31fe4603ec-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 saved_resource.html Show response
irs.taxserv1.com/check_files/ Frame BAEF 2 KB
1 KB 140ms
139ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irs.taxserv1.com/check_files/saved_resource.html
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e212c6a9e1ebc5763832310329f7e856cd9919605ed81b9ef8c7d1f17b4437e

Request headers

Referer: https://irs.taxserv1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fdd6b322e7e03ec-FRA
content-encoding: br
content-type: text/html
date: Mon, 28 Aug 2023 14:59:32 GMT
last-modified: Mon, 07 Aug 2023 10:53:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5T%2FnLB6pyb0ETPUxGXaeswn8wJkBQatmPBXVHi6iSKFf5FoKiOD%2FvkUYjuYYy0oadgUWJiv9GW%2BsY1uOkVxNlBv3AyvvcviCOdQsFpfl8JTUuLhv32WBT%2Bi%2FcYNAPIoR0nABV2RXBGR5baT9MvAy"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 HP.html Show response
irs.taxserv1.com/check_files/ Frame AB3B 22 KB
8 KB 141ms
141ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irs.taxserv1.com/check_files/HP.html
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b3a06ea97775687ba13785d739674d655bb8220443fdf159267ff7defc761ef

Request headers

Referer: https://irs.taxserv1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fdd6b322e8603ec-FRA
content-encoding: br
content-type: text/html
date: Mon, 28 Aug 2023 14:59:32 GMT
last-modified: Mon, 07 Aug 2023 10:53:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHTEz7HOriy1klBxypO%2FK6nQCxahcwAmWB6NkGXPLg5mpPnZRqnFTeovggjZAJBl0bxUzP1JHMHRhUCPRL85zuMOM%2BpZhCyq8%2B7hoMvje7zgEaOQsc4waIhptyQnSc4U758ykFssggoJdrpTf6mB"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 216 KB
74 KB 250ms
125ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

7b142db4a05d3e2cb0649a4a2e82a4d4b360469725d5a1f51e27b0d5ff1b5700

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 22 Aug 2023 14:02:29 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64e495c5-12752"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
timing-allow-origin: *
content-length: 75602
expires: Mon, 28 Aug 2023 15:59:32 GMT

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 49ms
48ms Image
image/gif 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=259471787&utmhn=irs.taxserv1.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=singlePaymentLookup&utmhid=296490730&utmr=-&utmp=%2F%3FgaPage%3D%255BsinglePaymentLookup%255D&utmht=1693234772909&utmac=UA-42182281-1&utmcc=__utma%3D1.234993974.1693234773.1693234773.1693234773.1%3B%2B__utmz%3D1.1693234773.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1270791086&utmredir=1&utmu=qhAAAAAAAAAAAAAAAgAAAAAE~

Requested by

Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 14:59:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 232 KB
81 KB 38ms
37ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BH2P3PXCDN&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TV6CZG

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

57bfcdfe436a22ff8228329eb486927050aea8430b1072df29b09706d85a5890

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82765
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 28 Aug 2023 14:59:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 72ms
19ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 28 Aug 2023 13:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4509
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 28 Aug 2023 15:44:23 GMT

GET
H3 200 clear.png Show response
irs.taxserv1.com/check_files/ Frame BAEF 0
462 B 74ms
73ms Script
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irs.taxserv1.com/check_files/clear.png
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/saved_resource.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/check_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:33 GMT
cf-cache-status: MISS
last-modified: Mon, 07 Aug 2023 10:53:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "0-602530cd39d40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43UJEg%2FbVYetH4zgaymTflyADWdgq48xOsr%2Bs9MN6TwG%2FmGlXdtxoWNF0N3ZT9f5o9iDEVCNE%2BDdCHLH%2BTxgrYOEB8eB3iN14qvS%2BXUk%2Bsad5kPwLM%2FZT6TKxPYFlOz%2FhGcsiJoOXzD7qusAd%2ByX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fdd6b332fbe03ec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 clear(1).png Show response
irs.taxserv1.com/check_files/ Frame BAEF 0
451 B 67ms
66ms Script
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irs.taxserv1.com/check_files/clear(1).png
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/saved_resource.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/check_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:33 GMT
cf-cache-status: MISS
last-modified: Mon, 07 Aug 2023 10:53:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "0-602530cd39d40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DjHI3H2mOGsFa3FVsWvEnv4nNN2VNclYC8m2yXUaCr%2FgiBkw1Bl45qxiTEbSxaUjJFnpbfwXvaydoyT%2FsXMCu8CxotO6Xh6%2BhId2Eid7GoQFlJRG7fE6WVW0WQwym5CQ9NaBdEr18fiLGG4R3DXK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fdd6b332fbf03ec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 clear(2).png
irs.taxserv1.com/check_files/ Frame BAEF 81 B
544 B 76ms
75ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://irs.taxserv1.com/check_files/clear(2).png
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/saved_resource.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/check_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:33 GMT
cf-cache-status: MISS
last-modified: Mon, 07 Aug 2023 10:53:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "51-602530ce2df80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JK8vw9c%2BE8tNPduUlXi%2BioNLEYBurwu9P5%2Bu7cAHGO4q6mvzDgzokyUi3jxM6pLy32rXJPlzHtlkjZxwTYqwkXPq2jYRhINllS7o93FYvvCUaZmMXS%2BgRYHQx8e5Ds08uf60acUvLnw8uEqkZMvs"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fdd6b33c8a103ec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 81

GET
H3 200 clear(3).png Show response
irs.taxserv1.com/check_files/ Frame BAEF 0
455 B 75ms
74ms Script
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irs.taxserv1.com/check_files/clear(3).png
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/saved_resource.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/check_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:33 GMT
cf-cache-status: MISS
last-modified: Mon, 07 Aug 2023 10:53:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "0-602530ce2df80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2BmHeg0HF00YV5Q1aEXy%2Fg0w3c4%2FmFoEgeDZfWTKgLo%2BZ96PwQIbqoXELzWztbMPm74WO7iJCEM2lwo8nqPIQfwb2C6UbLRlAq7%2BrAV%2Feuh2yToT5HdSdCugVueJVUHxXUSuN4aWO0N5wCIWktU2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fdd6b33986003ec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 clear3.png Show response
irs.taxserv1.com/check_files/ Frame BAEF 0
453 B 64ms
64ms Script
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irs.taxserv1.com/check_files/clear3.png
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/saved_resource.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/check_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:33 GMT
cf-cache-status: MISS
last-modified: Mon, 07 Aug 2023 10:53:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "0-602530ce2df80"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zbbS7BGM3Z6%2B7bFYaMU%2F3ukcC7mnC%2F78I4bboAEWnpyV8i9pWt4f1LoqB1m6sm1nZsv1Ka4lmM9NcX4GBjZ6tuogWD%2B1kvrXZOP3Me3NocHpN%2FUp7xoXgauEZamrTHhK%2FnlOKhsDktSk4AsvwTfd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fdd6b33a86903ec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 clear1(1).png
irs.taxserv1.com/check_files/ Frame BAEF 0
453 B 65ms
63ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://irs.taxserv1.com/check_files/clear1(1).png
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/saved_resource.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/check_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:33 GMT
cf-cache-status: MISS
last-modified: Mon, 07 Aug 2023 10:53:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "0-602530cf221c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8MEG8pJ2dlSVNMMtF0hCa2Qm8a%2Bxmnhx%2FRaVXmmPQ%2BX810z2zEiOnmH8KYcLTYETMv7NQpskIQttm%2BhPFbeGzvdbd%2BdxhLPMtYsaGYPA3AxUk4SzDGOd6xn3n0XYoffZJFcfEfkEW4ydeSRkJs69"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fdd6b33c8a203ec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 clear(4).png Show response
irs.taxserv1.com/check_files/ Frame BAEF 0
451 B 75ms
74ms Script
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irs.taxserv1.com/check_files/clear(4).png
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/saved_resource.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/check_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:33 GMT
cf-cache-status: MISS
last-modified: Mon, 07 Aug 2023 10:53:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "0-602530cf221c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Et1f13eAm5bZ5VRi8JlMPtU7PLWL3cSpPPiz6CFZq91EEB%2FJqIAoVEILRZHF7m2VSfd95dgo42JMFDItFXpg4gKk%2Bk2HKQ45Osg0dNF%2B7LgfYaFvqiJ3aYLxnIJmwlkvLEswUgjy1BVjQs9aWHVG"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fdd6b33c89203ec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 clear(5).png Show response
irs.taxserv1.com/check_files/ Frame BAEF 0
448 B 67ms
65ms Script
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irs.taxserv1.com/check_files/clear(5).png
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/saved_resource.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/check_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:33 GMT
cf-cache-status: MISS
last-modified: Mon, 07 Aug 2023 10:53:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "0-602530cf221c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MWClw90xfqdfSSe0QrgZAEgOSmKy53Spp09jTQvya8qJ7WioLzEmUKC66kgykhIskuLTrHNUYE3AgSUxIALoQziG%2BtSWvtdOmCCxJeADGWUtcAILhlmoaLg1gvmuW5W8HdZdpOLDfg72eNOFyJR0"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fdd6b33c89603ec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 clear3(1).png Show response
irs.taxserv1.com/check_files/ Frame BAEF 0
453 B 78ms
76ms Script
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irs.taxserv1.com/check_files/clear3(1).png
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/saved_resource.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/check_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:33 GMT
cf-cache-status: MISS
last-modified: Mon, 07 Aug 2023 10:53:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "0-602530cf221c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zVv%2BS0hhZgpixTBtSvBxXMIJSe6hviqjaQQywBAShJb4oD3nDF8nrUm9IIYzlv%2BGnrf%2FSKleNLzSzu2lx72sW%2BfODF7kYJ5bwpYAs4i3Qo1iqZbtJcWuRU7eW1bN6ethiyZ4O%2FGQSnK54UPqsJbz"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fdd6b33c89a03ec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 clear3(2).png Show response
irs.taxserv1.com/check_files/ Frame BAEF 0
451 B 79ms
77ms Script
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irs.taxserv1.com/check_files/clear3(2).png
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/saved_resource.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/check_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:33 GMT
cf-cache-status: MISS
last-modified: Mon, 07 Aug 2023 10:53:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "0-602530cf221c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1VOXzg7U%2BbIMUQJnO9krzJuJb2LwVSqcRlUBWe276cOJ0pOAlYn8%2Btxw4XAGRcDJvqKUlCwqCWRQEhaSoS6YhPyouOiWgl2Zqgt652uHQdIrmw8GCTyjVs5f2%2FJt7DGiHu5scZeWBvgpzeoTkCP"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fdd6b33c89c03ec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 clear3(3).png Show response
irs.taxserv1.com/check_files/ Frame BAEF 0
446 B 71ms
69ms Script
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irs.taxserv1.com/check_files/clear3(3).png
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/saved_resource.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/check_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:33 GMT
cf-cache-status: MISS
last-modified: Mon, 07 Aug 2023 10:53:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "0-602530cf221c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1gtrv41kPuuTmyaHqVy3wPNAkLPKosIAB3YgVdvXMuWD8RW338FpJHKYUui1qa9rsix1Q3WOj0vH3WnnPydURsrCu8sGPn2W6Sf5mBJUvXocbBe4tHGn6WjHeql317Fhhqh%2F29AJapVtbHd6DJ2t"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fdd6b33c89d03ec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 clear(6).png
irs.taxserv1.com/check_files/ Frame BAEF 81 B
541 B 75ms
74ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://irs.taxserv1.com/check_files/clear(6).png
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/saved_resource.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/check_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:33 GMT
cf-cache-status: MISS
last-modified: Mon, 07 Aug 2023 10:53:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "51-602530d016400"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pg4hVpfd8UqpCMY4U6%2BrxNqdFfeYUBN1Pl5sROA%2F84qTlxmR09PM3mKSNwsukQlnPkvP35PHr9dXwrA763zvicnhXvhtXOyhzwxMpdyWiwi%2BwTDIvUy8UVx8LQB6PyrfmefRwse99tY3qVZ0ct5P"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fdd6b33c8a303ec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 81

GET
H3 200 check.js Show response
irs.taxserv1.com/check_files/ Frame BAEF 334 KB
59 KB 133ms
131ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irs.taxserv1.com/check_files/check.js
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/saved_resource.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38490a4da6ac2cf6bae835c17df8c7598b869875b4702d5217c1679cca5afb3a

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/check_files/saved_resource.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:33 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 07 Aug 2023 10:53:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"539bb-602530d016400-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JkePw6czM7iUG0u1IdmzyjXQAYmJ0zylLiG76I2uuSfsseXj0dH7c96XQocgCNFxJn%2FCQc5GkUH4AmEKtwSPUKOT07dYC59%2B1hTfucC9JjhLlHLvqP%2Bo%2F1qfjp%2FtF2muDcFXg9G4KYUEEDGWqsdH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7fdd6b33c89f03ec-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 check(1).js Show response
irs.taxserv1.com/check_files/ Frame AB3B 208 KB
29 KB 102ms
100ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irs.taxserv1.com/check_files/check(1).js
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/HP.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5b933f941205b4184e70eba88803ee586c876433cd6e27f95c69ac987eacfb8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/check_files/HP.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:33 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 07 Aug 2023 10:53:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"34081-602530d10a640-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tze3qKTFBpduwjVSxhD8IWViYkRyA1OdJkb8rQh929m6hMXbgAqnZH1K%2FZzbSC2SMssWTgTfPnNKAWhJ0p7fpMdjHqSl488ZzpmlYgbC%2FzUM4rliSz1l9aMkcfmP4eudh2%2B5bUIuUyi0cya44osc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 7fdd6b332fc903ec-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 ARF Show response
irs.taxserv1.com/check_files/ Frame AB3B 35 B
469 B 63ms
61ms Script
text/plain 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irs.taxserv1.com/check_files/ARF
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/HP.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18f2f2901672ec694e98fa40ab95eb48b9c8fbcc10c88c2278cf51681fce7127

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/check_files/HP.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:33 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 07 Aug 2023 10:53:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "23-602530d10a640"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nt1Cqj8U1qOJCPsf9rr44zhrOmFNc4l6fQq2rB7OAxDrcp0w4m541z%2BGYXYAld5RmSWvGpB7d%2F7UhZt6Sc0OhPgBg6P6hsZ4mEjKZLf9O0GN4WUnFBK%2Foa3c%2FbsyNuDlR8sdeUqW5QWe6kP%2FOp8l"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 7fdd6b332fce03ec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 35

POST
H2 204 collect
region1.google-analytics.com/g/ 0
245 B 50ms
18ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-BH2P3PXCDN&gtm=45je3820&_p=296490730&cid=707347912.1693234773&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693234772&sct=1&seg=0&dl=https%3A%2F%2Firs.taxserv1.com%2F&dt=Tax%20Refund&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 14:59:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://irs.taxserv1.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
162 B 67ms
66ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:33 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 22 Aug 2023 14:02:29 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "64e495c5-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Mon, 28 Aug 2023 15:59:33 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/94750391/
Redirect Chain

https://mc.yandex.ru/watch/94750391?wmode=7&page-url=https%3A%2F%2Firs.taxserv1.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiudghr9l27%3Afp%3A334%3Afu%3A0%3Aen%3Autf...
https://mc.yandex.ru/watch/94750391/1?wmode=7&page-url=https%3A%2F%2Firs.taxserv1.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiudghr9l27%3Afp%3A334%3Afu%3A0%3Aen%3Au...

435 B
518 B

64ms
64ms

Fetch
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/94750391/1?wmode=7&page-url=https%3A%2F%2Firs.taxserv1.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiudghr9l27%3Afp%3A334%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A903254737587%3Ahid%3A296023496%3Az%3A120%3Ai%3A20230828165933%3Aet%3A1693234773%3Ac%3A1%3Arn%3A1000750135%3Arqn%3A1%3Au%3A1693234773705316338%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A23%2C54%2C75%2C1%2C0%2C0%2C%2C186%2C0%2C%2C%2C%2C340%3Aco%3A0%3Acpf%3A1%3Ans%3A1693234772483%3Arqnl%3A1%3Ast%3A1693234773%3At%3ATax%20Refund&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1

Requested by

Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

cabcbfa75efbc9230a0037ac6a015b139fd35950fdbd59e3024bf7954a48638d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 14:59:33 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 28-Aug-2023 14:59:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://irs.taxserv1.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Mon, 28-Aug-2023 14:59:33 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Aug 2023 14:59:33 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 28-Aug-2023 14:59:33 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/94750391/1?wmode=7&page-url=https%3A%2F%2Firs.taxserv1.com%2F&charset=utf-8&uah=chm%0A%3F0&browser-info=pv%3A1%3Avf%3Aeygqx1x5sixaiiudghr9l27%3Afp%3A334%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A1093%3Acn%3A1%3Adp%3A0%3Als%3A903254737587%3Ahid%3A296023496%3Az%3A120%3Ai%3A20230828165933%3Aet%3A1693234773%3Ac%3A1%3Arn%3A1000750135%3Arqn%3A1%3Au%3A1693234773705316338%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A23%2C54%2C75%2C1%2C0%2C0%2C%2C186%2C0%2C%2C%2C%2C340%3Aco%3A0%3Acpf%3A1%3Ans%3A1693234772483%3Arqnl%3A1%3Ast%3A1693234773%3At%3ATax%20Refund&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%281%29&redirnss=1
access-control-allow-origin: https://irs.taxserv1.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 28-Aug-2023 14:59:33 GMT

GET
H/1.1 200
OK clear.png
info.directpay.irs.gov/fp/ Frame BAEF 81 B
475 B 965ms
160ms Image
image/png 192.225.157.196
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.directpay.irs.gov/fp/clear.png?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=d50814759e5d6d09&ck=0&m=1

Requested by

Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/saved_resource.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.196 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 14:59:34 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 ls_fp.html Show response
irs.taxserv1.com/check_files/ Frame 0362 90 KB
14 KB 71ms
71ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irs.taxserv1.com/check_files/ls_fp.html
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/saved_resource.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56551fdf18226201a072c40d241b7d4a1cd314331974c1f7a97af6ceb386436f

Request headers

Referer: https://irs.taxserv1.com/check_files/saved_resource.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fdd6b34b9e103ec-FRA
content-encoding: br
content-type: text/html
date: Mon, 28 Aug 2023 14:59:33 GMT
last-modified: Mon, 07 Aug 2023 10:53:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7wfa%2BfcrLojYXo4p4wrTp1W0N5NCQNTCiZYcuNtYutkHwgSYjyCKmYumhKnYtY0le2JK6WXB9qug%2FvD3E48%2FS0bl01w%2FTeGtlp8nKlspaTq%2BwqTRD1JDMQiEaun2m%2FgcTqMV9bnezMXtUAf0QF1a"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 sid_fp.html Show response
irs.taxserv1.com/check_files/ Frame FAB8 103 KB
15 KB 75ms
74ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irs.taxserv1.com/check_files/sid_fp.html
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/saved_resource.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a669be2f9c08962e3220e1b746277ed0ccbbfd03334a1f01fcdec86aa89b423

Request headers

Referer: https://irs.taxserv1.com/check_files/saved_resource.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fdd6b34b9e203ec-FRA
content-encoding: br
content-type: text/html
date: Mon, 28 Aug 2023 14:59:33 GMT
last-modified: Mon, 07 Aug 2023 10:53:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nkZW0OQ4JBDThvirIB0wdZ98SU5u1rkdugsUjFOgU%2FlB7Ues2Nky59dDy3uvSkRTKEVJu3YCFHIVpbl0e%2FSV4fT%2BXf84WcGdlOfQ9CLVdMi5IyqrnpAuVZWAD0%2F3C0IdD8Necc%2B9RxpJzB4XvKLW"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H3 200 top_fp.html Show response
irs.taxserv1.com/check_files/ Frame A61F 90 KB
13 KB 68ms
68ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irs.taxserv1.com/check_files/top_fp.html
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/saved_resource.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46085f5956a67773b659f5527032cd73c05c5a9d988ace30f82b07a47e6314ac

Request headers

Referer: https://irs.taxserv1.com/check_files/saved_resource.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7fdd6b34b9e303ec-FRA
content-encoding: br
content-type: text/html
date: Mon, 28 Aug 2023 14:59:33 GMT
last-modified: Mon, 07 Aug 2023 10:53:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zaoKqsjOSURoD3hoYwGE3p33wErKyMu3aWooTxqvnn6pnPUS6dqOAl1lEIHhZLgT6b9%2BG7a8NaWowc0jZadgt4v8ZEeRcrOK%2BCTTjuOcyMNA1wa4MQJ68jkGX3aDLKsfnKpyZoyevzbl8ejE7AK4"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 204
204 ARF;CIS3SID=87098F8A056B78B593C2EFB0261BCCA4 Show response
info.directpay.irs.gov/fp/ Frame AB3B 0
407 B 787ms
163ms Script
text/javascript 192.225.157.196
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://info.directpay.irs.gov/fp/ARF;CIS3SID=87098F8A056B78B593C2EFB0261BCCA4?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=d50814759e5d6d09&pageid=99998&sera_parametere=AkUNWQlXBA0ABwxWB1UHX1FRBw9UAwcBW1AHBVUBBA9RUwddBQVUDFhSDUJFFw1QCkVFTEIRBHEcUndBASAVC1RfQ11dUVpQVxFGQQUgFQ4mBRUPdREFBVEKRhBFQQN9QQJyHQZwEVFQWABRUFEAXwUEA1oFUQZTD1BXXFQCUVgAA1RbBgMOVglVVAVSVAYAXVcWVl5aVFAEAQBUDlUEDlEMVQ1VAlMFAENfFwtUSA5dBwcJBg1VUVsAUQZXBlIABwYFAARQBw0IVARRUFwAWlxUVV1TB1UTWAwIVQZRBA1CXFkFHAURRVBYDF0PXQgfDF4NHlMJdF1LClgBEAZGBFUEBh5TW0QIbgxbAFkTQx8HVw1MVU5oVlgJWQZXB1sfAUENDQE%3D&count=0&max=0

Requested by

Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/check(1).js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.196 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 14:59:34 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 clear(7).png Show response
irs.taxserv1.com/check_files/ Frame 0362 0
451 B 70ms
69ms Script
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://irs.taxserv1.com/check_files/clear(7).png
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/ls_fp.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/check_files/ls_fp.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:33 GMT
cf-cache-status: MISS
last-modified: Mon, 07 Aug 2023 10:53:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "0-602530d10a640"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=blJD003okREFVPF5tmaeUjTLikM2rSeqx7X%2FcINnv%2Br%2BnSPDof2wd5xTdJfcvher3rwk2mbfivg5XbgnwWnbes1MAi24FyMisthgu0L%2FEvumbnHCpvI5WMoF%2FECtLmpDRnJt7kLSim4JdfoFACU3"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fdd6b359b3e03ec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 clear1.png
irs.taxserv1.com/check_files/ Frame FAB8 0
455 B 30ms
30ms Image
image/png 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://irs.taxserv1.com/check_files/clear1.png
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/sid_fp.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/check_files/sid_fp.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

date: Mon, 28 Aug 2023 14:59:33 GMT
cf-cache-status: HIT
last-modified: Mon, 07 Aug 2023 10:52:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 168
etag: "0-602530ca5d680"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vuxD7abgFiQLE56GzLJovUfTCw55FBvrNY3fTZpTGGGWfwO0gyBoTDx%2BQIxFmd1FC72D6QZyTfqs5xTdX%2BZEwz8rJ05iBJ1sznaWc0Ygsd1roBExThtPf33UJRiL1Bu0Cm%2F3bpyzw9m7Y5XBB8Ao"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7fdd6b359b4403ec-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 204
204 clear1.png;CIS3SID=A4F5A93508C42A24D5741029D3280383
h.online-metrix.net/fp/ Frame FAB8 0
401 B 53ms
14ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=A4F5A93508C42A24D5741029D3280383?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=d50814759e5d6d09&jf=363136267b69645d726c663f7464725f4a5661327b53606b7376785a6b38716524736b6457646176653f3334393332333c35373124716b665f76797067357765603a67636c736124736b665d6b65793d3b32353b313233313034303730693836363861653b64303030333234303832613034343a6167316630313031323f3033363232303834646338616366653164646961333a30313464373a383660306439616435626c34656165303635633164356c66653432313733373b303961396132343563653f61666038613067363539396c3a36633164343630606163643d6336636132653d31623b33633435666566383e37373b363a333261353264633c6635633032626b33267169665d7169673d33383634323030323537613530613c3632343560313c37613a64343b33373534623b3b623531603a3b35306533336e3538663864383962366039323137316534383f6734603633673232303032356e64613b6167613066376666636036616362396937346460303a3a316435643a6d3463326234666d32353164303533373463356d36663a3136643665366626716166723f31

Requested by

Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/sid_fp.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 14:59:33 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
info.directpay.irs.gov/fp/ Frame 0362 0
388 B 676ms
161ms Script
text/javascript 192.225.157.196
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://info.directpay.irs.gov/fp/clear.png?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=d50814759e5d6d09&jf=3136246c7b623d613933343a39616131386736363a3b373b39633832603f6164666567616b6334

Requested by

Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/ls_fp.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.196 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 14:59:34 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK check.js;CIS3SID=B3013920B835BAB967DD5A4230FDA9B8 Show response
info.directpay.irs.gov/fp/ Frame 2A0A 335 KB
60 KB 170ms
170ms Script
text/javascript 192.225.157.196
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://info.directpay.irs.gov/fp/check.js;CIS3SID=B3013920B835BAB967DD5A4230FDA9B8?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=7488ee16070a2907&jb=3739242662736f773d556b6c646f77732e68736d3f556b6c646d7773273a3031322668736a753d4168706d6f65266a736a3f436a706d6f6725303031333e

Requested by

Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/tags.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.196 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

9f0dd60c7aa8869201f7998df6d4901a59151a79cce43515042964cbd4312b10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 14:59:34 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
tmx-nonce: 7488ee16070a2907
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
info.directpay.irs.gov/fp/ Frame 2A0A 81 B
474 B 160ms
160ms Image
image/png 192.225.157.196
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.directpay.irs.gov/fp/clear.png?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=7488ee16070a2907&ck=0&m=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.196 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 14:59:34 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK clear.png
info.directpay.irs.gov/fp/ Frame 2A0A 81 B
474 B 161ms
160ms Image
image/png 192.225.157.196
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.directpay.irs.gov/fp/clear.png?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=7488ee16070a2907&ck=0&m=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.196 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 14:59:34 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 generic1691169814255.js Show response
resources.digital-cloud-gov.medallia.com/wdcgov/20103/onsite/ 390 KB
84 KB 94ms
21ms Script
application/javascript 23.60.201.14
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.digital-cloud-gov.medallia.com/wdcgov/20103/onsite/generic1691169814255.js
Requested by: Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/embed.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.60.201.14 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-60-201-14.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 92e77aabcff2290be4a0cd8dca9686b0198bf670e29a6ca69f950d3b90d01471

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
date: Mon, 28 Aug 2023 14:59:34 GMT
last-modified: Fri, 04 Aug 2023 17:23:35 GMT
server: AmazonS3
x-amz-request-id: XDAPD3BCR6KR7RBQ
etag: "7357181ac346e7bea5342fbd47cb3a1a"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 85427
x-amz-id-2: OZFC30ZLDuLPc/ZfQypo8pJQbTwCOOtzFx/vZ4e4xrWfmhBgSZGxYuwKF31Bm5uo9awDNqV57w8=

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
146 B 27ms
27ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=296490730&t=pageview&_s=1&dl=https%3A%2F%2Firs.taxserv1.com%2F&ul=en-us&de=UTF-8&dt=Tax%20Refund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=1.234993974.1693234773.1693234773.1693234773.1&_utmz=1.1693234773.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1693234774165&_u=aCDCiEABBAAAACAMI~&jid=1841806511&gjid=66269448&cid=707347912.1693234773&tid=UA-62608137-8&_gid=225153176.1693234773&_slc=1&cd8=English&cd1=(not%20set)&cd2=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.110%20Safari%2F537.36&z=1895800275

Requested by

Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://irs.taxserv1.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 14:59:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://irs.taxserv1.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
346 B 90ms
21ms XHR
text/plain 2a00:1450:400c:c07::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-62608137-8&cid=707347912.1693234773&jid=1841806511&gjid=66269448&_gid=225153176.1693234773&_u=aCDCiEABBAAAAGAMI~&z=1256498505

Requested by

Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://irs.taxserv1.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 28 Aug 2023 14:59:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://irs.taxserv1.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 19ms
19ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=296490730&t=event&_s=2&dl=https%3A%2F%2Firs.taxserv1.com%2F&ul=en-us&de=UTF-8&dt=Tax%20Refund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Language&ea=LanguageSet&el=DP%20setting%20language%20to%20English&_utma=1.234993974.1693234773.1693234773.1693234773.1&_utmz=1.1693234773.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1693234774170&_u=aCDCiEABBAAAAGAMI~&jid=&gjid=&cid=707347912.1693234773&tid=UA-62608137-8&_gid=225153176.1693234773&cd8=English&cd1=(not%20set)&cd2=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.110%20Safari%2F537.36&z=1062270532

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Aug 2023 21:26:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63191
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 20ms
20ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=296490730&t=pageview&_s=3&dl=https%3A%2F%2Firs.taxserv1.com%2F&ul=en-us&de=UTF-8&dt=Tax%20Refund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=1.234993974.1693234773.1693234773.1693234773.1&_utmz=1.1693234773.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1693234774172&_u=aCDCiEABBAAAAGAMI~&jid=&gjid=&cid=707347912.1693234773&tid=UA-62608137-8&_gid=225153176.1693234773&cd8=English&cd1=(not%20set)&cd2=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.110%20Safari%2F537.36&z=2132191318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Aug 2023 21:26:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63191
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 20ms
20ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=296490730&t=event&_s=4&dl=https%3A%2F%2Firs.taxserv1.com%2F&ul=en-us&de=UTF-8&dt=Tax%20Refund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Language&ea=LanguageSet&el=DP%20setting%20language%20to%20English&_utma=1.234993974.1693234773.1693234773.1693234773.1&_utmz=1.1693234773.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1693234774175&_u=aCDCiEABBAAAAGAMI~&jid=&gjid=&cid=707347912.1693234773&tid=UA-62608137-8&_gid=225153176.1693234773&cd8=English&cd1=(not%20set)&cd2=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.110%20Safari%2F537.36&z=630974887

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Aug 2023 21:26:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63191
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 20ms
19ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=296490730&t=pageview&_s=5&dl=https%3A%2F%2Firs.taxserv1.com%2F&ul=en-us&de=UTF-8&dt=Tax%20Refund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=1.234993974.1693234773.1693234773.1693234773.1&_utmz=1.1693234773.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1693234774178&_u=aCDCiEABBAAAAGAMI~&jid=&gjid=&cid=707347912.1693234773&tid=UA-62608137-8&_gid=225153176.1693234773&cd8=English&cd1=(not%20set)&cd2=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.110%20Safari%2F537.36&z=1172430965

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Aug 2023 21:26:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63191
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 20ms
20ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=296490730&t=event&_s=6&dl=https%3A%2F%2Firs.taxserv1.com%2F&ul=en-us&de=UTF-8&dt=Tax%20Refund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Language&ea=LanguageSet&el=DP%20setting%20language%20to%20English&_utma=1.234993974.1693234773.1693234773.1693234773.1&_utmz=1.1693234773.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1693234774181&_u=aCDCiEABBAAAAGAMI~&jid=&gjid=&cid=707347912.1693234773&tid=UA-62608137-8&_gid=225153176.1693234773&cd8=English&cd1=(not%20set)&cd2=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.110%20Safari%2F537.36&z=2029362029

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Aug 2023 21:26:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63191
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 21ms
20ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=296490730&t=pageview&_s=7&dl=https%3A%2F%2Firs.taxserv1.com%2F&ul=en-us&de=UTF-8&dt=Tax%20Refund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=1.234993974.1693234773.1693234773.1693234773.1&_utmz=1.1693234773.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1693234774183&_u=aCDCiEABBAAAAGAMI~&jid=&gjid=&cid=707347912.1693234773&tid=UA-62608137-8&_gid=225153176.1693234773&cd8=English&cd1=(not%20set)&cd2=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.110%20Safari%2F537.36&z=77538505

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Aug 2023 21:26:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63191
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 21ms
21ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=296490730&t=event&_s=8&dl=https%3A%2F%2Firs.taxserv1.com%2F&ul=en-us&de=UTF-8&dt=Tax%20Refund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Language&ea=LanguageSet&el=DP%20setting%20language%20to%20English&_utma=1.234993974.1693234773.1693234773.1693234773.1&_utmz=1.1693234773.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1693234774185&_u=aCDCiEABBAAAAGAMI~&jid=&gjid=&cid=707347912.1693234773&tid=UA-62608137-8&_gid=225153176.1693234773&cd8=English&cd1=(not%20set)&cd2=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.110%20Safari%2F537.36&z=404569050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Aug 2023 21:26:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63191
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 20ms
20ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=296490730&t=pageview&_s=9&dl=https%3A%2F%2Firs.taxserv1.com%2F&ul=en-us&de=UTF-8&dt=Tax%20Refund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=1.234993974.1693234773.1693234773.1693234773.1&_utmz=1.1693234773.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1693234774188&_u=aCDCiEABBAAAAGAMI~&jid=&gjid=&cid=707347912.1693234773&tid=UA-62608137-8&_gid=225153176.1693234773&cd8=English&cd1=(not%20set)&cd2=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.110%20Safari%2F537.36&z=104717895

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Aug 2023 21:26:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63191
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 21ms
20ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=296490730&t=event&_s=10&dl=https%3A%2F%2Firs.taxserv1.com%2F&ul=en-us&de=UTF-8&dt=Tax%20Refund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Language&ea=LanguageSet&el=DP%20setting%20language%20to%20English&_utma=1.234993974.1693234773.1693234773.1693234773.1&_utmz=1.1693234773.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1693234774190&_u=aCDCiEABBAAAAGAMI~&jid=&gjid=&cid=707347912.1693234773&tid=UA-62608137-8&_gid=225153176.1693234773&cd8=English&cd1=(not%20set)&cd2=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.110%20Safari%2F537.36&z=1408760421

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Aug 2023 21:26:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63191
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 20ms
20ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=296490730&t=pageview&_s=11&dl=https%3A%2F%2Firs.taxserv1.com%2F&ul=en-us&de=UTF-8&dt=Tax%20Refund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=1.234993974.1693234773.1693234773.1693234773.1&_utmz=1.1693234773.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1693234774194&_u=aCDCiEABBAAAAGAMI~&jid=&gjid=&cid=707347912.1693234773&tid=UA-62608137-8&_gid=225153176.1693234773&cd8=English&cd1=(not%20set)&cd2=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.110%20Safari%2F537.36&z=287160288

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Aug 2023 21:26:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63191
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 21ms
20ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=296490730&t=event&_s=12&dl=https%3A%2F%2Firs.taxserv1.com%2F&ul=en-us&de=UTF-8&dt=Tax%20Refund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Language&ea=LanguageSet&el=DP%20setting%20language%20to%20English&_utma=1.234993974.1693234773.1693234773.1693234773.1&_utmz=1.1693234773.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1693234774198&_u=aCDCiEABBAAAAGAMI~&jid=&gjid=&cid=707347912.1693234773&tid=UA-62608137-8&_gid=225153176.1693234773&cd8=English&cd1=(not%20set)&cd2=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.110%20Safari%2F537.36&z=1473189735

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Aug 2023 21:26:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63191
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 20ms
19ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=296490730&t=pageview&_s=13&dl=https%3A%2F%2Firs.taxserv1.com%2F&ul=en-us&de=UTF-8&dt=Tax%20Refund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=1.234993974.1693234773.1693234773.1693234773.1&_utmz=1.1693234773.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1693234774201&_u=aCDCiEABBAAAAGAMI~&jid=&gjid=&cid=707347912.1693234773&tid=UA-62608137-8&_gid=225153176.1693234773&cd8=English&cd1=(not%20set)&cd2=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.110%20Safari%2F537.36&z=285532295

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Aug 2023 21:26:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63191
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 21ms
20ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=296490730&t=event&_s=14&dl=https%3A%2F%2Firs.taxserv1.com%2F&ul=en-us&de=UTF-8&dt=Tax%20Refund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Language&ea=LanguageSet&el=DP%20setting%20language%20to%20English&_utma=1.234993974.1693234773.1693234773.1693234773.1&_utmz=1.1693234773.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1693234774203&_u=aCDCiEABBAAAAGAMI~&jid=&gjid=&cid=707347912.1693234773&tid=UA-62608137-8&_gid=225153176.1693234773&cd8=English&cd1=(not%20set)&cd2=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.110%20Safari%2F537.36&z=517227073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Aug 2023 21:26:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63191
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
20ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=296490730&t=pageview&_s=15&dl=https%3A%2F%2Firs.taxserv1.com%2F&ul=en-us&de=UTF-8&dt=Tax%20Refund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=1.234993974.1693234773.1693234773.1693234773.1&_utmz=1.1693234773.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1693234774205&_u=aCDCiEABBAAAAGAMI~&jid=&gjid=&cid=707347912.1693234773&tid=UA-62608137-8&_gid=225153176.1693234773&cd8=English&cd1=(not%20set)&cd2=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.110%20Safari%2F537.36&z=542378622

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 04:38:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37275
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=296490730&t=event&_s=16&dl=https%3A%2F%2Firs.taxserv1.com%2F&ul=en-us&de=UTF-8&dt=Tax%20Refund&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Language&ea=LanguageSet&el=DP%20setting%20language%20to%20English&_utma=1.234993974.1693234773.1693234773.1693234773.1&_utmz=1.1693234773.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1693234774209&_u=aCDCiEABBAAAAGAMI~&jid=&gjid=&cid=707347912.1693234773&tid=UA-62608137-8&_gid=225153176.1693234773&cd8=English&cd1=(not%20set)&cd2=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F116.0.5845.110%20Safari%2F537.36&z=1547051400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 04:38:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37275
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK HP Show response
info.directpay.irs.gov/fp/ Frame E0FB 19 KB
6 KB 163ms
163ms Document
text/html 192.225.157.196
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://info.directpay.irs.gov/fp/HP?session_id=c0bd800c5c334ea482427b22dcea7941&org_id=2febmm50&nonce=d50814759e5d6d09&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Requested by

Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/check.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.196 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

a51dcc786db972511f28b7d9c1988cdd218688759999e84b6c46d22965a35ade

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://irs.taxserv1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Language: nl-NL
Content-Length: 5796
Content-Type: text/html;charset=UTF-8
Date: Mon, 28 Aug 2023 14:59:34 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clear.png Show response
info.directpay.irs.gov/fp/ Frame BAEF 81 B
532 B 501ms
165ms XHR
image/png 192.225.157.196
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://info.directpay.irs.gov/fp/clear.png

Requested by

Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/check.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.196 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 2febmm50/d50814759e5d6d09c0bd800c5c334ea482427b22dcea7941
Referer: https://irs.taxserv1.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 14:59:34 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 28 Aug 2023 14:59:34 GMT
Server: Apache
Etag: f85aecce5c9c4d1ba01819c2b81af86a
Content-Type: image/png
Access-Control-Allow-Origin: https://irs.taxserv1.com
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Sat, 26 Aug 2028 14:59:34 GMT

GET
H/1.1

204
No Content

clear.png Show response
h.online-metrix.net/fp/ Frame BAEF
Redirect Chain

https://h.online-metrix.net/fp/clear.png?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=d50814759e5d6d09&gttl=155520000
https://h.online-metrix.net/fp/clear.png?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=d50814759e5d6d09&k=2

0
387 B

14ms
13ms

Script
text/javascript

91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=d50814759e5d6d09&k=2

Protocol

HTTP/1.1

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 14:59:34 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Mon, 28 Aug 2023 14:59:34 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
P3P: CP=IVAa PSAa
Location: https://h.online-metrix.net/fp/clear.png?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=d50814759e5d6d09&k=2
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 0

GET
H/1.1 200
OK ls_fp.html;CIS3SID=7794D8488D53BE38C5AE6C9FCBC1B2ED Show response
info.directpay.irs.gov/fp/ Frame B986 90 KB
13 KB 164ms
164ms Document
text/html 192.225.157.196
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://info.directpay.irs.gov/fp/ls_fp.html;CIS3SID=7794D8488D53BE38C5AE6C9FCBC1B2ED?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=d50814759e5d6d09

Requested by

Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/check.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.196 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

1a071a549202c49b253b1fd97eff694192d632d9af15bc61843e3701430d42bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://irs.taxserv1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 28 Aug 2023 14:59:34 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
info.directpay.irs.gov/fp/ Frame BAEF 0
388 B 163ms
163ms Script
text/javascript 192.225.157.196
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://info.directpay.irs.gov/fp/clear.png?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=d50814759e5d6d09&jb=3136246c7b613d613933343a39616131386736363a3b373b39633832603f6164666567616b6334

Requested by

Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/check.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.196 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 14:59:34 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=7794D8488D53BE38C5AE6C9FCBC1B2ED Show response
h.online-metrix.net/fp/ Frame 5C86 103 KB
15 KB 30ms
18ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=7794D8488D53BE38C5AE6C9FCBC1B2ED?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=d50814759e5d6d09

Requested by

Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/check.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

7d2f687307f75cc5c9d008863b428130ffe153bfd2d8644eb5bff97f209cdf5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://irs.taxserv1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 28 Aug 2023 14:59:34 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK top_fp.html;CIS3SID=7794D8488D53BE38C5AE6C9FCBC1B2ED Show response
info.directpay.irs.gov/fp/ Frame 3E88 89 KB
13 KB 258ms
164ms Document
text/html 192.225.157.196
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://info.directpay.irs.gov/fp/top_fp.html;CIS3SID=7794D8488D53BE38C5AE6C9FCBC1B2ED?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=d50814759e5d6d09

Requested by

Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/check.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.196 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

78cc2f3a4c1e4cbe3dc0a28cf51b113d0167ddd8ead8da6c0f28c2ad5774e372

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://irs.taxserv1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 28 Aug 2023 14:59:34 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=97
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 clear.png Show response
info.directpay.irs.gov/fp/ Frame BAEF 0
218 B 295ms
167ms Script
text/javascript 192.225.157.196
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://info.directpay.irs.gov/fp/clear.png?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=d50814759e5d6d09&ja=333831362e26633f363224783d3630266e3f313432327a3332323026636e3d31343032783932303226717a7b3d3078302e6670703f332e333632302c333a30302e313430382c313030322e333630302c393030322e333432302e313232382c302e30246d7c3d613a38306360636463373f66646466643b67613a3431333c373034623b613f61266f6e3f36247363643d3a36266e6a3f6a767472732531492532442530466172732c74637a716572763126616f6f273044616867636b5d6e696c677327324e73617465665d7065736f757a61652c6a766f6e26726c3d312e70683f373a663a38616336606164626531313b6037313a35636730663362666a326436266a683565343b66676163666136616d3b38323231323a35343765373030666062343631266a716f3f556b6e646f777b2732323332246873603d436a7a6f6d67253030393136246a716d773d57696e6c6d777124687160753f436870676d65246e6a633534266c646f3f3a266e6d74783f30247678663f4577726f726d253244416f737c657266616f246f61746872353630323166336132606563323a6536616337363830383061663337353430316e6634373a3a3336316636656369323466633b34696662663730313333313936692464703f6a767670712533432d3246273244697a732e76617a71677276312e6b6d6d27304424723d726c7565616e5f646c63736025354766636e716521706c7d65696c5d756b6c646d77735d6565646b615d70646179677227374766616c736d23706e77656b6c5f63646f606d5f6161726d62697425374564636e736521706477676b6c5d737769616b746b6565253745646164736523706e7765696e5f73606d636975637467253745666364736523706e756f696e5d7267636e706c61796d7025374764636e736721706e7d67696c5f746c6b5f706e617b677025354566696e736723726e77676b6e5f666d76616e7670253d4566636c716723706c7567616c5f7174655d7469677765702d354564616e736d21706e75656b6c5f6a61766927354764636e716524676c5d6b3d776762656c5f6562454c273032312e30253a32284d72676c454c273230475b253232322c302d32304168706d6f69756d295f6762454e273032474e534c273a304551253030392e302732322a4d70656e47442732324751273030454c534e2d32304753273238312e322530324168726f6d61776d2b556760496976576560436974273232576d62474e414c454e455f696e7b76616c6167665d617072617b7b2533402530304d58545d626e676c645f6d69666f617a27314027323245585657636f6e6f705f6a75666465705d6a616c665f6e6e6f6376273140253030455a5c5f666e6f637457626c676e662731422532304d5a545d647063655f66657076602533402530304d58545d736a636665725f746d7a747770675d6e6f662533402d32304758565f7c6578767570675d636f6d707a6773716b6d6c5d62727463273b4225303047585c5f746778767770655f636f6572726771716b6d6e5d7267766b2533402530304d58545d74677a767572655f6e6b6c7667705d636e6b736f767a6f706b6327334a253232455a565d735247422d31422730324d47535d656c6765656e765f6b6e6c65785d756b6c76253342253a324f47515d64606f5d72656c6c65725d6d6b706561702733402730304f4553577174636c666370645d646570617661766974657b2533402530324d45535f746d7a747770675d646c6d6174273b422530304d455b5f746778767770655f666c6763745d6e6b6c6761702533402d32304d45515f7c6578767570675d68616c6657646c6d63762731422732304d4d535f76657a747d72655d68636e645f666c6f69765f6e6b6c676372273342273a304f47535d766d727467785d63707261795f67606a676176273142273230554d42474e5f616f646f725d6277646465725f66646d61762731402732325745404f4c5f616f6f707a65737165665d76657874757a675f637176612733402532325f4542454c5d63676d707065717167645f746570767570675d677663273342273a30574742454c57636f6f707067717365645f7c6778767770675d65766331273b4225303055454a474c5d636d6f72726573736d665f76677a767772675f73317c63253142273238574540474e5d616f6d70726d717367665d7667787675726757733376635d737a67622733402730305745424f4e5f66676077655f70656e666d7265705f6b6e6e6f25314227303257454247445d646772766a5d74677874777a65253142273238574540474e5d667261775f6a7766646770712733402532325f4542454c5d6c6773655d636d6c76657874253b40253032554740474e5f6d776474695d6470617f313624676e5d6a3d3366663d6666643635363264666334323f6536306267306d37346632373736363130346c3632373b2475656c743d496c7c656c2732324966632e2477656e703d496e746d6e2530324b706b732732304d78656e454c273238456e65696c67246363643d39&jb=3335372664713d4f6f786b6e6c6125324e372e322730322a576b6e646d7f732530304c542d323033302c3227334225323855696c34362731422732307a3e34292732324178706c6757676049697425324e3733352c3134273232284b4a5c4d4c273241253a306c6b6b67273030476563636d29273032416a726d6d65273a463133362c3026353836352c3333302532305b636663706b2730463733372c3b36

Requested by

Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/check.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.196 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 14:59:34 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
2febmm503oly67rfhpz3pxxuui4jdqgon5tco342d50814759e5d6d09sac.d.aa.online-metrix.net/fp/ Frame BAEF 81 B
438 B 1405ms
164ms Image
image/png 192.225.158.3
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2febmm503oly67rfhpz3pxxuui4jdqgon5tco342d50814759e5d6d09sac.d.aa.online-metrix.net/fp/clear.png?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=d50814759e5d6d09&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.3 , United States, ASN30286 (THM, US),

Reverse DNS

d.aa.online-metrix.net

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 14:59:35 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
BLOB 200
OK 3b85260a-5f15-4284-99a5-7271fc304fdc
https://irs.taxserv1.com/ Frame BAEF 0
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/3b85260a-5f15-4284-99a5-7271fc304fdc
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 0
Content-Type: application/javascript

GET
BLOB 200
OK 7af36b01-cf86-465d-a745-742520dde36e
https://irs.taxserv1.com/ Frame BAEF 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/7af36b01-cf86-465d-a745-742520dde36e
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0100f3b94e8abeae9925dc8db0f6c47787066ccd75c6c3f1733ae982117c782

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 101a3c74-bf20-4de8-90db-855f11d9fa4d
https://irs.taxserv1.com/ Frame BAEF 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/101a3c74-bf20-4de8-90db-855f11d9fa4d
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0100f3b94e8abeae9925dc8db0f6c47787066ccd75c6c3f1733ae982117c782

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK e0343e7a-f30f-4072-baa7-dba2161ae03b
https://irs.taxserv1.com/ Frame BAEF 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/e0343e7a-f30f-4072-baa7-dba2161ae03b
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0100f3b94e8abeae9925dc8db0f6c47787066ccd75c6c3f1733ae982117c782

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK e9bce68b-8cec-48d7-8f25-e6c64648c047
https://irs.taxserv1.com/ Frame BAEF 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/e9bce68b-8cec-48d7-8f25-e6c64648c047
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0100f3b94e8abeae9925dc8db0f6c47787066ccd75c6c3f1733ae982117c782

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 317de07e-765c-4182-b22f-ed27c2e30bbe
https://irs.taxserv1.com/ Frame BAEF 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/317de07e-765c-4182-b22f-ed27c2e30bbe
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0100f3b94e8abeae9925dc8db0f6c47787066ccd75c6c3f1733ae982117c782

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK abd402d0-c10a-46ec-9c47-39036f21e28c
https://irs.taxserv1.com/ Frame BAEF 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/abd402d0-c10a-46ec-9c47-39036f21e28c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0100f3b94e8abeae9925dc8db0f6c47787066ccd75c6c3f1733ae982117c782

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK e5596ec1-366b-455c-ab85-4c90db16a42b
https://irs.taxserv1.com/ Frame BAEF 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/e5596ec1-366b-455c-ab85-4c90db16a42b
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0100f3b94e8abeae9925dc8db0f6c47787066ccd75c6c3f1733ae982117c782

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 7912e470-f0af-4442-a5d0-a68f4dd901e2
https://irs.taxserv1.com/ Frame BAEF 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/7912e470-f0af-4442-a5d0-a68f4dd901e2
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0100f3b94e8abeae9925dc8db0f6c47787066ccd75c6c3f1733ae982117c782

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 243a76d8-9c54-4ffc-b215-03bc36f6f66d
https://irs.taxserv1.com/ Frame BAEF 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/243a76d8-9c54-4ffc-b215-03bc36f6f66d
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0100f3b94e8abeae9925dc8db0f6c47787066ccd75c6c3f1733ae982117c782

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 94a8e0f0-7d89-4fe2-b812-0228329769c7
https://irs.taxserv1.com/ Frame BAEF 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/94a8e0f0-7d89-4fe2-b812-0228329769c7
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0100f3b94e8abeae9925dc8db0f6c47787066ccd75c6c3f1733ae982117c782

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 8f2a7414-0da4-4223-90da-75b912247830
https://irs.taxserv1.com/ Frame BAEF 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/8f2a7414-0da4-4223-90da-75b912247830
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0100f3b94e8abeae9925dc8db0f6c47787066ccd75c6c3f1733ae982117c782

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 236d3720-bf86-4350-a9f2-9320223b2917
https://irs.taxserv1.com/ Frame BAEF 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/236d3720-bf86-4350-a9f2-9320223b2917
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0100f3b94e8abeae9925dc8db0f6c47787066ccd75c6c3f1733ae982117c782

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 6b4df623-b622-418e-919e-97ba48753712
https://irs.taxserv1.com/ Frame BAEF 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/6b4df623-b622-418e-919e-97ba48753712
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0100f3b94e8abeae9925dc8db0f6c47787066ccd75c6c3f1733ae982117c782

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK d8982703-9717-4d2e-84c2-1a816972f758
https://irs.taxserv1.com/ Frame BAEF 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/d8982703-9717-4d2e-84c2-1a816972f758
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0100f3b94e8abeae9925dc8db0f6c47787066ccd75c6c3f1733ae982117c782

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK ce8bc85d-7f25-46a6-92ef-6cc4eb576050
https://irs.taxserv1.com/ Frame BAEF 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/ce8bc85d-7f25-46a6-92ef-6cc4eb576050
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0100f3b94e8abeae9925dc8db0f6c47787066ccd75c6c3f1733ae982117c782

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK aad08eba-ce81-4672-8b53-89049da30101
https://irs.taxserv1.com/ Frame BAEF 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/aad08eba-ce81-4672-8b53-89049da30101
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0100f3b94e8abeae9925dc8db0f6c47787066ccd75c6c3f1733ae982117c782

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK e35c2bd1-8bac-4b56-a32b-0424eea01b78
https://irs.taxserv1.com/ Frame BAEF 1 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/e35c2bd1-8bac-4b56-a32b-0424eea01b78
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 537078cdd8337f9fe67bba7e6cfac79df68f39a160a10827d625261bbeeaf921

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1357
Content-Type: application/javascript

GET
H/1.1 200
OK check.js Show response
info.directpay.irs.gov/fp/ Frame E0FB 208 KB
29 KB 173ms
172ms Script
text/javascript 192.225.157.196
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://info.directpay.irs.gov/fp/check.js?&pageid=99998&session_id=c0bd800c5c334ea482427b22dcea7941&org_id=2febmm50&nonce=d50814759e5d6d09

Requested by

Host: info.directpay.irs.gov
URL: https://info.directpay.irs.gov/fp/HP?session_id=c0bd800c5c334ea482427b22dcea7941&org_id=2febmm50&nonce=d50814759e5d6d09&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.196 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

ca9e077c8eaeeabdf51be4d17094cbf9a2567667cfb8b82fc455aecb0a6673ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://info.directpay.irs.gov/fp/HP?session_id=c0bd800c5c334ea482427b22dcea7941&org_id=2febmm50&nonce=d50814759e5d6d09&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 14:59:34 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: d50814759e5d6d09
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=96
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK HP Show response
info.directpay.irs.gov/fp/ Frame 40C5 19 KB
6 KB 163ms
163ms Document
text/html 192.225.157.196
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://info.directpay.irs.gov/fp/HP?session_id=c0bd800c5c334ea482427b22dcea7941&org_id=2febmm50&nonce=7488ee16070a2907&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Requested by

Host: info.directpay.irs.gov
URL: https://info.directpay.irs.gov/fp/check.js;CIS3SID=B3013920B835BAB967DD5A4230FDA9B8?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=7488ee16070a2907&jb=3739242662736f773d556b6c646f77732e68736d3f556b6c646d7773273a3031322668736a753d4168706d6f65266a736a3f436a706d6f6725303031333e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.196 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

2433e3c8e676154df0bead80045af38e1b0075cef6f6152a52f58df46d5d0ee5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://irs.taxserv1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Language: nl-NL
Content-Length: 5796
Content-Type: text/html;charset=UTF-8
Date: Mon, 28 Aug 2023 14:59:34 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clear.png Show response
info.directpay.irs.gov/fp/ Frame 2A0A 81 B
531 B 308ms
164ms XHR
image/png 192.225.157.196
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://info.directpay.irs.gov/fp/clear.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.196 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 2febmm50/7488ee16070a2907c0bd800c5c334ea482427b22dcea7941
Referer: https://irs.taxserv1.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 14:59:34 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Mon, 28 Aug 2023 14:59:34 GMT
Server: Apache
Etag: 2003baef9b9046dbb547ac6f5747bd8f
Content-Type: image/png
Access-Control-Allow-Origin: https://irs.taxserv1.com
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 81
Expires: Sat, 26 Aug 2028 14:59:34 GMT

GET
H/1.1 204
No Content clear.png Show response
h.online-metrix.net/fp/ Frame 2A0A 0
387 B 14ms
14ms Script
text/javascript 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/clear.png?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=7488ee16070a2907&gttl=155520000

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 14:59:34 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ls_fp.html;CIS3SID=72C2464500666FD7693A6DD8505028AF Show response
info.directpay.irs.gov/fp/ Frame B0C5 90 KB
14 KB 164ms
164ms Document
text/html 192.225.157.196
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://info.directpay.irs.gov/fp/ls_fp.html;CIS3SID=72C2464500666FD7693A6DD8505028AF?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=7488ee16070a2907

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.196 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

52806ae20a2ecd4944e5db73778df04d99e0922c65975a34e0cbbfc1d30a90bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://irs.taxserv1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 28 Aug 2023 14:59:34 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=98
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content clear.png Show response
info.directpay.irs.gov/fp/ Frame 2A0A 0
387 B 161ms
160ms Script
text/javascript 192.225.157.196
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://info.directpay.irs.gov/fp/clear.png?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=7488ee16070a2907&jb=3136246c7b613d613933343a39616131386736363a3b373b39633832603f6164666567616b6334

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.196 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 14:59:34 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK sid_fp.html;CIS3SID=72C2464500666FD7693A6DD8505028AF Show response
h.online-metrix.net/fp/ Frame 2028 103 KB
15 KB 17ms
17ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=72C2464500666FD7693A6DD8505028AF?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=7488ee16070a2907

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

7e67eb328695d2ff7528a6729a1cf156d59d918b6405ac8c77f5c3452081e7a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://irs.taxserv1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 28 Aug 2023 14:59:34 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK top_fp.html;CIS3SID=72C2464500666FD7693A6DD8505028AF Show response
info.directpay.irs.gov/fp/ Frame A46E 89 KB
13 KB 164ms
164ms Document
text/html 192.225.157.196
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://info.directpay.irs.gov/fp/top_fp.html;CIS3SID=72C2464500666FD7693A6DD8505028AF?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=7488ee16070a2907

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.196 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

fd1d6010ba0dd70844cc60bb85fb0378b452c43985b0b4ebe45d00694b5a9f2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://irs.taxserv1.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Mon, 28 Aug 2023 14:59:34 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 clear.png Show response
info.directpay.irs.gov/fp/ Frame 2A0A 0
219 B 162ms
162ms Script
text/javascript 192.225.157.196
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://info.directpay.irs.gov/fp/clear.png?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=7488ee16070a2907&ja=333832332e26633f363224783d3630266e3f313432327a3332323026636e3d31343032783932303226717a7b3d3078302e6670703f332e333632302c333a30302e313430382c313030322e333630302c393030322e333432302e313232382c302e30246d7c3d613a38306360636463373f66646466643b67613a3431333c373034623b613f61266f6e3f36247363643d3a36266e6a3f6a767472732531492532442530466172732c74637a716572763126616f6f27304424706e3d332478683d353864323061613462616460653131336a35333a3563673264316264603a643424686a3d6d3439646561636461366165313a303231323a37363565353a386662603634392e6a736d3d556b6c646f77732d30303332246871623f436870676d652732323139362668736d773f57696e6467757324687160773d4168726d6565266c68613d3c266e666d3f3a246e6d74703532267678663f4775706f70672d3246436d71746d7264636d246f637468723d3c3230316633613062676330306d3663613534303838326364333737343031666c36353a3a33363364346561633a3464613936616e62643532313331313936612e66723f6a76767273273341273a462530466b727b2e74637871677076312e63676f25304424723f706e75676b665f666e6171682d354564616e716721706c756f6b6e5d756b6c666f75735f6f6d6469635f726c6979657025374764616c736529726c77656b6c5d61666f6267576163706f60617c25354766636e716521706c7d65696c5d73776b636974696f6d25354766636c7b6521726c77656b6e5f736867616b7563746727354766616e7b6521726c7767616e5f7065636e726c6179657a27354764636e716523706c776f696e5d766e6357706c63796770273545666164716523726e7765696c5f64677e616c747227354d66616e736723726c756769665d7374655d746b65756572273d4566636c716529706c77676b6c5d6a6176612d374564636e716726656c5f6135776560676e576d62474e253032332e302532382a4f72676c454e25303045512d3230302e32253a30436a726d6f6b756d29576d60474e273032454c514c25303845532732323126302530302a4d72656e474c2d30304751273032474e534c273a304551253030392e30273232416a726f6d697d6f29556760496b7455656249617425303055656a474c434e454e475f696e737c636e6167665d6372706179712d33422732324550545f606c676c665f6d696e6563782731402730304758545d6b6f6c6d725d627d666667725d6a636c665f66646d617627314027323245585657666c6d61765f6a6c656c642731402532304550565f647063655d646770746a2d33422732324550545f7168636667725f746570767570675d6e6d64273342273a30455a545d746d78747772675d616f6d70726d71736b6d6c5d6070766325314a253232455a545774657a747770675f636f6d78706571716b6d6c5f706774612d33422732324550545f76657a767772655f66616e7467705d636c69716f7470677069612531422d32304758565d71524742253b402530324d47515f676c656f6d6e745d696c646d785f77696c762733422532384d45515d64606d5f70656e666d725f6f69726d69702531422730324f45535f7b76616c666370665f6665726b7e61746b7667732d33422732324d47535f746570767570675d646e6f637425314a2532324f47535774657a747770675f666c6f69765f6e6b6c676372273342273a304f47535d746d78747772675d6a616c665f6e6e6f63762731402530304f475b5f74677876757a655f6a616e645d666c6f617c5d6c6b6c6763702531422530384f45515f74657a74657a5f63707061795f6f6a6865617627314025303057474a474c5d636d6c67725f6075646467725f666c67637427314027303055454245445f636d6d72726d737367645d7667787475726d5d61717661273142273230554d42474e5f616f65707267737167665f7465787c7772675d677661253142253038574540474e5f6b6f6d727267717165645f746d7a747770675d6774613125314a2532325747424f4c5f616f6f7270657373656c5d74677a767770655d7333766b2533402530305f4542454c5d616d6d7072657b7165665d76677a747772655d7b3374615f71726f6225314227303257454247445d64676077655d72676e64677a65725d696c6667253340253032554542474c57666572766a5d76657a7475706d2533402530305f4542454c5d667061775f627d6466677071273142273230554d42474e5f6e6f7b655f616f6c7667787425334a273232554740454c5d6d756e7c695f66726377393626656c5d6a3f336666356c6466363536326664613430356d3632606532653f34643035373634313034643c30353b2475656e763f496e766d6c2530304b6e6b2e2675676e703f496e7465642732324b706b712530304f726d6e474e2530304d6e676b6e67246163643d31&jb=3335372664713d4f6f786b6e6c6125324e372e322730322a576b6e646d7f732530304c542d323033302c3227334225323855696c34362731422732307a3e34292732324178706c6757676049697425324e3733352c3134273232284b4a5c4d4c273241253a306c6b6b67273030476563636d29273032416a726d6d65273a463133362c3026353836352c3333302532305b636663706b2730463733372c3b36

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.196 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 14:59:34 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK clear.png
2febmm503oly67rfhpz3pxxuui4jdqgon5tco3427488ee16070a2907sac.d.aa.online-metrix.net/fp/ Frame 2A0A 81 B
438 B 1101ms
174ms Image
image/png 192.225.158.3
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://2febmm503oly67rfhpz3pxxuui4jdqgon5tco3427488ee16070a2907sac.d.aa.online-metrix.net/fp/clear.png?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=7488ee16070a2907&di=yes

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.158.3 , United States, ASN30286 (THM, US),

Reverse DNS

d.aa.online-metrix.net

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 14:59:35 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
info.directpay.irs.gov/fp/ Frame B986 0
387 B 237ms
161ms Script
text/javascript 192.225.157.196
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://info.directpay.irs.gov/fp/clear.png?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=d50814759e5d6d09&jf=3136246c7b623d6363346733373937656a373436336464633067363332313638603967323e3133

Requested by

Host: info.directpay.irs.gov
URL: https://info.directpay.irs.gov/fp/ls_fp.html;CIS3SID=7794D8488D53BE38C5AE6C9FCBC1B2ED?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=d50814759e5d6d09

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.196 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://info.directpay.irs.gov/fp/ls_fp.html;CIS3SID=7794D8488D53BE38C5AE6C9FCBC1B2ED?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=d50814759e5d6d09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 14:59:34 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
BLOB 200
OK e394f00f-3ae4-48a1-9512-d48ce591ea7f
https://irs.taxserv1.com/ Frame 2A0A 0
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/e394f00f-3ae4-48a1-9512-d48ce591ea7f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 0
Content-Type: application/javascript

GET
BLOB 200
OK e5b97910-5b39-4170-bc90-17831637f631
https://irs.taxserv1.com/ Frame 2A0A 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/e5b97910-5b39-4170-bc90-17831637f631
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37b8885acc0a44db3973daefe20605bd0567124d4f770ef527744aba4f202ec8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 6cc6169a-2639-448e-8561-97e9e6dd2a59
https://irs.taxserv1.com/ Frame 2A0A 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/6cc6169a-2639-448e-8561-97e9e6dd2a59
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37b8885acc0a44db3973daefe20605bd0567124d4f770ef527744aba4f202ec8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 67e055e1-7118-4aa7-8b34-a6fb6638ef0e
https://irs.taxserv1.com/ Frame 2A0A 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/67e055e1-7118-4aa7-8b34-a6fb6638ef0e
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37b8885acc0a44db3973daefe20605bd0567124d4f770ef527744aba4f202ec8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 215d6f93-705f-4508-b631-5650695d76d4
https://irs.taxserv1.com/ Frame 2A0A 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/215d6f93-705f-4508-b631-5650695d76d4
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37b8885acc0a44db3973daefe20605bd0567124d4f770ef527744aba4f202ec8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK ca48250d-832c-40ec-a0d9-7eb8f32bc962
https://irs.taxserv1.com/ Frame 2A0A 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/ca48250d-832c-40ec-a0d9-7eb8f32bc962
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37b8885acc0a44db3973daefe20605bd0567124d4f770ef527744aba4f202ec8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK c00ee7f1-2d9e-4999-8764-dbc5ae3e46f4
https://irs.taxserv1.com/ Frame 2A0A 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/c00ee7f1-2d9e-4999-8764-dbc5ae3e46f4
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37b8885acc0a44db3973daefe20605bd0567124d4f770ef527744aba4f202ec8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK edef4412-06e0-4224-bb07-baae20ed443f
https://irs.taxserv1.com/ Frame 2A0A 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/edef4412-06e0-4224-bb07-baae20ed443f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37b8885acc0a44db3973daefe20605bd0567124d4f770ef527744aba4f202ec8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK ef795055-6f4b-4083-b960-e945ad96e318
https://irs.taxserv1.com/ Frame 2A0A 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/ef795055-6f4b-4083-b960-e945ad96e318
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37b8885acc0a44db3973daefe20605bd0567124d4f770ef527744aba4f202ec8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 738acbc7-179b-40c8-995a-6c21b8f92546
https://irs.taxserv1.com/ Frame 2A0A 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/738acbc7-179b-40c8-995a-6c21b8f92546
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37b8885acc0a44db3973daefe20605bd0567124d4f770ef527744aba4f202ec8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK a6356aaa-7e0e-4074-a90e-954fe6b1ae7b
https://irs.taxserv1.com/ Frame 2A0A 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/a6356aaa-7e0e-4074-a90e-954fe6b1ae7b
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37b8885acc0a44db3973daefe20605bd0567124d4f770ef527744aba4f202ec8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK b072121b-050d-41f8-b7ff-6282745125a7
https://irs.taxserv1.com/ Frame 2A0A 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/b072121b-050d-41f8-b7ff-6282745125a7
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37b8885acc0a44db3973daefe20605bd0567124d4f770ef527744aba4f202ec8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 1db5498f-175f-45c5-b3ab-95bad3058435
https://irs.taxserv1.com/ Frame 2A0A 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/1db5498f-175f-45c5-b3ab-95bad3058435
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37b8885acc0a44db3973daefe20605bd0567124d4f770ef527744aba4f202ec8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 20f3e3bb-31e0-4a74-8bc9-e06331fbb652
https://irs.taxserv1.com/ Frame 2A0A 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/20f3e3bb-31e0-4a74-8bc9-e06331fbb652
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37b8885acc0a44db3973daefe20605bd0567124d4f770ef527744aba4f202ec8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 1196f5b7-c55e-4bbc-84de-c2cbb1c5456d
https://irs.taxserv1.com/ Frame 2A0A 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/1196f5b7-c55e-4bbc-84de-c2cbb1c5456d
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37b8885acc0a44db3973daefe20605bd0567124d4f770ef527744aba4f202ec8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK 61702b22-96b5-49e5-ab11-1657f44be37f
https://irs.taxserv1.com/ Frame 2A0A 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/61702b22-96b5-49e5-ab11-1657f44be37f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37b8885acc0a44db3973daefe20605bd0567124d4f770ef527744aba4f202ec8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK cb05b0a1-bd87-4440-b015-d93a4167137f
https://irs.taxserv1.com/ Frame 2A0A 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/cb05b0a1-bd87-4440-b015-d93a4167137f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 37b8885acc0a44db3973daefe20605bd0567124d4f770ef527744aba4f202ec8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1720
Content-Type: application/javascript

GET
BLOB 200
OK bacbc137-1db5-413d-bc6b-848e459eefb7
https://irs.taxserv1.com/ Frame 2A0A 1 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://irs.taxserv1.com/bacbc137-1db5-413d-bc6b-848e459eefb7
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ec7223e9660854efef1f7533cdc046d87ca4ba8f70f08c1b0a3dc51d55df5af

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Content-Length: 1357
Content-Type: application/javascript

GET
H/1.1 200
OK check.js Show response
info.directpay.irs.gov/fp/ Frame 40C5 208 KB
29 KB 173ms
172ms Script
text/javascript 192.225.157.196
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://info.directpay.irs.gov/fp/check.js?&pageid=99998&session_id=c0bd800c5c334ea482427b22dcea7941&org_id=2febmm50&nonce=7488ee16070a2907

Requested by

Host: info.directpay.irs.gov
URL: https://info.directpay.irs.gov/fp/HP?session_id=c0bd800c5c334ea482427b22dcea7941&org_id=2febmm50&nonce=7488ee16070a2907&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.196 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

675c55cc96f0438718582da1d4e3b5446c6c716298b64a6e15c872e4fbd77af5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://info.directpay.irs.gov/fp/HP?session_id=c0bd800c5c334ea482427b22dcea7941&org_id=2febmm50&nonce=7488ee16070a2907&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 14:59:35 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: 7488ee16070a2907
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
info.directpay.irs.gov/fp/ Frame BAEF 0
387 B 163ms
162ms Script
text/javascript 192.225.157.196
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://info.directpay.irs.gov/fp/clear.png?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=d50814759e5d6d09&jac=1&je=303432262e6a666c3d31246866683d39313431353364606439353337673b3637606135353c62623139606136326338266264746c3f32383333373a3324786d3d6c6f2462697473763d2735402532326c6d74656e273030273343312e32382532412530327b74617675712730322533412d3032616a637065696c6725303a2537462663756c683d616135603b6536653630336361636134643263376333313239313631343e6235613333353b36623464306664363a343232333a6665366e3033646366383c353924657a313f663165653d3b63636435373334353736376c32343b3334373d323467393064646362383139316163

Requested by

Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/check.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.196 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 14:59:35 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=7794D8488D53BE38C5AE6C9FCBC1B2ED
info.directpay.irs.gov/fp/ Frame BAEF 0
400 B 163ms
162ms Image
image/png 192.225.157.196
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.directpay.irs.gov/fp/clear1.png;CIS3SID=7794D8488D53BE38C5AE6C9FCBC1B2ED?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=d50814759e5d6d09&jf=363136267b69645d726c663f7464725f6472594433514a61306a77794038376424736b6457646176653f3334393332333c35373124716b665f76797067357765603a67636c736124736b665d6b65793d3b32353b313233313034303730693836363861653b64303030333234303832613034343a6167316630313031323f3033363232303834646338616366653164646961333a30313464373a383660306439616435626c34656165303635633164356c66653432313733373b303961396132343563653f61666038613067363539396c3a36633164343630606163643d6336636132653d31623b33633435666566383e37373b363a333261353264633c6635633032626b33267169665d7169673d333836343230303236353432653a3a39333b3966336b30386465323a63386434306a6463376437366035353366633e3639606332633a39323666663230383130393b3335336131663232303034303d3865316166313f3732313935323b6231653930333263343b663533616336633e3537616633366964323331363661636239333d3437613060306035676626716166723f30

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.196 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 14:59:35 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
info.directpay.irs.gov/fp/ Frame B0C5 0
387 B 167ms
166ms Script
text/javascript 192.225.157.196
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://info.directpay.irs.gov/fp/clear.png?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=7488ee16070a2907&jf=3136246c7b623d6363346733373937656a373436336464633067363332313638603967323e3133

Requested by

Host: info.directpay.irs.gov
URL: https://info.directpay.irs.gov/fp/ls_fp.html;CIS3SID=72C2464500666FD7693A6DD8505028AF?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=7488ee16070a2907

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.196 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://info.directpay.irs.gov/fp/ls_fp.html;CIS3SID=72C2464500666FD7693A6DD8505028AF?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=7488ee16070a2907
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 14:59:35 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=72C2464500666FD7693A6DD8505028AF
info.directpay.irs.gov/fp/ Frame 2A0A 0
400 B 164ms
163ms Image
image/png 192.225.157.196
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://info.directpay.irs.gov/fp/clear1.png;CIS3SID=72C2464500666FD7693A6DD8505028AF?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=7488ee16070a2907&jf=36313a267b69645d726c663f7464725f654654464f516f4a65563453555d6e6624736b6457646176653f3334393332333c35373124716b665f76797067357765603a67636c736124736b665d6b65793d3b32353b313233313034303730693836363861653b64303030333234303832613034343a6167316630313031323f3033363232303834646338616366653164646961333a30313464373a383660306439616435626c34656165303635633164356c66653432313733373b303961396132343563653f61666038613067363539396c3a36633164343630606163643d6336636132653d31623b33633435666566383e37373b363a333261353264633c6635633032626b33267169665d7169673d33383636323030333230663639353a6563376364393031373462316132343234376d3b3567373a356639316434673c6564313761613133353264346732316633316937323332676436633232323338306364313a303a6432373630646063643032313b3567673b636461646532373e32643a3663393a30376134343561373538393a34303b6763616362673963303b3026716964723530

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.196 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 14:59:35 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=94
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=F4B5C4732E7D919A0B626353E4BD5185
h.online-metrix.net/fp/ Frame 5C86 0
400 B 17ms
16ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=F4B5C4732E7D919A0B626353E4BD5185?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=d50814759e5d6d09&jf=36313a267b69645d726c663f7464725f5931466541697850344e3745344c785424736b6457646176653f3334393332333c35373724716b665f76797067357765603a67636c736124736b665d6b65793d3b32353b313233313034303730693836363861653b64303030333234303832613034343a6167316630313031323f303336323230383432356437373a393336636b31313733616434633062613630623333333b363f33393065606364653336653e37633764333734373263393b3865363a3534636d66346134643037323238343963616667336660343b6334666e3732603733613838653b3636336438336464393237373060603430326462326b3838603335306e35267169665d7169673d333836363230303332303a6562343c3865313461643866623061353b33343937303d603431353432633733646261386332666630663f6539603333613a363366383032383a6466633a3032323233383062343361333c336537383b3363316332383f3a636061376435653b353360386433376461386d61633538323a363231633538373363633a303766313637373b3426716964723531

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=7794D8488D53BE38C5AE6C9FCBC1B2ED?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=d50814759e5d6d09
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 14:59:35 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 clear1.png;CIS3SID=6851E53C8C242B6ADEBBB5F0677B00ED
h.online-metrix.net/fp/ Frame 2028 0
400 B 18ms
17ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/fp/clear1.png;CIS3SID=6851E53C8C242B6ADEBBB5F0677B00ED?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=7488ee16070a2907&jf=363134267b69645d726c663f7464725f7b776b4e637a43314d4477626372696224736b6457646176653f3334393332333c35373724716b665f76797067357765603a67636c736124736b665d6b65793d3b32353b313233313034303730693836363861653b64303030333234303832613034343a6167316630313031323f3033363232303834666132666436623235636e3630363a633260666735633a6a393460663b643c63333434363434313766353f603936616330343563646133303661346667666b3461343432633137616136393130316460376732346231363d3061336261623162663a63333736663464646c3a393b363b3631313a6532646b3933343964316d31267169665d7169673d333836353230303332303b6636606b3265363960643066373138676031653838383e3164353035673161633330636d38323a3436656e66616036636131623136386e603431673361376332323232386465666630333a64666335313b32363838383f3033343b31333164373865636c3935613435336d3761343460373b396563396b3a61323232346461613061342e736964723f31

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://h.online-metrix.net/fp/sid_fp.html;CIS3SID=72C2464500666FD7693A6DD8505028AF?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=7488ee16070a2907
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 14:59:35 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ARF;CIS3SID=9927979B8D08F520580DA23CE90F20A8 Show response
info.directpay.irs.gov/fp/ Frame E0FB 35 B
557 B 164ms
164ms Script
text/javascript 192.225.157.196
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://info.directpay.irs.gov/fp/ARF;CIS3SID=9927979B8D08F520580DA23CE90F20A8?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=d50814759e5d6d09&pageid=99998&sera_parametere=AkUNWQlXBA0ABwxWB1UHX1FRBw9UAwcBW1AHBVUBBA9RUwddBQVUDFhSDUJFFw1QCkVFTEIRBHEcUndBASAVC1RfQ11dUVpQVxFGQQUgFQ4mBRUPdREFBVEKRhBFQQN9QQJyHQZwEVFQWABRUFEAXwUEA1oFUQZTD1BXXFQCUVgAA1RbBgMOVglVVAVSVAYAXVcWVl5aVFAEAQBUDlUEDlEMVQ1VAlMFAENfFwtUSFoGAAIPUgIDB1sDDVcABwAAUANVCQkABAMIVwJVBwcHClYDBAwDDFMTWAwIVQZRBA1CXFkFHAURRVBYDF0PXQgfDF4NHlMJdF1LClgBEAZGBFUEBh5TW0QIbgxbAFkTQx8HVw1MVU5oVlgJWQZXB1sfAUENDwE%3D&count=0&max=0

Requested by

Host: info.directpay.irs.gov
URL: https://info.directpay.irs.gov/fp/check.js?&pageid=99998&session_id=c0bd800c5c334ea482427b22dcea7941&org_id=2febmm50&nonce=d50814759e5d6d09

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.196 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

8fa5d65d7f2b645ef899b483736b059de36895c0ca97a1654daad1282d031735

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://info.directpay.irs.gov/fp/HP?session_id=c0bd800c5c334ea482427b22dcea7941&org_id=2febmm50&nonce=d50814759e5d6d09&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 14:59:35 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=93
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
info.directpay.irs.gov/fp/ Frame 2A0A 0
387 B 162ms
162ms Script
text/javascript 192.225.157.196
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://info.directpay.irs.gov/fp/clear.png?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=7488ee16070a2907&jac=1&je=303536262e6a666c3d31246866683d39313431353364606439353337673b3637606135353c62623139606136326338266264746c3f32383035383326756d693d372e35392639382c333524726d3d6e6f2e60617671763f273740253230646576676c27323a253343312c3232253243253a30737663767771253032253149253230636a617a67696c67273030253744266977646a3f616335623b6536673e3831616363633e6632633761333b323933363b36366037613133373b3662366c386466343a363830333a66673664303366636c3a34373b24677a333f6631676d3539616164373d31343537343766323439333e35353036673b30666463623a3931336361

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.196 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 14:59:35 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content clear.png Show response
info.directpay.irs.gov/fp/ Frame BAEF 0
387 B 163ms
162ms Script
text/javascript 192.225.157.196
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://info.directpay.irs.gov/fp/clear.png?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=d50814759e5d6d09&jac=1&je=333524267f65693f352c353b2e39382e3b35

Requested by

Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/check.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.196 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 14:59:35 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ARF;CIS3SID=EB961144E2639D212E598D19DFFD127D Show response
info.directpay.irs.gov/fp/ Frame 40C5 35 B
557 B 162ms
162ms Script
text/javascript 192.225.157.196
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://info.directpay.irs.gov/fp/ARF;CIS3SID=EB961144E2639D212E598D19DFFD127D?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=7488ee16070a2907&pageid=99998&sera_parametere=UUQFWlQDAAECAwVTClwJVFFQXA9TUwAAVgZSAgcIBVRRAAtZBlUIV1FWVUdBSg1eWURNTBZAAnIVAHJEBX0VBQdeS10JAFxTXkNDRAF9FQB1BB0PIUADBlhYQxVBHANzEgN6HVIhF1JZCgVUVAwAUVYFC1pRAABQBgJSWVBfUVZTAlxbUlIIVQAHUQBWCQYODlYeVgoLUlMNAARZClxVBgEEDwgEVwgGBxFaEg8JSFYEUgpdUFcCUlIDAQAKWFQGUQMJW1ZcAAVUDgNSAlpRUlVQDV1UVQcQUV4NUAIMBAMRXVEFSFQXRlkKCVgLAAgRX18FHgdYcl5CWF0EFFtGCgYFDh4HCkILZ15eBV1OQxFUVgVMAR9uVVFbXANTWlsRUkAFDV0%3D&count=0&max=0

Requested by

Host: info.directpay.irs.gov
URL: https://info.directpay.irs.gov/fp/check.js?&pageid=99998&session_id=c0bd800c5c334ea482427b22dcea7941&org_id=2febmm50&nonce=7488ee16070a2907

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.196 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

0116d8a59a08024f65c8de7ec9e177898dad43391290dc9d1709a7ed450b4194

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://info.directpay.irs.gov/fp/HP?session_id=c0bd800c5c334ea482427b22dcea7941&org_id=2febmm50&nonce=7488ee16070a2907&mode=2&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 28 Aug 2023 14:59:35 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=92
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 94750391
mc.yandex.ru/webvisor/ 43 B
0 298ms
122ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/94750391?wv-part=1&wmode=0&wv-hit=296023496&page-url=https%3A%2F%2Firs.taxserv1.com%2F&rn=399321183&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1693234776%3Aw%3A1600x1200%3Av%3A1093%3Az%3A120%3Ai%3A20230828165936%3Au%3A1693234773705316338%3Avf%3Aeygqx1x5sixaiiudghr9l27%3Ast%3A1693234776&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://irs.taxserv1.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 14:59:36 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 28-Aug-2023 14:59:36 GMT
content-type: image/gif
access-control-allow-origin: https://irs.taxserv1.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 28-Aug-2023 14:59:36 GMT

GET
H/1.1 204
204 clear3.png;CIS3SID=7794D8488D53BE38C5AE6C9FCBC1B2ED Show response
info.directpay.irs.gov/fp/ Frame BAEF 0
218 B 162ms
162ms Script
text/javascript 192.225.157.196
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://info.directpay.irs.gov/fp/clear3.png;CIS3SID=7794D8488D53BE38C5AE6C9FCBC1B2ED?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=d50814759e5d6d09&je=33363a267a643d247266763f363333333b2f313732322e373932302d333d30302e353b30392d313730322e373930322d393730322e373b32332f313532382c3331383b2d393530322c373b37302d313538322c373b31332f313730302e3d39333b2d333538302c3430313b2f3135303024373936362f333730322c36323c302d3335323024353931382f333730302c353a35392f333732322c3530373225313532302e323931322f31373232

Requested by

Host: irs.taxserv1.com
URL: https://irs.taxserv1.com/check_files/check.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.196 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 14:59:36 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=91
Content-Type: text/javascript;charset=UTF-8

POST
H2 200 94750391
mc.yandex.ru/webvisor/ 43 B
0 63ms
63ms Fetch
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/webvisor/94750391?wv-part=1&wmode=0&wv-hit=296023496&page-url=https%3A%2F%2Firs.taxserv1.com%2F&rn=837111107&wv-type=3&browser-info=we%3A1%3Aet%3A1693234776%3Aw%3A1600x1200%3Av%3A1093%3Az%3A120%3Ai%3A20230828165936%3Au%3A1693234773705316338%3Avf%3Aeygqx1x5sixaiiudghr9l27%3Ast%3A1693234776&t=gdpr(14)ti(1)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://irs.taxserv1.com/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 28 Aug 2023 14:59:36 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 28-Aug-2023 14:59:36 GMT
content-type: image/gif
access-control-allow-origin: https://irs.taxserv1.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Mon, 28-Aug-2023 14:59:36 GMT

GET
H/1.1 204
204 clear3.png;CIS3SID=72C2464500666FD7693A6DD8505028AF Show response
info.directpay.irs.gov/fp/ Frame 2A0A 0
218 B 163ms
162ms Script
text/javascript 192.225.157.196
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://info.directpay.irs.gov/fp/clear3.png;CIS3SID=72C2464500666FD7693A6DD8505028AF?org_id=2febmm50&session_id=c0bd800c5c334ea482427b22dcea7941&nonce=7488ee16070a2907&je=33363a267a643d247266763f363333333b2f313732322e373932302d333d30302e353b30392d313730322e373930322d393730322e373b32332f313532382c3331383b2d393530322c373b37302d313538322c373b31332f313730302e3d39333b2d333538302c3430313b2f3135303024373936362f333730322c36323c302d3335323024353931382f333730302c353a35392f333732322c3530373225313532302e323931322f31373232

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.225.157.196 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://irs.taxserv1.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.110 Safari/537.36

Response headers

Date: Mon, 28 Aug 2023 14:59:36 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=90
Content-Type: text/javascript;charset=UTF-8

POST 94750391
mc.yandex.ru/webvisor/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mc.yandex.ru
URL: https://mc.yandex.ru/webvisor/94750391?wv-part=2&wmode=0&wv-hit=296023496&page-url=https%3A%2F%2Firs.taxserv1.com%2F&rn=200807751&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1693234778%3Aw%3A1600x1200%3Av%3A1093%3Az%3A120%3Ai%3A20230828165937%3Au%3A1693234773705316338%3Avf%3Aeygqx1x5sixaiiudghr9l27%3Ast%3A1693234778&t=gdpr(14)ti(1)

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: IRS (Government)

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
irs.taxserv1.com/	1970-01-20 14:22:01	Name: num Value: 18881
irs.taxserv1.com/	1970-01-20 23:56:34	Name: __utma Value: 1.234993974.1693234773.1693234773.1693234773.1
irs.taxserv1.com/	1969-12-31 23:59:59	Name: __utmc Value: 1
irs.taxserv1.com/	1970-01-20 18:43:22	Name: __utmz Value: 1.1693234773.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
irs.taxserv1.com/	1970-01-20 14:20:35	Name: __utmt Value: 1
irs.taxserv1.com/	1970-01-20 14:20:36	Name: __utmb Value: 1.1.10.1693234773
.taxserv1.com/	1970-01-20 23:56:34	Name: _ga_BH2P3PXCDN Value: GS1.1.1693234772.1.0.1693234773.0.0.0
.taxserv1.com/	1970-01-20 23:56:34	Name: _ga Value: GA1.2.707347912.1693234773
.taxserv1.com/	1970-01-20 14:22:01	Name: _gid Value: GA1.2.225153176.1693234773
.taxserv1.com/	1970-01-20 23:06:10	Name: _ym_uid Value: 1693234773705316338
.taxserv1.com/	1970-01-20 23:06:10	Name: _ym_d Value: 1693234773
.taxserv1.com/	1970-01-20 14:21:46	Name: _ym_isad Value: 2
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 879560141693234773
.yandex.ru/	1970-01-20 23:56:34	Name: i Value: rbF87HIQOikJplffN7LnflnXIXD8bgGdaSf1EsMvIreBAB910nOn5Tl8dVy+6v3cWeFwwi+iW+C8I1DfYADNLnnt8mk=
.yandex.ru/	1970-01-20 23:56:34	Name: yandexuid Value: 3239684941693234773
.yandex.ru/	1970-01-20 23:06:10	Name: yuidss Value: 3239684941693234773
.yandex.ru/	1970-01-20 23:06:10	Name: ymex Value: 1724770773.yrts.1693234773#1724770773.yrtsi.1693234773
.yandex.ru/	1970-01-20 23:06:10	Name: bh Value: KgI/MA==
.taxserv1.com/	1970-01-20 14:20:36	Name: _ym_visorc Value: w
.taxserv1.com/	1970-01-20 14:20:34	Name: _gat_UA626081378 Value: 1
h.online-metrix.net/	1970-01-20 23:56:34	Name: thx_global_guid Value: 0c5f51e03aef4c3b8441cb43407526f4

45 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://irs.taxserv1.com/img/bgBody.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://irs.taxserv1.com/img/arrow_right.svg Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://irs.taxserv1.com/check_files/saved_resource.html Message: Refused to execute script from 'https://irs.taxserv1.com/check_files/clear.png' because its MIME type ('image/png') is not executable.
security	error	URL: https://irs.taxserv1.com/check_files/saved_resource.html Message: Refused to execute script from 'https://irs.taxserv1.com/check_files/clear(1).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://irs.taxserv1.com/check_files/saved_resource.html Message: Refused to execute script from 'https://irs.taxserv1.com/check_files/clear(3).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://irs.taxserv1.com/check_files/saved_resource.html Message: Refused to execute script from 'https://irs.taxserv1.com/check_files/clear3.png' because its MIME type ('image/png') is not executable.
security	error	URL: https://irs.taxserv1.com/check_files/saved_resource.html Message: Refused to execute script from 'https://irs.taxserv1.com/check_files/clear(4).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://irs.taxserv1.com/check_files/saved_resource.html Message: Refused to execute script from 'https://irs.taxserv1.com/check_files/clear(5).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://irs.taxserv1.com/check_files/saved_resource.html Message: Refused to execute script from 'https://irs.taxserv1.com/check_files/clear3(1).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://irs.taxserv1.com/check_files/saved_resource.html Message: Refused to execute script from 'https://irs.taxserv1.com/check_files/clear3(2).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://irs.taxserv1.com/check_files/saved_resource.html Message: Refused to execute script from 'https://irs.taxserv1.com/check_files/clear3(3).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://irs.taxserv1.com/check_files/saved_resource.html Message: Refused to execute script from 'https://irs.taxserv1.com/check_files/clear3(3).png' because its MIME type ('image/png') is not executable.
security	error	URL: https://irs.taxserv1.com/check_files/ls_fp.html Message: Refused to execute script from 'https://irs.taxserv1.com/check_files/clear(7).png' because its MIME type ('image/png') is not executable.
worker	warning	URL: blob:https://irs.taxserv1.com/101a3c74-bf20-4de8-90db-855f11d9fa4d(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5900/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://irs.taxserv1.com/7af36b01-cf86-465d-a745-742520dde36e(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:63333/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://irs.taxserv1.com/e5596ec1-366b-455c-ab85-4c90db16a42b(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5950/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://irs.taxserv1.com/e9bce68b-8cec-48d7-8f25-e6c64648c047(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5902/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://irs.taxserv1.com/7912e470-f0af-4442-a5d0-a68f4dd901e2(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5931/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://irs.taxserv1.com/abd402d0-c10a-46ec-9c47-39036f21e28c(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:3389/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://irs.taxserv1.com/243a76d8-9c54-4ffc-b215-03bc36f6f66d(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5939/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://irs.taxserv1.com/8f2a7414-0da4-4223-90da-75b912247830(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5944/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://irs.taxserv1.com/e0343e7a-f30f-4072-baa7-dba2161ae03b(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5901/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://irs.taxserv1.com/317de07e-765c-4182-b22f-ed27c2e30bbe(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5903/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://irs.taxserv1.com/94a8e0f0-7d89-4fe2-b812-0228329769c7(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:6039/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://irs.taxserv1.com/236d3720-bf86-4350-a9f2-9320223b2917(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:6040/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://irs.taxserv1.com/d8982703-9717-4d2e-84c2-1a816972f758(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5279/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://irs.taxserv1.com/aad08eba-ce81-4672-8b53-89049da30101(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:2112/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://irs.taxserv1.com/ce8bc85d-7f25-46a6-92ef-6cc4eb576050(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:7070/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://irs.taxserv1.com/6b4df623-b622-418e-919e-97ba48753712(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5938/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://irs.taxserv1.com/215d6f93-705f-4508-b631-5650695d76d4(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5902/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://irs.taxserv1.com/e5b97910-5b39-4170-bc90-17831637f631(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:63333/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://irs.taxserv1.com/6cc6169a-2639-448e-8561-97e9e6dd2a59(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5900/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://irs.taxserv1.com/61702b22-96b5-49e5-ab11-1657f44be37f(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:7070/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://irs.taxserv1.com/20f3e3bb-31e0-4a74-8bc9-e06331fbb652(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5938/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://irs.taxserv1.com/ca48250d-832c-40ec-a0d9-7eb8f32bc962(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5903/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://irs.taxserv1.com/b072121b-050d-41f8-b7ff-6282745125a7(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5944/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://irs.taxserv1.com/1196f5b7-c55e-4bbc-84de-c2cbb1c5456d(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5279/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://irs.taxserv1.com/67e055e1-7118-4aa7-8b34-a6fb6638ef0e(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5901/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://irs.taxserv1.com/ef795055-6f4b-4083-b960-e945ad96e318(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5931/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://irs.taxserv1.com/c00ee7f1-2d9e-4999-8764-dbc5ae3e46f4(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:3389/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://irs.taxserv1.com/edef4412-06e0-4224-bb07-baae20ed443f(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5950/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://irs.taxserv1.com/cb05b0a1-bd87-4440-b015-d93a4167137f(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:2112/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://irs.taxserv1.com/1db5498f-175f-45c5-b3ab-95bad3058435(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:6040/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://irs.taxserv1.com/738acbc7-179b-40c8-995a-6c21b8f92546(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:5939/' failed: WebSocket is closed before the connection is established.
worker	warning	URL: blob:https://irs.taxserv1.com/a6356aaa-7e0e-4074-a90e-954fe6b1ae7b(Line 16) Message: WebSocket connection to 'wss://127.0.0.1:6039/' failed: WebSocket is closed before the connection is established.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2febmm503oly67rfhpz3pxxuui4jdqgon5tco3427488ee16070a2907sac.d.aa.online-metrix.net
2febmm503oly67rfhpz3pxxuui4jdqgon5tco342d50814759e5d6d09sac.d.aa.online-metrix.net
cdnjs.cloudflare.com
h.online-metrix.net
info.directpay.irs.gov
irs.taxserv1.com
mc.yandex.ru
region1.google-analytics.com
resources.digital-cloud-gov.medallia.com
ssl.google-analytics.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
mc.yandex.ru
192.225.157.196
192.225.158.3
2001:4860:4802:34::36
23.60.201.14
2606:4700::6811:180e
2a00:1450:4001:80e::2008
2a00:1450:4001:81c::2008
2a00:1450:4001:82f::200e
2a00:1450:400c:c07::9c
2a02:6b8::1:119
2a06:98c1:3120::3
91.235.132.130
0116d8a59a08024f65c8de7ec9e177898dad43391290dc9d1709a7ed450b4194
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0983d3d4e5026eed7f446fc908b57f81be0a4eeabe9259dc43ac11bd86bacc81
09c349050558ce0eb84f8f6f605ee4c027e4c921a16f028de1b82fafd90bc0c8
0dfb08f59893dd8acaa2fe824dd2fc333a42d9d58bad3b052d992b4ceab37f9c
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
18f2f2901672ec694e98fa40ab95eb48b9c8fbcc10c88c2278cf51681fce7127
1a071a549202c49b253b1fd97eff694192d632d9af15bc61843e3701430d42bd
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e212c6a9e1ebc5763832310329f7e856cd9919605ed81b9ef8c7d1f17b4437e
2433e3c8e676154df0bead80045af38e1b0075cef6f6152a52f58df46d5d0ee5
268102000f5073690e61d4a9b08db156dc4aa4d37ed2086b7777bb1e946a3bc5
37b8885acc0a44db3973daefe20605bd0567124d4f770ef527744aba4f202ec8
38490a4da6ac2cf6bae835c17df8c7598b869875b4702d5217c1679cca5afb3a
3a669be2f9c08962e3220e1b746277ed0ccbbfd03334a1f01fcdec86aa89b423
41a0e405588336d83dd730d44cf5a2f433485f2eb02e168d3a1b1b9844e55c16
46085f5956a67773b659f5527032cd73c05c5a9d988ace30f82b07a47e6314ac
4a33e9f5440e70bb8309176f8753cb1ca6eacf399fadb3f7a43af61a79ad361c
52806ae20a2ecd4944e5db73778df04d99e0922c65975a34e0cbbfc1d30a90bd
537078cdd8337f9fe67bba7e6cfac79df68f39a160a10827d625261bbeeaf921
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56551fdf18226201a072c40d241b7d4a1cd314331974c1f7a97af6ceb386436f
57bfcdfe436a22ff8228329eb486927050aea8430b1072df29b09706d85a5890
59481b296926f37d85b305c82875a411f50b19f597f8e9eba5f8fbd9443d013d
63a7d1249ffbd7b264b5e862e321f3aae03760f9d3066dd180fb108fe822bee5
675c55cc96f0438718582da1d4e3b5446c6c716298b64a6e15c872e4fbd77af5
6b3a06ea97775687ba13785d739674d655bb8220443fdf159267ff7defc761ef
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
78cc2f3a4c1e4cbe3dc0a28cf51b113d0167ddd8ead8da6c0f28c2ad5774e372
7b142db4a05d3e2cb0649a4a2e82a4d4b360469725d5a1f51e27b0d5ff1b5700
7d2f687307f75cc5c9d008863b428130ffe153bfd2d8644eb5bff97f209cdf5b
7e1ebe50b3074554dc008d25c77c6cc8376ac7dbfe0d25b3c53804d4360b1869
7e67eb328695d2ff7528a6729a1cf156d59d918b6405ac8c77f5c3452081e7a3
7ec7223e9660854efef1f7533cdc046d87ca4ba8f70f08c1b0a3dc51d55df5af
7fcb2a42d3af9934615fac75469340624e23fbdc2bf745fb310bc897af23bf73
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8fa5d65d7f2b645ef899b483736b059de36895c0ca97a1654daad1282d031735
92e77aabcff2290be4a0cd8dca9686b0198bf670e29a6ca69f950d3b90d01471
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
981ab63a9bbe045c3f301626f60359b861b6ddd96b5edec8277fc571e1d3d1ef
989a73eb9e9faa5bcf87eb500ba218549b0b1ef37dc53d9ac948b33010bd78da
9f0dd60c7aa8869201f7998df6d4901a59151a79cce43515042964cbd4312b10
a51dcc786db972511f28b7d9c1988cdd218688759999e84b6c46d22965a35ade
a630d609ed1e7d3b47dfbb9f07f81c73be69dbc35b019d28c0d4cd218525b020
a9c2e6760945e3d076f3ad6e778ce24e8b0707eef93a59d12de67e61d469c52d
b5b933f941205b4184e70eba88803ee586c876433cd6e27f95c69ac987eacfb8
ca9e077c8eaeeabdf51be4d17094cbf9a2567667cfb8b82fc455aecb0a6673ff
cabcbfa75efbc9230a0037ac6a015b139fd35950fdbd59e3024bf7954a48638d
cbf260bac255e21bbbb374a973276526f62273e4d435579998cfda0721d050bb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0100f3b94e8abeae9925dc8db0f6c47787066ccd75c6c3f1733ae982117c782
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6128a3c98719237d52c85ca4ba81aea1400d356b9829839e53e84286741c915
fd1d6010ba0dd70844cc60bb85fb0378b452c43985b0b4ebe45d00694b5a9f2a

irs.taxserv1.com Open in urlscan Pro 2a06:98c1:3120::3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

149 Requests

74 %HTTPS

67 %IPv6

9 Domains

13 Subdomains

13 IPs

4 Countries

1343 kBTransfer

5244 kBSize

21 Cookies

8 Outgoing links

Redirected requests

149 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

irs.taxserv1.com Open in urlscan Pro
2a06:98c1:3120::3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

149
Requests

74 %
HTTPS

67 %
IPv6

9
Domains

13
Subdomains

13
IPs

4
Countries

1343 kB
Transfer

5244 kB
Size

21
Cookies

149 HTTP transactions
0 data transactions